2944cb124f6494fdeeaf3fae5c118638_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2944cb124f6494fdeeaf3fae5c118638_JaffaCakes118
Size

539KB
MD5

2944cb124f6494fdeeaf3fae5c118638
SHA1

e807f02e871b1b1f385e4de7b295db69d9505938
SHA256

81e1713d6784f9d6f70a19c4f4d139a6efc99dc9a7b56cd483ece918c16f4574
SHA512

ed6a5761f5eb707c15fd45af454655daaa5e9e421c259f2610f4d5f1e68e174fc40e1f63ded9e8d6a3a10bd21a2b85ea39bd50d56d8ffb5f8c2efc5d5190dd8b
SSDEEP

12288:7kRLYsXt0DhiEpHRjAnI7jaki5gtEyixiLLTG:7kRswVEoI6ki2tEyrfT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2944cb124f6494fdeeaf3fae5c118638_JaffaCakes118

Files

2944cb124f6494fdeeaf3fae5c118638_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1c2bf6fdd5bc0c3e8395e764e05ca60d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

RegisterClassExA
RegisterClassA
CreateDesktopA
UnhookWindowsHook
WINNLSGetEnableStatus
DestroyCursor
CheckMenuItem

comctl32

InitCommonControlsEx

kernel32

LocalSize
LCMapStringA
GetCommandLineA
SetStdHandle
CreateDirectoryExW
GetConsoleMode
GetTickCount
GetEnvironmentStrings
EnumSystemLocalesA
FreeLibrary
GetStringTypeW
TlsGetValue
HeapCreate
GetProcAddress
GetConsoleCP
GetVersionExA
HeapFree
SetConsoleCtrlHandler
GetACP
TlsAlloc
CompareStringW
CompareStringA
GetProfileSectionA
LCMapStringW
GetConsoleOutputCP
GetCPInfo
SetLastError
GetEnvironmentStringsW
HeapAlloc
GetLocaleInfoW
GetCurrentThreadId
OpenMutexA
TerminateProcess
VirtualAlloc
DeleteCriticalSection
WriteConsoleA
GetModuleFileNameA
QueryPerformanceCounter
WriteFile
GetThreadLocale
WaitForSingleObject
HeapSize
WriteConsoleW
InterlockedExchange
SetCurrentDirectoryW
InterlockedDecrement
lstrcpynA
GetUserDefaultLCID
EnumResourceNamesA
CloseHandle
GetTimeZoneInformation
GetPrivateProfileIntA
GetStdHandle
FlushFileBuffers
VirtualQuery
IsValidLocale
RtlUnwind
GetLocaleInfoA
UnhandledExceptionFilter
ReadFile
GetModuleHandleA
FreeEnvironmentStringsW
GetTimeFormatA
GetModuleHandleW
WriteConsoleOutputW
GetCurrentProcess
GetProcessHeap
EnterCriticalSection
Sleep
MultiByteToWideChar
SetUnhandledExceptionFilter
GetSystemTimeAsFileTime
HeapDestroy
TlsFree
DeleteFiber
IsDebuggerPresent
GetStringTypeA
GetCurrentProcessId
GetLocalTime
GetPrivateProfileStructW
WideCharToMultiByte
GetDateFormatA
FindFirstFileExW
GetOEMCP
GetCurrentThread
CreateFileA
TlsSetValue
IsValidCodePage
SetHandleCount
LoadLibraryA
CreateMutexA
ExitProcess
GetLastError
FreeEnvironmentStringsA
SetEnvironmentVariableA
InterlockedIncrement
LeaveCriticalSection
HeapReAlloc
InitializeCriticalSection
GetStartupInfoA
VirtualFree
GetFileType
SetFilePointer

advapi32

InitializeSecurityDescriptor
LookupSecurityDescriptorPartsW
RegOpenKeyExA
StartServiceW
CryptGetHashParam
CryptHashData
LookupPrivilegeDisplayNameA
RegDeleteValueW
RegEnumKeyExW

Sections

.text
Size: 337KB - Virtual size: 336KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 75KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1c2bf6fdd5bc0c3e8395e764e05ca60d

Headers

File Characteristics

Imports

user32

comctl32

kernel32

advapi32

Sections

.text Size: 337KB - Virtual size: 336KB

.rdata Size: 75KB - Virtual size: 91KB

.data Size: 117KB - Virtual size: 117KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 337KB - Virtual size: 336KB

.rdata
Size: 75KB - Virtual size: 91KB

.data
Size: 117KB - Virtual size: 117KB

.rsrc
Size: 8KB - Virtual size: 8KB