2df2ce148f8cadd995b146606ab02fef_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2df2ce148f8cadd995b146606ab02fef_JaffaCakes118
Size

292KB
MD5

2df2ce148f8cadd995b146606ab02fef
SHA1

bf7344140b981bdc24b8f065fab6dda5c3419147
SHA256

92c29cbb855e9063061dcfc9c205a672c69a405633f0b1781518f3801ca16bb3
SHA512

017ff03b8e83ce0541a6a4e7a0581ee1d660188d3bc2481919d465ecc02036ee384817a9d99dc9139382a239622b8f79e0bd83b8808966c907f074ef02b54ffc
SSDEEP

3072:vKF4z5RUYfiu79iq1YHJiHFvdHw2LGQKihrieFPgjySz9UNottJ5//5lfr2qR:vKF4z5RBfwgtHjGwijyloF72qR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
2df2ce148f8cadd995b146606ab02fef_JaffaCakes118

Files

2df2ce148f8cadd995b146606ab02fef_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3461acfe21b83749e21e7ac8be35e8a1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
LoadLibraryW
GetSystemTimeAdjustment
GetACP
ExitThread
GetStartupInfoW
FillConsoleOutputCharacterW
GetLastError
GetProcAddress
GlobalFree
LoadLibraryA
AddAtomA
WriteProfileStringA
FindFirstChangeNotificationA
FreeEnvironmentStringsA
GetCurrentDirectoryA
SetProcessShutdownParameters
CompareStringW
CompareStringA
GetTimeZoneInformation
CloseHandle
CreateFileA
GetLocaleInfoW
FlushFileBuffers
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetComputerNameW
FindCloseChangeNotification
FindResourceExW
GetCPInfo
VirtualProtect
ExitProcess
GetDateFormatA
GetTimeFormatA
GetStringTypeW
GetStringTypeA
GetCommandLineA
GetStartupInfoA
RaiseException
RtlUnwind
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
HeapFree
MultiByteToWideChar
ReadFile
EnterCriticalSection
LeaveCriticalSection
GetModuleHandleW
Sleep
WriteFile
GetStdHandle
GetModuleFileNameA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
SetHandleCount
GetFileType
DeleteCriticalSection
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetCurrentThreadId
InterlockedDecrement
GetCurrentThread
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
SetFilePointer
GetConsoleCP
GetConsoleMode
GetOEMCP
IsValidCodePage
FatalAppExitA
VirtualAlloc
HeapReAlloc
SetStdHandle
HeapSize
SetConsoleCtrlHandler
FreeLibrary
InterlockedExchange
InitializeCriticalSectionAndSpinCount
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
LCMapStringA
LCMapStringW
SetEnvironmentVariableA

user32

GetNextDlgTabItem
CloseClipboard
BeginPaint
PeekMessageA
SetThreadDesktop
RegisterRawInputDevices
OpenClipboard
GetClipboardSequenceNumber
CallMsgFilterA
MapVirtualKeyExA

gdi32

CreateCompatibleDC
SetStretchBltMode
GetSystemPaletteEntries
CreateDiscardableBitmap
SetPixel

shell32

ShellAboutA
DragQueryFileW
ShellExecuteW

Sections

.text
Size: 183KB - Virtual size: 183KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3461acfe21b83749e21e7ac8be35e8a1

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

Sections

.text Size: 183KB - Virtual size: 183KB

.rdata Size: 18KB - Virtual size: 17KB

.data Size: 10KB - Virtual size: 30KB

.rsrc Size: 73KB - Virtual size: 73KB

.reloc Size: 6KB - Virtual size: 6KB

.text
Size: 183KB - Virtual size: 183KB

.rdata
Size: 18KB - Virtual size: 17KB

.data
Size: 10KB - Virtual size: 30KB

.rsrc
Size: 73KB - Virtual size: 73KB

.reloc
Size: 6KB - Virtual size: 6KB