2df990da50e6b25a4399560084c82d33_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2df990da50e6b25a4399560084c82d33_JaffaCakes118
Size

412KB
MD5

2df990da50e6b25a4399560084c82d33
SHA1

a1e59252a0079b5bc71704ba888c019031246654
SHA256

c5bf030164feb03e95e62d80e6f246fd483c803f184db1042a4b447c6e64495c
SHA512

817a00031f2c8b7ce707fad49050366063bce5178ff2f8afbbc5cda0be3ce75c6074c8fa3b74c8f864fcaea6607e6f25aa866e73b7266cc1696a84fdd803fca4
SSDEEP

3072:YPf/nBXKyYCrx0SVx58Ff7kflddQStVC8EHaxWfkruvrCafEcECXsIY9wcfO/:Yn/ntKBCr1V38FfuldiS7JfD4sIYH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2df990da50e6b25a4399560084c82d33_JaffaCakes118

Files

2df990da50e6b25a4399560084c82d33_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b1450eec5f5afde7c84d9d4742eccacf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ntdll

_strupr
atan
ceil
cos
log
memmove
pow
sin
sqrt
swprintf
tan
wcscat
wcschr
wcscmp
wcscpy
wcslen

advapi32

RegCloseKey
RegOpenKeyExW
RegQueryValueExW

gdi32

GetStockObject
GetTextExtentPoint32W
SetTextColor

kernel32

DeleteCriticalSection
EnterCriticalSection
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetProcAddress
GetProfileStringW
GetStartupInfoW
GetSystemTimeAsFileTime
GetTickCount
GlobalAlloc
GlobalLock
GlobalUnlock
InitializeCriticalSection
InterlockedCompareExchange
InterlockedExchange
LeaveCriticalSection
LoadLibraryA
QueryPerformanceCounter
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsGetValue
UnhandledExceptionFilter
VirtualProtect
VirtualQuery
WriteProfileStringW

msvcrt

__dllonexit
__iob_func
__lconv_init
__p__winmajor
__set_app_type
__setusermatherr
__wgetmainargs
__winitenv
_amsg_exit
_cexit
_finite
_fmode
_initterm
_isnan
_lock
_onexit
_strdup
_unlock
_wcmdln
abort
acos
asin
calloc
cosh
exit
exp
fmod
fprintf
fputs
free
log10
malloc
modf
signal
sinh
swscanf
tanh
vfprintf

user32

AppendMenuW
CheckMenuItem
CloseClipboard
CreateDialogParamW
CreatePopupMenu
DestroyMenu
DestroyWindow
DialogBoxParamW
DispatchMessageW
DrawFrameControl
DrawStateW
EmptyClipboard
EnableMenuItem
EnableWindow
EndDialog
GetAsyncKeyState
GetClassNameW
GetClipboardData
GetDlgItem
GetFocus
GetKeyboardLayout
GetKeyboardState
GetMenu
GetMessageW
GetParent
GetSubMenu
GetSystemMetrics
GetWindowLongW
GetWindowRect
GetWindowTextW
IsClipboardFormatAvailable
IsWindow
IsWindowEnabled
LoadIconW
LoadMenuW
LoadStringW
MapVirtualKeyExW
MoveWindow
OpenClipboard
PostMessageW
PostQuitMessage
SendDlgItemMessageW
SendMessageW
SetClipboardData
SetFocus
SetMenu
ShowWindow
ToAsciiEx
TrackPopupMenu
TranslateMessage

Sections

.text
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 4KB - Virtual size: 52B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 4KB - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 312KB - Virtual size: 310KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rossym
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b1450eec5f5afde7c84d9d4742eccacf

Headers

File Characteristics

Imports

ntdll

advapi32

gdi32

kernel32

msvcrt

user32

Sections

.text Size: 28KB - Virtual size: 25KB

.data Size: 4KB - Virtual size: 32B

.rdata Size: 8KB - Virtual size: 7KB

.bss Size: - Virtual size: 2KB

.idata Size: 4KB - Virtual size: 3KB

.CRT Size: 4KB - Virtual size: 52B

.tls Size: 4KB - Virtual size: 32B

.rsrc Size: 312KB - Virtual size: 310KB

.rossym Size: 44KB - Virtual size: 43KB

.text
Size: 28KB - Virtual size: 25KB

.data
Size: 4KB - Virtual size: 32B

.rdata
Size: 8KB - Virtual size: 7KB

.bss
Size: - Virtual size: 2KB

.idata
Size: 4KB - Virtual size: 3KB

.CRT
Size: 4KB - Virtual size: 52B

.tls
Size: 4KB - Virtual size: 32B

.rsrc
Size: 312KB - Virtual size: 310KB

.rossym
Size: 44KB - Virtual size: 43KB