2a1dcdd8e762b549523b75d18b43fe0b_JaffaCakes118

General

Target

2a1dcdd8e762b549523b75d18b43fe0b_JaffaCakes118
Size

111KB
MD5

2a1dcdd8e762b549523b75d18b43fe0b
SHA1

6051985115441f319d592678ed7e0193cad52786
SHA256

70559316a4b28ae23e9f802fc79887fa8bfa53e234198cbd608caca750e04322
SHA512

dc5b7a00e221a6a2ec1fb1869fcae02da1dd747f6296ab363984625ad0cd3e22a8399eed8914f39ab0e8aea24a9c32d53f29ae59dc75f528b6b3210175105dad
SSDEEP

1536:Ek9c2Q/htW0zCT9riCrnjtmjIqEdSUjvY7raAy8RCQypFQcEj0g/DA:Rc2GhtW02liCX+SdLvC+ERCGcORDA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a1dcdd8e762b549523b75d18b43fe0b_JaffaCakes118

Files

2a1dcdd8e762b549523b75d18b43fe0b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

88dcf8d087da94da651f78ec3bdcac03

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

QueryPerformanceCounter
GetVersionExA
TerminateProcess
GlobalFree
VirtualProtect
GetPrivateProfileStringA
SetHandleCount
SetFileAttributesW
GetStartupInfoA
GetModuleHandleA

user32

GetFocus
CloseClipboard
GetSysColor
GetSubMenu
SetClipboardData
UnregisterClassA
GetIconInfo
GetLastActivePopup
IsWindowEnabled
GetForegroundWindow

msvcrt

__p__commode
__getmainargs
__set_app_type
_except_handler3
_adjust_fdiv
sqrt
fwrite
_acmdln
_utime
_XcptFilter
iswspace
_isctype
_c_exit
__p__fmode
exit
wcscspn
fclose
__setusermatherr
_initterm

oleaut32

SysAllocStringByteLen
VariantCopyInd
SafeArrayGetUBound
SafeArrayRedim
SafeArrayCreate
SysStringByteLen
CreateErrorInfo
SafeArrayUnaccessData

advapi32

RegEnumValueW
OpenThreadToken
InitiateSystemShutdownA
GetTokenInformation
SetSecurityDescriptorDacl
RegSetValueExW
DeleteService
RegEnumKeyExA

comctl32

ImageList_BeginDrag
CreatePropertySheetPageA
CreateToolbarEx
ImageList_DrawEx

shell32

SHGetSpecialFolderPathW
SHGetMalloc
DragQueryFileW
SHChangeNotify
ShellExecuteExA
Shell_NotifyIconW
SHBrowseForFolderW
SHAppBarMessage
SHCreateDirectoryExA

ole32

StringFromGUID2
CoReleaseMarshalData
CreateStreamOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
CoDisconnectObject
StgOpenStorage
ProgIDFromCLSID
OleDraw
StgCreateDocfileOnILockBytes

Sections

.text
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

88dcf8d087da94da651f78ec3bdcac03

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

oleaut32

advapi32

comctl32

shell32

ole32

Sections

.text Size: 81KB - Virtual size: 80KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 25KB - Virtual size: 25KB

.text
Size: 81KB - Virtual size: 80KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 25KB - Virtual size: 25KB