2a55e2bd72e8ef8b9cfc3396fc67573f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2a55e2bd72e8ef8b9cfc3396fc67573f_JaffaCakes118
Size

196KB
MD5

2a55e2bd72e8ef8b9cfc3396fc67573f
SHA1

47f1a5dd9c0214faeddee53ef47940f8b7d635d8
SHA256

0ea90aab4ed35f7375707b5300cb53495f7904626e0311f5af67f159dbdd9bc2
SHA512

45397288e59044f47810295c1a579026dae0b9b53b289a95ac852403c4bc299cf04e49f6fc281f2958fc3c362448eafff9f1983963a681ad0304f85fdecf84f6
SSDEEP

6144:k9HTNSMk6piFKT1hBXCN/YM3LeraQ67Cbsfa:k9skiFKTfusY7C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a55e2bd72e8ef8b9cfc3396fc67573f_JaffaCakes118

Files

2a55e2bd72e8ef8b9cfc3396fc67573f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a36ffbb7dbd84e2b9f46351fc855dd3a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

msvfw32

ICInfo

advapi32

CryptReleaseContext
CryptAcquireContextA
CryptGetHashParam
CryptHashData
CryptCreateHash
CryptDestroyHash

psapi

GetProcessMemoryInfo

user32

CharNextA
wsprintfW
MonitorFromWindow
CharNextW

imagehlp

ImageRvaToVa
ImageNtHeader
ImageGetDigestStream
ImageDirectoryEntryToData

kernel32

_lread
DebugBreak
CreateFileW
GetVersionExA
DeleteFileA
FindResourceExW
ExitProcess
GetSystemTimeAsFileTime
InterlockedDecrement
UpdateResourceW
LeaveCriticalSection
GetOEMCP
InterlockedIncrement
GetProcessHeap
GetCurrentDirectoryW
RaiseException
FindNextFileA
GlobalAlloc
GetFullPathNameW
FindClose
CreateDirectoryA
CreateFiberEx
CreateFileMappingA
AreFileApisANSI
_llseek
EscapeCommFunction
ReadFile
WriteFile
DeleteCriticalSection
BeginUpdateResourceW
EnumResourceLanguagesW
FreeLibrary
CreateDirectoryW
HeapSize
GetCurrentThreadId
InterlockedExchange
SetLastError
InterlockedCompareExchange
EnumResourceTypesW
GetCurrentProcess
GlobalFree
GetFileSize
EndUpdateResourceW
QueryPerformanceCounter
UnmapViewOfFile
HeapDestroy
GetStringTypeExW
GetFileAttributesW
UnhandledExceptionFilter
MapViewOfFile
LoadResource
HeapReAlloc
LoadLibraryA
EnterCriticalSection
GetVersion
CloseHandle
CopyFileA
EnumResourceNamesA
_lwrite
SetFileAttributesA
lstrlenW
LoadLibraryExA
DeleteFileW
SizeofResource
OutputDebugStringA
lstrcmpiA
InitializeCriticalSection
HeapAlloc
GetTempPathW
GetSystemDirectoryA
GlobalUnlock
GetCurrentProcessId
FatalExit
LockResource
GetACP
CreateFileA
FindFirstFileA
WideCharToMultiByte
GetLocaleInfoA
FindResourceW
GetProcAddress
IsDebuggerPresent
CopyFileW
SetEndOfFile
_lclose
GetEnvironmentVariableA
GetFileAttributesA
EnumResourceNamesW
LoadLibraryExW
SetUnhandledExceptionFilter
SetFileAttributesW
RemoveDirectoryA
GetModuleHandleW
MoveFileW
SetFilePointer
Sleep
HeapFree
GetTempFileNameW
MultiByteToWideChar
RemoveDirectoryW
FindFirstFileW
GetVersionExW
FreeResource
GetFullPathNameA
GetThreadLocale
GlobalLock
GetFileInformationByHandle
GetTickCount
GetLastError
GetCommandLineW
FormatMessageW
lstrlenA
LocalFree
TerminateProcess
FindNextFileW
lstrcpyA

shell32

CommandLineToArgvW

Sections

.text
Size: 169KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 352KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a36ffbb7dbd84e2b9f46351fc855dd3a

Headers

File Characteristics

Imports

msvfw32

advapi32

psapi

user32

imagehlp

kernel32

shell32

Sections

.text Size: 169KB - Virtual size: 168KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 21KB - Virtual size: 21KB

.lib Size: 512B - Virtual size: 352KB

.text
Size: 169KB - Virtual size: 168KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 21KB - Virtual size: 21KB

.lib
Size: 512B - Virtual size: 352KB