2dff77948732dda67fb89d6815f85d85_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2dff77948732dda67fb89d6815f85d85_JaffaCakes118
Size

300KB
MD5

2dff77948732dda67fb89d6815f85d85
SHA1

5ce65512e24bd2e4d264bba943ec6b95fa99f418
SHA256

c3e761ac311b9cf8de235016c946bf3250eddaabb86b82d7a99449edca627cdc
SHA512

16554ab536fbfdae491822d5f35ced8b5d48992a200791206cd7d83117ab77dadc4a08e67d387ea25e1e46277806649c1036678ad0d31016bcf6020437572cdb
SSDEEP

6144:aWNzZZiRRYgF8Ci3+zi/4YJ3AzWbWpovS9XOAJwzGqVyb9NDZyR7w:aWNziYgBAV/X/bDo+AJwzGMy2w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2dff77948732dda67fb89d6815f85d85_JaffaCakes118

Files

2dff77948732dda67fb89d6815f85d85_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5dbe18ed5c689a15f7e6e82def73645a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetDiskFreeSpaceA
SHGetSpecialFolderPathW
FreeIconList
SHGetPathFromIDListW

user32

DdeQueryConvInfo
ChangeDisplaySettingsExA
DdeQueryStringW
DestroyCaret
CreateAcceleratorTableA
GetCursorPos
CascadeChildWindows
CreateIconIndirect
AnimateWindow
DialogBoxIndirectParamA
GetCaretPos
GetClassInfoA
DdeDisconnect
GetClassInfoExA
DlgDirListW
EnableWindow

msvcrt

_getsystime
isgraph
_fullpath
_ismbbprint
fgetws
_execve
_fcvt
_spawnvp
_strdate
_mbsupr
_wspawnlp
_wexecve
_j0
_ultow
setlocale
_ltow
_wrmdir
mblen
_set_error_mode
_CIfmod
cos
_mbctype
_safe_fdivr
mktime
__getmainargs
_ismbckata
fgetpos

kernel32

FillConsoleOutputCharacterW
HeapReAlloc
GetTickCount
ClearCommBreak
Sleep
LocalUnlock
IsDBCSLeadByte
GlobalLock
GetSystemTime
InitializeCriticalSectionAndSpinCount
lstrcpyA
GetSystemTimeAdjustment
lstrcmpW
LCMapStringW
VirtualAlloc
lstrcpynW
SetEndOfFile
GetTempPathW
GetModuleHandleW
OpenSemaphoreW
OpenJobObjectW
GetVersion
CreateJobObjectA
GetLongPathNameW
GetThreadPriority
VirtualFree
VerLanguageNameW
GetCurrentConsoleFont
InterlockedCompareExchange
LockFileEx
SetCommTimeouts
SetCommConfig
GetCPInfoExW
SetConsoleWindowInfo
CreateFileW
GetStartupInfoA
CreateEventW
GetProfileIntW
DeleteCriticalSection
EnumCalendarInfoW
ExitProcess
IsValidLocale
CreateHardLinkW
GetModuleHandleA
GetProcessHeaps

gdi32

GetSystemPaletteUse
GetViewportExtEx
BitBlt
CreateScalableFontResourceA
GetOutlineTextMetricsW
StartPage
CloseFigure
MaskBlt
GetEnhMetaFileDescriptionW
RealizePalette
GetDeviceCaps
GetMapMode
GetCharABCWidthsA
TextOutA
GdiGetBatchLimit
DPtoLP
GetStretchBltMode
SetBoundsRect
GetObjectType
ExtCreateRegion
CreateDIBitmap
SetViewportExtEx
SetDIBits
SetTextCharacterExtra

comdlg32

GetOpenFileNameA

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.qfveh
Size: 207KB - Virtual size: 595KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nxaln
Size: 206KB - Virtual size: 365KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5dbe18ed5c689a15f7e6e82def73645a

Headers

File Characteristics

Imports

shell32

user32

msvcrt

kernel32

gdi32

comdlg32

Sections

.text Size: 7KB - Virtual size: 7KB

.qfveh Size: 207KB - Virtual size: 595KB

.nxaln Size: 206KB - Virtual size: 365KB

.reloc Size: 1024B - Virtual size: 1KB

.text
Size: 7KB - Virtual size: 7KB

.qfveh
Size: 207KB - Virtual size: 595KB

.nxaln
Size: 206KB - Virtual size: 365KB

.reloc
Size: 1024B - Virtual size: 1KB