2dd6713c3d256dd77b45a92f85bcf94d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2dd6713c3d256dd77b45a92f85bcf94d_JaffaCakes118
Size

1.0MB
MD5

2dd6713c3d256dd77b45a92f85bcf94d
SHA1

fdb6f5a41ba5f3e42fe98e9342dbc596f2e3bbee
SHA256

706135cb38b68fcbf5a284314d312c9f6aa2d200312e34f6ff0c079a9668ebfd
SHA512

34692145e8eb1814aeb483d9f9895cfaad79d1f6ab90db63cf6e31f0fa08eb2324cb10e3a73ff3d2cd939204bfae374a235677536a740fbdaeeef3a9109c905c
SSDEEP

24576:LJ904A6yEn2fCIg6ai4FkT7P0RX9d9g1F4d0inhxpeqK24QeX:LM4O0sCQa7FN9g1F4thvetQe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2dd6713c3d256dd77b45a92f85bcf94d_JaffaCakes118

Files

2dd6713c3d256dd77b45a92f85bcf94d_JaffaCakes118
.exe windows:5 windows x86 arch:x86

97aa565d222ed5df82e3e52e88edc0b3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

winspool.drv

DeleteMonitorW

user32

MoveWindow
BeginDeferWindowPos
EndDeferWindowPos
LoadStringW
CopyImage
GetWindowLongW
IsRectEmpty
SetRectEmpty
ScreenToClient
SetCursor
GetWindowRect
ShowScrollBar
SetScrollRange
RedrawWindow
GetDCEx
GetTabbedTextExtentW
TrackPopupMenuEx
CharPrevW
GetClipboardOwner
GetDlgCtrlID

advapi32

RegQueryInfoKeyW
RegOpenKeyExW
RegEnumValueW
RegCreateKeyExW
RegCloseKey
RegSetValueExW

comctl32

CreateStatusWindowW
CreateToolbarEx
ImageList_SetIconSize
ImageList_GetIconSize
ImageList_GetDragImage
ImageList_DragShowNolock
ImageList_SetDragCursorImage
_TrackMouseEvent
ImageList_DragLeave
ImageList_EndDrag
ImageList_LoadImageW
ImageList_GetIcon
ImageList_Remove
ImageList_DrawIndirect
ImageList_AddMasked
ImageList_Replace
FlatSB_GetScrollInfo
FlatSB_GetScrollPos
FlatSB_SetScrollPos
FlatSB_SetScrollInfo
InitializeFlatSB
ImageList_DragMove
CreatePropertySheetPageW
DestroyPropertySheetPage
ImageList_Create
ImageList_Destroy
ImageList_Add
ImageList_Draw

kernel32

LoadLibraryExW
RtlUnwind
OutputDebugStringW
HeapAlloc
HeapReAlloc
GetStringTypeW
HeapSize
LCMapStringW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetStdHandle
SetFilePointerEx
WriteConsoleW
GetFileAttributesW
GetProcAddress
GetVersion
VirtualAlloc
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetCurrentThreadId
LeaveCriticalSection
SetFilePointer
CloseHandle
EscapeCommFunction
GetTickCount
TlsAlloc
TlsSetValue
TlsFree
CreateMutexW
GlobalFindAtomW
CreateFileW
DeleteFileW
ReplaceFileW
FindVolumeMountPointClose
GetACP
GetConsoleWindow
IsProcessorFeaturePresent
IsDebuggerPresent
GetCPInfo
GetOEMCP
GetCommandLineW
GetLastError
SetLastError
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
MultiByteToWideChar
WideCharToMultiByte
GetProcessHeap
GetStdHandle
GetFileType
DeleteCriticalSection
GetStartupInfoW
GetModuleFileNameW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
Sleep
GetCurrentProcess
TerminateProcess
TlsGetValue
GetModuleHandleW
EnterCriticalSection
HeapFree
IsValidCodePage

userenv

EnterCriticalPolicySection
GetUserProfileDirectoryW

secur32

DeleteSecurityContext

Sections

.text
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 968KB - Virtual size: 7.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

97aa565d222ed5df82e3e52e88edc0b3

Headers

File Characteristics

Imports

winspool.drv

user32

advapi32

comctl32

kernel32

userenv

secur32

Sections

.text Size: 85KB - Virtual size: 84KB

.data Size: 968KB - Virtual size: 7.7MB

.idata Size: 4KB - Virtual size: 3KB

.xdata Size: 8KB - Virtual size: 8KB

.text
Size: 85KB - Virtual size: 84KB

.data
Size: 968KB - Virtual size: 7.7MB

.idata
Size: 4KB - Virtual size: 3KB

.xdata
Size: 8KB - Virtual size: 8KB