2ea69eabd8afe9d642def9760ac326e3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2ea69eabd8afe9d642def9760ac326e3_JaffaCakes118
Size

606KB
MD5

2ea69eabd8afe9d642def9760ac326e3
SHA1

26bb699f400c9f5305f60ce83fedeccf13e22028
SHA256

d5468d9daf5d4af8e26b11dc43bb7b7046cfb5b3c721f00ddb500463ccec9777
SHA512

e8c31c67c738ebbc9fd383529b45ed11b4cbdd8bca47e618ca64d60ad02cb2f04d1fbaf6008be4d140e2f8ac93e755fa14594905e0ef62b1ed4be94b7ee31a6d
SSDEEP

12288:WlbzkAXD21n/WaK7x5NCfQkNVHHjJ8dkE7QT6CJfiO3YN4:WlB21OtCfQCeyT6IB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ea69eabd8afe9d642def9760ac326e3_JaffaCakes118

Files

2ea69eabd8afe9d642def9760ac326e3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8246c74bb9b5d97048ffc1710831e38a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Sleep
FlushFileBuffers
GetModuleHandleW
GetCommConfig
QueueUserAPC
WritePrivateProfileStructA
SetFilePointerEx
GetOEMCP
GetLocaleInfoA
TlsFree
lstrcpyW
SetThreadPriority
MoveFileExW
WaitNamedPipeA
GetProcessPriorityBoost
SetEnvironmentVariableW
SetWaitableTimer
ReplaceFileA
GetEnvironmentVariableA
SetTapeParameters
GetVolumePathNameA
HeapAlloc
GetNumberFormatW
LCMapStringA
SetFileApisToANSI
GetNumberFormatA
GetComputerNameExW
FreeEnvironmentStringsA
Process32NextW
GetPriorityClass
GetVersionExA
UpdateResourceA
GetCurrentThreadId
lstrcpynA
GetTempFileNameA
GetComputerNameExA
_lwrite
GetSystemDefaultLangID
PurgeComm
RtlUnwind
WritePrivateProfileStringA
FindFirstVolumeMountPointA
GetVolumePathNameW
FatalAppExitA
SetFileApisToOEM
RemoveDirectoryW
GetStartupInfoA
OutputDebugStringW
MultiByteToWideChar
VerifyVersionInfoW
FatalAppExitW
GetProcessAffinityMask
DuplicateHandle
GlobalCompact
WaitForMultipleObjectsEx

user32

CreateCursor
ReuseDDElParam
DrawFrameControl
SetCaretPos
SetCursorPos
MessageBoxA
UnloadKeyboardLayout
SetWindowsHookA
IsClipboardFormatAvailable
SetShellWindow
CharLowerBuffA
PostThreadMessageA
DialogBoxParamA
IsCharAlphaA
CharPrevExA
GetDlgItem
LoadImageW
GetMenuItemCount
CascadeWindows
SwitchDesktop
UnhookWinEvent
FlashWindow
DdeConnect
GetLastInputInfo
SendMessageA
GetMenuBarInfo
InvalidateRgn
CharPrevW
EnableWindow
WindowFromPoint
PeekMessageW
DdeQueryNextServer
IsDialogMessageW
GetMessageTime
GetCursorPos
GetMenuCheckMarkDimensions
MonitorFromPoint
EnumDesktopsW
SetWindowContextHelpId
DdeGetData
GetThreadDesktop
TranslateAcceleratorA
DialogBoxIndirectParamW
WinHelpA
ClipCursor
DdeQueryStringW
EnumDisplayMonitors
TabbedTextOutA
SetClassWord
GetShellWindow
LockWindowUpdate
CreateAcceleratorTableA
IsCharAlphaNumericA
GetAltTabInfoW
DdeAddData
DrawMenuBar
GetKeyboardLayoutList
ValidateRgn
RegisterShellHookWindow
GetWindowTextLengthA
GetWindowModuleFileNameW
DdeCreateDataHandle
SetWindowsHookExW
GetDlgItemTextA
UnregisterDeviceNotification
RegisterWindowMessageW
GetCursorInfo
IsDialogMessageA
MessageBeep
FrameRect
SetPropA
DdeSetUserHandle
GetSubMenu
SetLastErrorEx
IMPGetIMEW
SendDlgItemMessageW
WaitMessage
ToAscii
DdeAccessData
TrackPopupMenu
IMPQueryIMEA
GetAsyncKeyState
SendMessageCallbackW
CopyAcceleratorTableW
MessageBoxIndirectA
DlgDirListW
DrawTextExA
LockSetForegroundWindow
SendInput
ShowWindow
GetDoubleClickTime
IMPSetIMEW
GetAncestor
IsZoomed
SetDlgItemTextW
LockWorkStation
GetInputState
GetScrollRange
MapVirtualKeyExA
ToUnicode
CharUpperBuffW
CharUpperBuffA
SendMessageCallbackA
SetRect
SetSysColors
FindWindowExW
DdeQueryStringA
GetClassInfoA
SetMenuContextHelpId
MenuItemFromPoint
RemovePropA
FillRect
TabbedTextOutW
AttachThreadInput
SetThreadDesktop
CreateAcceleratorTableW
GetQueueStatus
BroadcastSystemMessageW
IsDlgButtonChecked
GetCapture
GetUserObjectSecurity
GetDlgItemInt
FreeDDElParam
DrawIconEx
CheckMenuItem
ValidateRect
IsIconic
ShowScrollBar
OpenDesktopA
SendMessageTimeoutW

Sections

.text
Size: 201KB - Virtual size: 200KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 212KB - Virtual size: 4.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 183KB - Virtual size: 182KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8246c74bb9b5d97048ffc1710831e38a

Headers

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 201KB - Virtual size: 200KB

.data Size: 212KB - Virtual size: 4.0MB

.rdata Size: 5KB - Virtual size: 4KB

.rsrc Size: 183KB - Virtual size: 182KB

.reloc Size: 4KB - Virtual size: 8KB

.text
Size: 201KB - Virtual size: 200KB

.data
Size: 212KB - Virtual size: 4.0MB

.rdata
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 183KB - Virtual size: 182KB

.reloc
Size: 4KB - Virtual size: 8KB