2ab17b9e6075476b1ea2bfb09b066b09_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2ab17b9e6075476b1ea2bfb09b066b09_JaffaCakes118
Size

260KB
MD5

2ab17b9e6075476b1ea2bfb09b066b09
SHA1

06a9768526228ace0949ff95560af81326be5790
SHA256

6ad5bfee10def66a5552e54c80df51fa5bc8631d1cc4c982275dd04aac57ff8a
SHA512

7e4d572cb88f99658e91540b79f8ce7b54deb5a9f9d699290a952534070e7956b1cdc7e299d97ccc668cc78ed5a1470e921961ee3f812b72f6b2c6aafe11f69b
SSDEEP

6144:f2xiXg2Ti8b6gj4zsTZ+YRdQgDMd4eso6y8a:FFT76gj4zuZ+YR/odbv8a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ab17b9e6075476b1ea2bfb09b066b09_JaffaCakes118

Files

2ab17b9e6075476b1ea2bfb09b066b09_JaffaCakes118
.exe windows:4 windows x86 arch:x86

643dd604331a921b3d41226a0e55b47a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AddAtomW
AddAtomA
GetExpandedNameW
LoadLibraryExA
GetFileAttributesW
GetFileAttributesA
GetVersion
Sleep
CreateMutexW
lstrcmpiW
GlobalGetAtomNameA
EnumTimeFormatsA
SearchPathA
CreateEventA
CreateSemaphoreW
CreateNamedPipeA
GetLongPathNameA
lstrcatA
CopyFileExA
WinExec
FatalAppExitW
GetLocaleInfoA
FileTimeToLocalFileTime
GetAtomNameW
GetShortPathNameW
SetEvent
BeginUpdateResourceW
EnumCalendarInfoW
ConnectNamedPipe
ExitProcess
OpenEventW
IsBadCodePtr
GetExitCodeThread
Beep
IsBadWritePtr
IsValidLocale
GetCPInfo
lstrlenW
GetDateFormatA
FileTimeToSystemTime
DuplicateHandle
RaiseException
GetACP
GetStringTypeA
SetCalendarInfoA
SystemTimeToFileTime
CreateNamedPipeW
CopyFileA
GetThreadPriority
MultiByteToWideChar
FindAtomW
MulDiv
SetCurrentDirectoryA
GetMailslotInfo
lstrcpyA
GetTempPathA
GetCurrentDirectoryW
GetCurrentProcessId
GetComputerNameA
GetTimeFormatW
CreateMailslotA
GetProcAddress
GetLogicalDrives
GetOEMCP
GetEnvironmentStringsA
GetStartupInfoW
ReadDirectoryChangesW
FileTimeToDosDateTime
OpenSemaphoreA
lstrcmpiA
SetLocaleInfoW
IsValidCodePage
GlobalGetAtomNameW

user32

DefWindowProcW
UnregisterClassA
SetCursor
wsprintfW
IsMenu
DialogBoxIndirectParamA
EndDialog
GetSysColorBrush
CreateDialogParamW
ShowCursor
CharPrevW
LoadCursorA
SetDlgItemTextW
GetMenu
CreateDesktopA
CreateDesktopW
CharUpperW
DialogBoxParamA
GetWindowRgn
MonitorFromPoint
GetAsyncKeyState
WaitForInputIdle
EnableMenuItem
AppendMenuW
MoveWindow
WinHelpA
CreateWindowExA
LoadMenuA
FindWindowA
PeekMessageA
MessageBoxA
CharLowerW
IsDlgButtonChecked
PostQuitMessage
SetFocus
GetSubMenu
LoadCursorW
CreatePopupMenu
GetScrollPos
mouse_event
RegisterWindowMessageW
CreateDialogIndirectParamW
InsertMenuItemA
GetClassInfoExW
IsChild
LoadImageW
ShowCaret
LoadBitmapW
wvsprintfA
SetForegroundWindow
DefWindowProcA
LoadMenuW
GetActiveWindow
GetMenuItemID
CharNextA
GetClassInfoA
GetMessageW
CharUpperA

gdi32

CreatePatternBrush
DeleteObject
CreateColorSpaceA
GetTextExtentPointW
CreateFontIndirectExA
CreatePolyPolygonRgn
AddFontResourceW
CreateBrushIndirect
StretchDIBits
GetMetaFileW
CreateFontA
SetEnhMetaFileBits
TranslateCharsetInfo
CreateICA
CreateICW
CreateBitmapIndirect
CreateDIBPatternBrushPt
CreateRectRgn
GetMetaFileA
GetTextExtentPointA
CreateCompatibleDC
CreateBitmap
SelectBrushLocal
SetWinMetaFileBits
CreateScalableFontResourceA

shell32

StrNCmpW
StrRStrW
ShellExecuteExW
StrCmpNA
SHGetFolderLocation

shlwapi

SHGetInverseCMAP
PathIsSystemFolderW
PathRemoveFileSpecW
PathStripPathA
StrCatW
StrToIntA

setupapi

SetupQuerySourceListA
SetupDiCreateDevRegKeyW
CMP_GetServerSideDeviceInstallFlags
SetupInstallServicesFromInfSectionExW

urlmon

CoInternetGetSession
URLDownloadToCacheFileW
DllRegisterServer
GetMarkOfTheWeb
RegisterMediaTypeClass
RevokeBindStatusCallback
RegisterMediaTypes
UrlMkBuildVersion
GetClassURL

wsock32

WSApSetPostRoutine
htonl

Sections

.Uo
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.C
Size: 4KB - Virtual size: 460KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.Idu
Size: 2KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.GdrLO
Size: 5KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.qU
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qBEgmk
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.i
Size: 5KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.OJwd
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dEtjKk
Size: 11KB - Virtual size: 336KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.D
Size: 3KB - Virtual size: 96KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

643dd604331a921b3d41226a0e55b47a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

shlwapi

setupapi

urlmon

wsock32

Sections

.Uo Size: 9KB - Virtual size: 8KB

.C Size: 4KB - Virtual size: 460KB

.Idu Size: 2KB - Virtual size: 13KB

.GdrLO Size: 5KB - Virtual size: 87KB

.qU Size: 88KB - Virtual size: 88KB

.qBEgmk Size: 12KB - Virtual size: 12KB

.i Size: 5KB - Virtual size: 23KB

.OJwd Size: 92KB - Virtual size: 92KB

.dEtjKk Size: 11KB - Virtual size: 336KB

.D Size: 3KB - Virtual size: 96KB

.rsrc Size: 6KB - Virtual size: 5KB

.reloc Size: 1024B - Virtual size: 1024B

.Uo
Size: 9KB - Virtual size: 8KB

.C
Size: 4KB - Virtual size: 460KB

.Idu
Size: 2KB - Virtual size: 13KB

.GdrLO
Size: 5KB - Virtual size: 87KB

.qU
Size: 88KB - Virtual size: 88KB

.qBEgmk
Size: 12KB - Virtual size: 12KB

.i
Size: 5KB - Virtual size: 23KB

.OJwd
Size: 92KB - Virtual size: 92KB

.dEtjKk
Size: 11KB - Virtual size: 336KB

.D
Size: 3KB - Virtual size: 96KB

.rsrc
Size: 6KB - Virtual size: 5KB

.reloc
Size: 1024B - Virtual size: 1024B