2e16ddb2661e97a6648295d338614896_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2e16ddb2661e97a6648295d338614896_JaffaCakes118
Size

2.2MB
MD5

2e16ddb2661e97a6648295d338614896
SHA1

810d3f59e62f795761290066b6928dd1ccf54ddc
SHA256

239a364c1532761c12360343fb8afac9bdf551d3a56d2ab82c628968ab5ddd78
SHA512

9d82e9a8e687c54224e1cb9af51e76c212e461628860cdc7ded4e646495f42143516e31467adc8997788f198363010266012b81a6af27906aacf909531223cb6
SSDEEP

24576:POBAL+/zcHNMhEEMqCPdILz53aW3wvh5I2Uhy1HygpJ0:POGL+L8UfIILl3JHShK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e16ddb2661e97a6648295d338614896_JaffaCakes118

Files

2e16ddb2661e97a6648295d338614896_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c55fe01af64d79eb558b5e3cdcde324a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

SystemParametersInfoW
GetIconInfo
SetScrollPos
BeginPaint
GetDCEx
GetSystemMenu
CreateAcceleratorTableW
OemKeyScan
CharUpperW
IsClipboardFormatAvailable
CreateDialogParamW
ShowWindow
DrawFrameControl
GetKeyboardLayoutList

psapi

GetModuleBaseNameW

kernel32

FreeEnvironmentStringsW
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetFileSize
CloseHandle
GetCommState
GetLocalTime
CreateFileMappingW
GetModuleFileNameW
GetModuleHandleW
GetModuleHandleExW
HeapFree
FindResourceExW
GetSystemDirectoryW
GetFileAttributesW
GetFileAttributesExW
DeleteFileW
FindFirstFileW
MapViewOfFileEx
GetCPInfo
WideCharToMultiByte
GetThreadLocale
VirtualAlloc
LocalFree
RtlUnwind
HeapReAlloc
HeapSize
LCMapStringW
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetStdHandle
SetFilePointerEx
WriteConsoleW
ExpandEnvironmentStringsW
CreateFileW
GetCommandLineW
RaiseException
IsProcessorFeaturePresent
EncodePointer
GetLastError
SetLastError
GetCurrentThreadId
DecodePointer
ExitProcess
GetProcAddress
MultiByteToWideChar
GetProcessHeap
GetStdHandle
GetFileType
GetStartupInfoW
WriteFile
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
Sleep
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
IsDebuggerPresent
IsValidCodePage
GetACP
GetOEMCP
EnterCriticalSection
LeaveCriticalSection
LoadLibraryExW
OutputDebugStringW
GetStringTypeW
HeapAlloc

crypt32

CryptQueryObject
CertGetNameStringW
CryptHashPublicKeyInfo
CryptAcquireCertificatePrivateKey
CertFindExtension
CryptHashCertificate
CertGetPublicKeyLength
CertFreeCTLContext
CertAddEncodedCertificateToStore
CertFreeCRLContext
CertGetCertificateContextProperty
CertSetCertificateContextProperty
CertFreeCertificateContext
CertCreateCertificateContext
CertEnumCertificatesInStore
CertCloseStore
CryptMsgGetParam
CryptMsgClose
CryptEnumOIDInfo
CryptProtectData

Sections

.text
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 478KB - Virtual size: 7.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xdata
Size: 1024B - Virtual size: 724B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dy84id
Size: 325KB - Virtual size: 324KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.es3srf
Size: 430KB - Virtual size: 429KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hsta4h
Size: 300KB - Virtual size: 299KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.960h
Size: 240KB - Virtual size: 239KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 365KB - Virtual size: 365KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c55fe01af64d79eb558b5e3cdcde324a

Headers

File Characteristics

Imports

user32

psapi

kernel32

crypt32

Sections

.text Size: 140KB - Virtual size: 140KB

.data Size: 478KB - Virtual size: 7.3MB

.idata Size: 3KB - Virtual size: 3KB

.xdata Size: 1024B - Virtual size: 724B

.dy84id Size: 325KB - Virtual size: 324KB

.es3srf Size: 430KB - Virtual size: 429KB

.hsta4h Size: 300KB - Virtual size: 299KB

.960h Size: 240KB - Virtual size: 239KB

.rsrc Size: 365KB - Virtual size: 365KB

.text
Size: 140KB - Virtual size: 140KB

.data
Size: 478KB - Virtual size: 7.3MB

.idata
Size: 3KB - Virtual size: 3KB

.xdata
Size: 1024B - Virtual size: 724B

.dy84id
Size: 325KB - Virtual size: 324KB

.es3srf
Size: 430KB - Virtual size: 429KB

.hsta4h
Size: 300KB - Virtual size: 299KB

.960h
Size: 240KB - Virtual size: 239KB

.rsrc
Size: 365KB - Virtual size: 365KB