2de3921ba9cabc3bb6203766eed94b73_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2de3921ba9cabc3bb6203766eed94b73_JaffaCakes118
Size

1.2MB
MD5

2de3921ba9cabc3bb6203766eed94b73
SHA1

6f3b9a4933bff9907573f2282abae3fe697b94cf
SHA256

c390b6dcc0fd18fb31b64e56f9ffc14fc8e5aef187d306681a118f656caab94d
SHA512

b18503a43e584cd86091c714661503e8d1760acfaebe1e08cf8aa877b0c60a271a9b2243dda3825f3eab8307a1c0b15e6d374f4ecf7e44011a333ca29be6aa0b
SSDEEP

12288:2uoXUrYpV/Luk7zkk2IDFG4ACLZL9Fh6LtNkjOwbQXHwM/b25QGE3zJUuEZZf5nC:pUUrYKLXv/bGQGE3FUTf32suLg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2de3921ba9cabc3bb6203766eed94b73_JaffaCakes118

Files

2de3921ba9cabc3bb6203766eed94b73_JaffaCakes118
.exe windows:4 windows x86 arch:x86

224b1cfc518d183461722fd32e949ad3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
GetLocalTime
GetProcAddress
GetUserDefaultLangID
GetCommandLineA
GetModuleFileNameA
GetVersionExA
GetVersion
ExitProcess
GetExitCodeProcess
GetACP
WaitForSingleObject
SetCurrentDirectoryA
CreateProcessA
CreateDirectoryA
SetConsoleTitleA
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
GetWindowsDirectoryA
FindResourceA
SizeofResource
GetDiskFreeSpaceA
GetFullPathNameA
FreeConsole
SetVolumeLabelA
SetEndOfFile
SetLocalTime
WritePrivateProfileStringA
RemoveDirectoryA
FindClose
GetVolumeInformationA
GetLogicalDrives
FindFirstFileA
CopyFileA
MoveFileA
FileTimeToSystemTime
LocalFileTimeToFileTime
SystemTimeToFileTime
FileTimeToLocalFileTime
GetDriveTypeA
FindNextFileA
GetPrivateProfileStringA
LoadResource
LockResource
LoadLibraryA
SetFilePointer
SetFileAttributesA
GetFileAttributesA
SetFileTime
GetFileSize
ReadFile
GetStdHandle
lstrlenW
CompareStringA
CloseHandle
GetCurrentDirectoryA
GetTempPathA
GetTempFileNameA
MultiByteToWideChar
VirtualAlloc
VirtualFree
DeleteFileA
AllocConsole
WideCharToMultiByte
CreateFileA
lstrlenA
WriteFile
RaiseException

user32

GetDC
GetCursorPos
PostQuitMessage
DefWindowProcA
ReleaseDC
MessageBoxA
EnableWindow
DestroyWindow
CharToOemBuffA
OemToCharBuffA
IsIconic
EndPaint
BeginPaint
FillRect
SetKeyboardState
GetKeyboardState
PeekMessageA
DispatchMessageA
TranslateMessage
GetMessageA
KillTimer
SetTimer
SetWindowPlacement
GetWindowPlacement
SetCursor
GetWindow
LoadIconA
ShowWindow
InvalidateRect
IsWindow
LoadCursorA
RegisterClassA
CreateWindowExA
SetWindowLongA
AdjustWindowRectEx
GetClassNameA
SystemParametersInfoA
SetWindowPos
SetForegroundWindow
GetForegroundWindow
GetSystemMetrics
LoadKeyboardLayoutA
GetDlgItem
SetWindowTextA
GetWindowTextLengthA
GetWindowTextA
CharLowerA
CharUpperA
CreateCursor
DestroyIcon
DestroyCursor
GetWindowLongA
SetFocus
ScreenToClient
GetKeyState
GetAsyncKeyState
ClientToScreen
MoveWindow
SendMessageA
IsZoomed
GetClientRect
ShowCursor
EndDialog
UpdateWindow
DialogBoxParamA
GetWindowRect
GetSysColor

gdi32

CreateSolidBrush
CreatePalette
SetBkColor
SetTextColor
StretchDIBits
SetStretchBltMode
RealizePalette
SelectPalette
CreateFontA
GetStockObject
DeleteDC
GetDIBits
TextOutA
GetTextExtentPoint32A
SelectObject
CreateCompatibleDC
CreateBitmap
BitBlt
CreateCompatibleBitmap
GetDeviceCaps
CreateDCA
CreateHatchBrush
EnumFontFamiliesA
DeleteObject

msacm32

acmFormatSuggest
acmStreamOpen
acmStreamSize
acmStreamPrepareHeader
acmStreamConvert
acmStreamUnprepareHeader
acmStreamClose

winmm

waveOutGetPosition
waveOutWrite
waveOutPrepareHeader
waveOutUnprepareHeader
waveOutReset
waveOutRestart
waveOutPause
joyGetDevCapsA
joyGetPos
waveOutClose
waveOutOpen
mciSendCommandA

comdlg32

GetSaveFileNameA
GetOpenFileNameA

comctl32

ord6

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA

shell32

ExtractIconA

Sections

.text
Size: 184KB - Virtual size: 182KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.petprg
Size: 1020KB - Virtual size: 1020KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.jgd
Size: - Virtual size: 1B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

224b1cfc518d183461722fd32e949ad3

Headers

File Characteristics

Imports

kernel32

user32

gdi32

msacm32

winmm

comdlg32

comctl32

advapi32

shell32

Sections

.text Size: 184KB - Virtual size: 182KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 4KB - Virtual size: 7KB

.rsrc Size: 32KB - Virtual size: 31KB

.petprg Size: 1020KB - Virtual size: 1020KB

.jgd Size: - Virtual size: 1B

.text
Size: 184KB - Virtual size: 182KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 4KB - Virtual size: 7KB

.rsrc
Size: 32KB - Virtual size: 31KB

.petprg
Size: 1020KB - Virtual size: 1020KB

.jgd
Size: - Virtual size: 1B