2e1af925100cb83d44d4b060d6a32ce8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2e1af925100cb83d44d4b060d6a32ce8_JaffaCakes118
Size

372KB
MD5

2e1af925100cb83d44d4b060d6a32ce8
SHA1

1e3c901baad102a1e496d479b02ccd615cde288a
SHA256

fd70cd930185e4f81e8d146f93d3da61079787a6091dfb05328ee21ca2fc1a31
SHA512

4128386244d62b94da741aeba57275aaf46833bc1d3d335a4fcba2d088f6f1d2cf90785f49b6652cf3934382558c229d7bc2225d03f71bb311c2e42452ee9687
SSDEEP

6144:l9lSd4RbJgiSE4RjJ9VRrybrR9ukOmG5uJ+RPGVnGywCtMahgsqckVKi2hpvsBu1:XlSORJg5EU1zMbV9ukOmOAMahgs9k0s9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e1af925100cb83d44d4b060d6a32ce8_JaffaCakes118

Files

2e1af925100cb83d44d4b060d6a32ce8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

181ec497b578a3e42a005afaf7c71ba3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentStringsW
OpenSemaphoreW
GetHandleInformation
SetProcessAffinityMask
ExitProcess
ReadConsoleA
WriteFile
DeleteCriticalSection
VirtualQueryEx
GetConsoleCursorInfo
LocalAlloc
GetSystemTime
WriteProcessMemory
GetSystemTimeAdjustment
SetThreadLocale
CreateIoCompletionPort
TryEnterCriticalSection
lstrcmpA
LoadLibraryExA
IsValidLocale
ReleaseMutex
DosDateTimeToFileTime
MoveFileExA
CloseHandle
SetErrorMode
CreateWaitableTimerA
GetLongPathNameA
GetFullPathNameA
GetFileAttributesA
GetCommandLineA
GetVersionExA
VirtualProtect

user32

AdjustWindowRectEx
DefWindowProcW
GetWindowLongW
DestroyWindow
WaitForInputIdle
GetWindowTextW
GetMessageA
CharNextW
SetRect
CallNextHookEx
GetMessageTime
CopyIcon
GetProcessDefaultLayout
GetMessageW
SetPropW
ReleaseDC
TranslateMessage
LookupIconIdFromDirectory
SetWinEventHook
GetScrollBarInfo
LoadMenuW
OpenInputDesktop
ScreenToClient
FlashWindowEx
GetUserObjectInformationW
ChangeMenuW
GetMenuItemRect
GetKeyboardLayoutList
TranslateAcceleratorA
RemoveMenu
IsCharAlphaW
GetSystemMetrics
CountClipboardFormats
GetDCEx
ToUnicodeEx
PostThreadMessageA
ModifyMenuW
GetClipboardViewer
GetSystemMenu
SetDlgItemTextW
AttachThreadInput
GetActiveWindow
UnregisterDeviceNotification
SendNotifyMessageA
GetUserObjectSecurity
BroadcastSystemMessageA
CharUpperW

gdi32

Polyline
CopyMetaFileA
CreatePatternBrush
SelectClipPath
Pie

comdlg32

GetFileTitleA

advapi32

CryptDestroyKey
RegCloseKey
BuildSecurityDescriptorW
RegEnumKeyExW
RegisterEventSourceW
CryptGenRandom
EnumDependentServicesA
QueryServiceObjectSecurity
GetAclInformation
IsValidAcl
AllocateAndInitializeSid
ChangeServiceConfigA
BuildTrusteeWithNameW
AdjustTokenPrivileges
SetServiceStatus
SetFileSecurityW
FreeSid
RegCreateKeyA
SetKernelObjectSecurity
RegEnumValueW
InitializeAcl
QueryServiceConfigA
AddAce
SetTokenInformation
DestroyPrivateObjectSecurity
GetNamedSecurityInfoA
RegQueryInfoKeyA
AddAccessAllowedAce
InitiateSystemShutdownW

shell32

ShellExecuteA
DragAcceptFiles
FindExecutableA
SHGetSpecialFolderLocation
SHFileOperationA
SHChangeNotify

ole32

OleCreate
CoReleaseMarshalData
OleSetMenuDescriptor
CoMarshalInterThreadInterfaceInStream
OleCreateLink
CLSIDFromString

oleaut32

SafeArrayRedim

shlwapi

SHRegOpenUSKeyW
SHDeleteKeyA

setupapi

SetupGetStringFieldW
SetupDiCreateDeviceInfoList
SetupCloseFileQueue
SetupLogErrorW
SetupDiCallClassInstaller
SetupDiGetClassDevsA
SetupDiClassNameFromGuidW
SetupDiRemoveDevice
SetupDiGetDeviceInfoListDetailA

Sections

.text
Size: 332KB - Virtual size: 329KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

181ec497b578a3e42a005afaf7c71ba3

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

setupapi

Sections

.text Size: 332KB - Virtual size: 329KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 28KB - Virtual size: 24KB

.text
Size: 332KB - Virtual size: 329KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 28KB - Virtual size: 24KB