2e062efe955cde9e46c67502c885b2bc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2e062efe955cde9e46c67502c885b2bc_JaffaCakes118
Size

344KB
MD5

2e062efe955cde9e46c67502c885b2bc
SHA1

8cea1c1fa7eedec23645284d817ac3479113df4c
SHA256

896e558101e07f0291f2ef13a1795e7387b0eea570360afe98a1686d6e3b7d3d
SHA512

adb985f0c0626c30c3a10f878b472190e7851a4f3a2acd23c2d266d1916ec31a20d273d0bbc5429e77916b8715736d988d36ba39ecf2e2bb7bddd255d692af24
SSDEEP

6144:Ldfryt8hPt9FlbmwKiaVY4Qnm5MqMLktcxnoc+B1D7aOW4Is:xfrg8lU8aW4Qnm5lMLKKs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e062efe955cde9e46c67502c885b2bc_JaffaCakes118

Files

2e062efe955cde9e46c67502c885b2bc_JaffaCakes118
.exe windows:4 windows x86 arch:x86

caf822297ee2c083fb653052e2f3e0d0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumDateFormatsW
SetLocaleInfoW
SetProcessWorkingSetSize
GetCurrentProcess
OpenWaitableTimerW
SetLocaleInfoA
MultiByteToWideChar
SignalObjectAndWait
InterlockedIncrement
GetSystemInfo
GetVersionExA
lstrcmpW
EnumResourceTypesA
MoveFileExA
ConvertDefaultLocale
CopyFileA
GetModuleHandleA
OpenSemaphoreW
FindFirstFileExW
GetFileAttributesA
SetThreadLocale
GetPrivateProfileSectionNamesW
GetNumberOfConsoleMouseButtons
LocalHandle
CreateNamedPipeW
FreeEnvironmentStringsW
FreeResource
GetNamedPipeInfo
IsBadWritePtr
lstrcatW
EnumCalendarInfoA
GetTimeFormatW
SetFileTime
GetTempPathW
GetConsoleTitleW
CreateDirectoryExW
SearchPathA
SetConsoleCP
GetStartupInfoA
GetShortPathNameW
HeapReAlloc
GetLongPathNameW
FlushConsoleInputBuffer
GetSystemDirectoryA
GetCompressedFileSizeW
SetNamedPipeHandleState
WritePrivateProfileSectionA
BackupWrite
FindNextFileW
GetThreadPriority
GetThreadSelectorEntry
GetCPInfoExW
WriteProfileStringA
SetCommState
ReadConsoleA
GetProfileIntA
SetEnvironmentVariableW
GetFileAttributesExA
VirtualAlloc
LocalFileTimeToFileTime
HeapLock
GetProfileIntW
TerminateThread
SearchPathW
SetComputerNameA
FreeEnvironmentStringsA
OpenFileMappingA
ContinueDebugEvent
GetProcessHeaps
PrepareTape
HeapCompact
PurgeComm
BuildCommDCBA
GlobalUnfix
WaitForMultipleObjectsEx
FormatMessageW
ReadFile
GetConsoleScreenBufferInfo
GetTapePosition
lstrcpynA
GetEnvironmentVariableA

user32

TabbedTextOutW
GetMenuState
SendNotifyMessageW
LoadIconW
DeferWindowPos
GetMenuContextHelpId
SystemParametersInfoW
GetClipboardFormatNameA
ScrollWindowEx
CreateDesktopW
GetNextDlgGroupItem
SetDlgItemTextA
SystemParametersInfoA
DispatchMessageW
SetCapture
GetLastActivePopup
GetKeyboardState
SetProcessWindowStation
CreateIcon
LoadImageW
DestroyCursor
ShowCaret
InternalGetWindowText
GetScrollInfo
SetLastErrorEx
SetPropA
WindowFromPoint
ShowScrollBar
CreateMDIWindowA
GetScrollPos
RegisterClassA
SetClassLongW
SetWindowWord
SetCursorPos

gdi32

ExtSelectClipRgn
SetBitmapDimensionEx
CreateFontW
GetRgnBox
GetTextExtentPoint32A
GetViewportExtEx
GetGraphicsMode
CopyEnhMetaFileW
GetBitmapDimensionEx
CancelDC
IntersectClipRect
PaintRgn
StartPage
EnumFontFamiliesW
SetDeviceGammaRamp
GetClipBox
GetDeviceCaps
Ellipse
FloodFill
GetMiterLimit
CreateRectRgnIndirect
PolyBezierTo
GetICMProfileA
CloseFigure
CheckColorsInGamut
UnrealizeObject
GetICMProfileW
Chord
GetTextMetricsW

comdlg32

ReplaceTextW

advapi32

RegisterEventSourceW
AreAnyAccessesGranted
RegQueryInfoKeyW
CryptDestroyHash
FreeSid
CryptSetProviderA
QueryServiceConfigW
ChangeServiceConfigW
RegQueryValueExA
ObjectCloseAuditAlarmA
CryptDestroyKey
DeleteAce
OpenProcessToken
LockServiceDatabase
BuildTrusteeWithNameA
SetTokenInformation
AddAccessDeniedAce
OpenBackupEventLogW
CryptGenKey
IsValidAcl
RegCloseKey
SetServiceBits
RegQueryValueExW
UnlockServiceDatabase
CryptSetProviderExW
SetSecurityDescriptorOwner
RegEnumKeyExA
ObjectDeleteAuditAlarmA
OpenThreadToken
SetServiceObjectSecurity
LookupPrivilegeDisplayNameW
GetOldestEventLogRecord

shell32

SHFreeNameMappings
ExtractIconExW
ShellExecuteExA
SHBrowseForFolderW
ExtractAssociatedIconExA

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit

Sections

.text
Size: 267KB - Virtual size: 268KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

g7z7fnuq
Size: 45KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

29m33.g6
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

caf822297ee2c083fb653052e2f3e0d0

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

msvcrt

Sections

.text Size: 267KB - Virtual size: 268KB

.rdata Size: 5KB - Virtual size: 8KB

.data Size: 21KB - Virtual size: 24KB

g7z7fnuq Size: 45KB - Virtual size: 48KB

29m33.g6 Size: 4KB - Virtual size: 4KB

.text
Size: 267KB - Virtual size: 268KB

.rdata
Size: 5KB - Virtual size: 8KB

.data
Size: 21KB - Virtual size: 24KB

g7z7fnuq
Size: 45KB - Virtual size: 48KB

29m33.g6
Size: 4KB - Virtual size: 4KB