2e3e420c37cf4ddb5e5ab7fbf79dfac2_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2e3e420c37cf4ddb5e5ab7fbf79dfac2_JaffaCakes118
Size

670KB
MD5

2e3e420c37cf4ddb5e5ab7fbf79dfac2
SHA1

41543a870435dd28601fe7f7f15c7e964e203a1a
SHA256

ad192d9dbfea52deec660605dda7f9bd1ef5971b5b29cd81c11ddc9d0ba2c781
SHA512

8197a6bbc623a826a891c495d632539e605ac8751d92a8410d15ea07030fdd406046e8c191c6e8145b12e3272b33a1026cf8fe1ad84bfc0f2fe9f4b61a7bad67
SSDEEP

12288:W917h5kFqcKoN2ZiZkFyjF4aoOy9howoHP9SML6ACK0oxUUJTum14vwG:W9115kriZ2kAx8o5vgMDC+xUUNl14v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e3e420c37cf4ddb5e5ab7fbf79dfac2_JaffaCakes118

Files

2e3e420c37cf4ddb5e5ab7fbf79dfac2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3f9059f066a89b12b35e2c16b8a4588a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

h:\yksatefeey\aahrh\lhd.PDB

Imports

advapi32

CryptImportKey
CryptSetProviderExW
RegOpenKeyExW
CryptDuplicateHash
CryptDuplicateKey
RegQueryValueExA
RegCreateKeyW
CryptGetHashParam
CreateServiceW
CryptAcquireContextW
RegOpenKeyW
AbortSystemShutdownW
RegRestoreKeyA

kernel32

GetStartupInfoW
IsDebuggerPresent
VirtualQuery
VirtualQueryEx
EnumSystemLocalesA
LoadLibraryW
GetFileType
QueryPerformanceCounter
GetStartupInfoA
SetConsoleCtrlHandler
TlsFree
EnterCriticalSection
GetModuleFileNameW
VirtualAlloc
GetLocaleInfoW
FlushFileBuffers
GetSystemTime
GetSystemTimeAsFileTime
TlsSetValue
WriteConsoleA
OutputDebugStringW
GetCurrentProcess
InterlockedExchange
GetUserDefaultLCID
GetTimeFormatA
GetProcAddress
GetCurrentThread
GetProcessHeap
FreeEnvironmentStringsW
SetHandleCount
TlsAlloc
GetConsoleMode
WideCharToMultiByte
EnumResourceTypesA
GetLastError
ExitProcess
GetLocaleInfoA
GetCurrentDirectoryW
GetACP
GetCurrentThreadId
TlsGetValue
ReadFile
SleepEx
OpenMutexA
GetCurrentProcessId
FindClose
HeapReAlloc
RaiseException
SetFilePointer
WriteConsoleW
HeapCreate
CompareStringA
FreeLibrary
SetStdHandle
VirtualFree
WriteFile
OutputDebugStringA
FreeEnvironmentStringsA
GetTimeZoneInformation
DeleteCriticalSection
SetLastError
GetModuleFileNameA
InitializeCriticalSection
CreateMutexA
HeapAlloc
lstrlenA
IsValidCodePage
CompareStringW
SetEnvironmentVariableA
GetModuleHandleA
HeapDestroy
GetCommandLineW
IsValidLocale
GetConsoleCP
LoadLibraryA
GetOEMCP
DebugBreak
UnhandledExceptionFilter
GetEnvironmentStringsW
InterlockedDecrement
SetUnhandledExceptionFilter
GetConsoleOutputCP
CloseHandle
GetStringTypeW
LCMapStringA
GetTickCount
GetCommandLineA
LCMapStringW
IsBadReadPtr
MultiByteToWideChar
GetCPInfo
CreateWaitableTimerA
LeaveCriticalSection
GetEnvironmentStrings
TerminateProcess
RtlUnwind
HeapValidate
FindAtomW
GetStdHandle
lstrlenW
DeleteFileA
GetVersionExA
CreateFileA
InterlockedIncrement
GetStringTypeA
LocalReAlloc
GetDateFormatA
HeapFree

comdlg32

PageSetupDlgW
ReplaceTextW
GetFileTitleA

comctl32

InitCommonControlsEx

wininet

FindNextUrlCacheGroup
InternetOpenW
FindNextUrlCacheEntryExW
FindFirstUrlCacheEntryExW
SetUrlCacheEntryGroupA
InternetGetCookieA

user32

RegisterClassExA
CharUpperA
LoadBitmapW
SetWindowWord
SetScrollPos
WindowFromPoint
IsRectEmpty
GetMonitorInfoA
RegisterClassA
SystemParametersInfoW
DefWindowProcW
GetWindowRgn
InsertMenuA
GetSystemMenu
MessageBeep
CharPrevA
ChangeDisplaySettingsExA
SetDebugErrorLevel
CallNextHookEx

gdi32

CreateMetaFileW
PlayMetaFileRecord
SetRectRgn
GetMetaFileW
ExtCreateRegion
Rectangle
CreateRectRgnIndirect
GetSystemPaletteUse
ExcludeClipRect
GdiPlayDCScript

Sections

.text
Size: 478KB - Virtual size: 478KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 69KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 107KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3f9059f066a89b12b35e2c16b8a4588a

Headers

File Characteristics

PDB Paths

Imports

advapi32

kernel32

comdlg32

comctl32

wininet

user32

gdi32

Sections

.text Size: 478KB - Virtual size: 478KB

.rdata Size: 69KB - Virtual size: 76KB

.data Size: 107KB - Virtual size: 106KB

.rsrc Size: 14KB - Virtual size: 14KB

.text
Size: 478KB - Virtual size: 478KB

.rdata
Size: 69KB - Virtual size: 76KB

.data
Size: 107KB - Virtual size: 106KB

.rsrc
Size: 14KB - Virtual size: 14KB