2e0727da9701df8f5165f2a971ffeebb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2e0727da9701df8f5165f2a971ffeebb_JaffaCakes118
Size

300KB
MD5

2e0727da9701df8f5165f2a971ffeebb
SHA1

711f3e445816963464e699d18396ab84ca098f3b
SHA256

a7390fce28f1cfd7ad52b95ba58b90fec3e7d448bfb9bb4b3d42210ad275d088
SHA512

dcaa7969e29b687a108c48847e00a739ee5357d908022ad082be9cd7e93672a3bd48b3ed4fe8578b52a64646e6113ce93b49de6e3e0ffc85c1fabbc343221e02
SSDEEP

6144:Y+SoZpxAdKesXqP8IKdWX8HkYkAAIKHmt8Sx9uGsWWr7Wo74p:VS8hza2Xsmtb91sWyl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e0727da9701df8f5165f2a971ffeebb_JaffaCakes118

Files

2e0727da9701df8f5165f2a971ffeebb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5e5837e02df7c5623677a36f8dd1fb4d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
VirtualProtect
SetConsoleTitleA
GetCommandLineA
ExitProcess

user32

GetDlgItemInt
SetMenuItemInfoA
GetWindowRgn
GetClipboardOwner
InsertMenuItemA
SetDlgItemInt
GetKeyboardLayoutNameW
LoadIconW
GetScrollBarInfo
GetAsyncKeyState
GetMenuItemInfoA

gdi32

GetStockObject
MaskBlt
StartDocA
GetROP2
GetPaletteEntries
ScaleViewportExtEx
CreateRectRgnIndirect

comdlg32

GetSaveFileNameA
GetOpenFileNameW
PrintDlgA
ChooseFontA

advapi32

RegisterServiceCtrlHandlerW
RegRestoreKeyA
RegSetValueW
EnumServicesStatusA
SetPrivateObjectSecurity
QueryServiceLockStatusW
RegQueryValueA
ImpersonateNamedPipeClient
RegisterEventSourceA
CryptGetUserKey
RegCloseKey
GetNamedSecurityInfoW
ChangeServiceConfigA
DeleteAce
CryptDeriveKey
StartServiceCtrlDispatcherA
RegSetValueExW
LookupPrivilegeNameA
CryptVerifySignatureW
LookupAccountSidA
RegRestoreKeyW
ImpersonateSelf
RegisterEventSourceW
CryptAcquireContextW
CryptSetKeyParam
GetSecurityDescriptorOwner
RegQueryInfoKeyA
GetAce
StartServiceW
SetSecurityInfo
CryptReleaseContext
GetCurrentHwProfileW
RegGetKeySecurity
IsValidAcl
GetSecurityDescriptorSacl
CryptSignHashW
GetLengthSid
CryptHashData
RegNotifyChangeKeyValue

shell32

SHGetPathFromIDListA
SHGetSpecialFolderPathW
SHBrowseForFolderA
SHGetPathFromIDListW

ole32

IsAccelerator
CoQueryClientBlanket
StgOpenStorage
BindMoniker
CoInitializeSecurity
DoDragDrop

oleaut32

VariantChangeType
VariantChangeTypeEx
SafeArrayGetElement
VariantInit
QueryPathOfRegTypeLi

setupapi

SetupInstallServicesFromInfSectionA
SetupDiOpenDevRegKey
SetupDiOpenDeviceInfoW

Sections

.text
Size: 280KB - Virtual size: 276KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5e5837e02df7c5623677a36f8dd1fb4d

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

setupapi

Sections

.text Size: 280KB - Virtual size: 276KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 12KB - Virtual size: 11KB

.text
Size: 280KB - Virtual size: 276KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 12KB - Virtual size: 11KB