2992db274beebe6b1189cd46a218e8fc_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2992db274beebe6b1189cd46a218e8fc_JaffaCakes118
Size

128KB
MD5

2992db274beebe6b1189cd46a218e8fc
SHA1

be264cf4a1506e968e4a6a7f0a7f30c9560a0675
SHA256

ca0e8f5b7ebb7b9c16060c8788d00dce6cbd90080725ab79c19b9fc84c16f7e4
SHA512

0c0fdf0479358b57d9c884adacd3bf541ba7befc0f46b6c9353ba2ab583949c5cabbc0136a3618168fe3fb4d921fc9b8422cd0e702eea2f575526e27d3e460e5
SSDEEP

3072:7NFqAfyYJfXVGmlG6L0hgv5gWNNHeRoyHnP6q53/:bTJflGMGO0mduZv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2992db274beebe6b1189cd46a218e8fc_JaffaCakes118

Files

2992db274beebe6b1189cd46a218e8fc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

01b7e22778d9dfe2b478c61fe647be46

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_WDM_DRIVER

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetFileType
FindFirstFileW
lstrcpynA
LoadLibraryA
ZombifyActCtx
OutputDebugStringA
VirtualAlloc
GetNumberFormatW
LocalFileTimeToFileTime
SetConsoleMode
GetLocaleInfoW
GetModuleHandleA
WriteTapemark
GlobalFree
GetLocaleInfoA
lstrlenW
SetHandleCount
GetFullPathNameW
SetErrorMode
GetProcAddress
VirtualProtect
GlobalReAlloc
LockResource
VirtualFree
GetCommandLineW
ExitThread
TlsAlloc
GetExitCodeProcess
GetSystemTime

msvcrt

wcsncat
towupper
_wcsicmp
__setusermatherr
memcpy
_c_exit
wcstok
sprintf
_except_handler3
fclose
swscanf
wcschr
__p__commode
printf
_ftol
_acmdln
__CxxFrameHandler
_cexit
_vsnwprintf
__p__fmode
_exit
strchr
_iob
exit
isxdigit

gdi32

SaveDC
SetMapMode
RestoreDC
CreateCompatibleBitmap
SetBkMode
BitBlt
ExtTextOutW
TextOutW
MoveToEx
GetObjectW
GetRegionData
CreateFontIndirectA
Rectangle
SetTextColor
SetPixel
CreateRoundRectRgn
TranslateCharsetInfo
GetDeviceCaps
CreatePen

user32

SetProcessWindowStation
CloseClipboard
MapWindowPoints
IsClipboardFormatAvailable
DefWindowProcA
RegisterClassA
LoadCursorW
SetRect
DefDlgProcW
DrawFocusRect
SetWindowLongA
GetMenu
TranslateMessage
GetAsyncKeyState
SetWindowPos
GetSystemMenu
LoadStringA
EqualRect
GetKeyState
RegisterClipboardFormatW
RegisterClassExW
GetWindow
PostThreadMessageW
SendDlgItemMessageW
SetCapture
LoadIconA
GetMessageA

tapi32

lineAddProvider
lineGetAddressCaps
lineSetupTransferA
lineSetupConferenceA
lineGetAgentActivityListW

Exports

Exports

FfdYpvvdxuJgkqeuxJfqxQx
DrrOzvb
StquAiehPztqgumUg

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 126B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

01b7e22778d9dfe2b478c61fe647be46

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

gdi32

user32

tapi32

Exports

Exports

Sections

.text Size: 22KB - Virtual size: 21KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 25KB - Virtual size: 24KB

.CRT Size: 32KB - Virtual size: 31KB

.rsrc Size: 45KB - Virtual size: 44KB

.reloc Size: 512B - Virtual size: 126B

.text
Size: 22KB - Virtual size: 21KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 25KB - Virtual size: 24KB

.CRT
Size: 32KB - Virtual size: 31KB

.rsrc
Size: 45KB - Virtual size: 44KB

.reloc
Size: 512B - Virtual size: 126B