2e2206536d862fd63f13eb4435ca54f1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2e2206536d862fd63f13eb4435ca54f1_JaffaCakes118
Size

620KB
MD5

2e2206536d862fd63f13eb4435ca54f1
SHA1

73ad58777fe51f8adbb90ffefba95907eab9c1fa
SHA256

4acb4a472cf12aa10b69621532c52ad7e9523288802af34112258b5f5d26f225
SHA512

ab84c8c1408e1f9d4e94cecfb7acbf54318b606fc4d824d7fd2c99bfebe40d0258ae91d9003b7765b5b7542ea3aff87f237c340b54c1f76fd5a83a95affded84
SSDEEP

12288:y1XQ8lOWOPdkcwQz4udHWmJ44u9rvq/WsUgrwJnC:8nbcwQt2W4vBsUwwnC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e2206536d862fd63f13eb4435ca54f1_JaffaCakes118

Files

2e2206536d862fd63f13eb4435ca54f1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5927bc3d1c200e9cc345e6c6e88d18f5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\molftjkte\blgso

Imports

comctl32

InitCommonControlsEx

user32

IsWindowVisible
RegisterClassA
RegisterClassExA
DefWindowProcA
RegisterWindowMessageA
CreateWindowExA

kernel32

RemoveDirectoryA
LCMapStringA
SetEnvironmentVariableA
DeleteCriticalSection
GetLastError
TlsGetValue
SetFilePointer
GetModuleFileNameA
LoadLibraryA
RtlUnwind
GetLocalTime
HeapDestroy
MultiByteToWideChar
GetTickCount
CompareStringA
WaitForDebugEvent
VirtualQuery
GetStdHandle
GetCurrentProcess
WideCharToMultiByte
CreateMutexA
GetEnvironmentStringsW
GetCommandLineW
GetCPInfo
IsValidLocale
GetVersion
FlushFileBuffers
IsBadWritePtr
HeapReAlloc
ReadFile
GetFileType
ExitProcess
LeaveCriticalSection
CloseHandle
CommConfigDialogA
SetStdHandle
GetPrivateProfileIntA
TerminateProcess
EnterCriticalSection
GetCurrentProcessId
TlsFree
GetProcAddress
GetStartupInfoA
SetHandleCount
CreateFileA
HeapCreate
GetCurrentThreadId
FreeEnvironmentStringsA
GetStartupInfoW
Sleep
RtlZeroMemory
GetSystemTime
VirtualFree
SetLastError
InterlockedIncrement
GetTimeZoneInformation
GetModuleHandleA
InterlockedExchange
InterlockedDecrement
FreeEnvironmentStringsW
GetStringTypeA
UnhandledExceptionFilter
GetVolumeInformationA
GetCurrentThread
FileTimeToLocalFileTime
GetStringTypeW
LCMapStringW
GetEnvironmentStrings
TlsSetValue
TlsAlloc
GetModuleFileNameW
QueryPerformanceCounter
OpenMutexA
VirtualAlloc
HeapFree
HeapAlloc
GetCommandLineA
GetSystemTimeAsFileTime
WriteFile
InitializeCriticalSection
CompareStringW
DosDateTimeToFileTime

Sections

.text
Size: 449KB - Virtual size: 449KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5927bc3d1c200e9cc345e6c6e88d18f5

Headers

File Characteristics

PDB Paths

Imports

comctl32

user32

kernel32

Sections

.text Size: 449KB - Virtual size: 449KB

.rdata Size: 32KB - Virtual size: 37KB

.data Size: 119KB - Virtual size: 118KB

.rsrc Size: 18KB - Virtual size: 18KB

.text
Size: 449KB - Virtual size: 449KB

.rdata
Size: 32KB - Virtual size: 37KB

.data
Size: 119KB - Virtual size: 118KB

.rsrc
Size: 18KB - Virtual size: 18KB