2a2ed34670c18c9634d2ba6ce39f04a1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2a2ed34670c18c9634d2ba6ce39f04a1_JaffaCakes118
Size

360KB
MD5

2a2ed34670c18c9634d2ba6ce39f04a1
SHA1

c8518219296146aa32f50ed20e2f213d2fa7a8d3
SHA256

e63deace4de12d3c4dc59f95952eeeb761d0dfd2e87c925682846a78fdf6acac
SHA512

c0841e93078ccec4a2aea3aeacd69cf1a620aa283d2cbb798f01ab2d45bb0f2bfbce2aa23c2596e07960aa534660cfcbaa8a0e35fd0ce99a4f069eb8a0dd8a4b
SSDEEP

6144:8KpnvOG9bIkQn8WV1PH6umC55VOgbosoUnpLhpHDtfANR0xkewX1QdQDA:8Lku8Q/6uFVUsLbDKIxc58

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a2ed34670c18c9634d2ba6ce39f04a1_JaffaCakes118

Files

2a2ed34670c18c9634d2ba6ce39f04a1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6ad8d84c59b109e11502f127a151a889

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsValidLocale
EnumSystemCodePagesA
GetSystemTime
GetUserDefaultLangID
CreateDirectoryExA
FormatMessageW
LocalSize
FreeLibrary
VirtualFree
GetLongPathNameA
ReadConsoleA
LocalAlloc
EnumDateFormatsW
LoadLibraryExW
EndUpdateResourceA
PurgeComm
ExpandEnvironmentStringsW
FlushFileBuffers
GetDiskFreeSpaceW
VirtualQueryEx
PrepareTape
GetPrivateProfileStringA
GetConsoleMode
GetACP
GetProfileStringA
SetConsoleOutputCP
DebugBreak
_lread
GetUserDefaultLCID
GetProcessHeap
ReadFileScatter
PulseEvent
GlobalFindAtomA
DeleteCriticalSection
OpenMutexA
GetCurrentProcess
GlobalAddAtomA
GetFileAttributesExA
GlobalAddAtomW
EnumResourceNamesW
WritePrivateProfileSectionW
GetModuleFileNameW
MultiByteToWideChar
FindCloseChangeNotification
GetStringTypeExW
DosDateTimeToFileTime
GetCommState
RemoveDirectoryA
GlobalUnlock
CreateIoCompletionPort
CancelIo
LocalReAlloc
OutputDebugStringW
FindNextChangeNotification
LoadLibraryExA
GetSystemDefaultLangID
GetPrivateProfileSectionW
VirtualAllocEx
MoveFileExA
GetFileType
FatalAppExitA
ClearCommBreak
InitializeCriticalSection
WritePrivateProfileStructA
GlobalReAlloc
SetStdHandle
SetEnvironmentVariableW
OpenFile
GetVersionExA
GetCommandLineA
GlobalFlags
EnumTimeFormatsW
UnmapViewOfFile
SystemTimeToFileTime
GetEnvironmentStringsW
CreateWaitableTimerA
GetTempFileNameA
EnumResourceNamesA
EnumSystemCodePagesW
DeleteFiber
GetNumberFormatW
GetDriveTypeA
GetTimeZoneInformation
GetBinaryTypeA
GetVolumeInformationW
GetSystemDirectoryW
RemoveDirectoryW
SetCurrentDirectoryA
GlobalDeleteAtom
VirtualProtect
GetThreadPriority
ExitProcess

user32

GetMenuInfo
FlashWindow
ClipCursor
DrawFocusRect
DrawTextA
GetLastActivePopup
ReleaseDC
CopyAcceleratorTableA
SetPropW
SetClassLongA
SetLastErrorEx
LoadMenuIndirectA
GetMessageA
ChangeMenuW
IsCharAlphaW
SetCaretPos
GetAsyncKeyState
GetClientRect
SendDlgItemMessageW
IsWindowVisible
GetMonitorInfoA
GetQueueStatus
LoadMenuW
GetUserObjectInformationW
BroadcastSystemMessageW
IsChild
GetCapture
ChildWindowFromPoint
SetWindowPlacement
CopyIcon
GetMenuState
RegisterClipboardFormatW
ScrollWindowEx
MapWindowPoints
CallWindowProcA
TrackPopupMenuEx
SetUserObjectInformationW
CreateIconIndirect
CharLowerBuffA

gdi32

GetTextExtentExPointW
LineDDA
TranslateCharsetInfo
EnumMetaFile
GetOutlineTextMetricsA
SetDIBColorTable
EqualRgn
ExtFloodFill
CreateSolidBrush
Chord

comdlg32

GetSaveFileNameW
ReplaceTextA
FindTextW

advapi32

GetSidSubAuthority
RegOpenKeyW
AccessCheck
SetFileSecurityA
InitiateSystemShutdownW
AccessCheckAndAuditAlarmW
DeleteAce

shell32

DragAcceptFiles
SHGetSettings

ole32

OleRegGetMiscStatus
CoGetTreatAsClass
CoTreatAsClass
CreateStreamOnHGlobal
CoFreeUnusedLibraries
CoSwitchCallContext

oleaut32

QueryPathOfRegTypeLi
VariantCopy
SafeArrayRedim
SafeArrayGetElement
SafeArrayUnaccessData

comctl32

ImageList_BeginDrag
ImageList_EndDrag

shlwapi

StrRetToBufW
UrlIsW
PathIsRootA
PathIsDirectoryW
SHRegCreateUSKeyW
PathCanonicalizeA
PathFileExistsW
PathIsSameRootW
PathIsNetworkPathW
PathIsPrefixW
ChrCmpIW
SHStrDupW
PathFindOnPathW
StrStrW
StrChrIA
StrCpyNW
StrCatW
StrCmpW

Sections

.text
Size: 332KB - Virtual size: 330KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6ad8d84c59b109e11502f127a151a889

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

Sections

.text Size: 332KB - Virtual size: 330KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 16KB - Virtual size: 15KB

.text
Size: 332KB - Virtual size: 330KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 16KB - Virtual size: 15KB