2a941d2b4a0fae16adf1170bdec49a89_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2a941d2b4a0fae16adf1170bdec49a89_JaffaCakes118
Size

300KB
MD5

2a941d2b4a0fae16adf1170bdec49a89
SHA1

6daffb301a6538818c0a1c90acc1a6e3e2fc6940
SHA256

c6659afbdd3d305d6a599dc7fca15a4b28ea9b596c5c82fc3344b7a3b2241793
SHA512

35ce4a5f8bf6b32a6f97cbfdd23d305652565b13026771bf70bc868c987b3d837f0d22aa95d90dfe54b1964e0b168d0f5739236818e316cec89171e0636976f4
SSDEEP

6144:8kkk+R1fNQLQ3RpPXnvCSER4vZWJwITEIbK9jsM8PXO:39+R1d3XPXnAR4vZWCIK97J

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a941d2b4a0fae16adf1170bdec49a89_JaffaCakes118

Files

2a941d2b4a0fae16adf1170bdec49a89_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b4515067dabf1c30a883891b53b05edf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleA
SetThreadAffinityMask
EnumSystemCodePagesA
GetPrivateProfileStringW
GetOEMCP
WriteConsoleOutputCharacterA
MoveFileW
SetCurrentDirectoryA
TlsGetValue
ReleaseSemaphore
SetThreadLocale
DuplicateHandle
GetEnvironmentStringsW
LocalAlloc
FindFirstFileA
GetConsoleMode
SetSystemTime
CloseHandle
GetCurrentDirectoryW
QueryDosDeviceW
VirtualQueryEx
GetSystemDirectoryW
VirtualFree
GetComputerNameW
GetBinaryTypeA
SetCommTimeouts
GlobalAddAtomW
GetDiskFreeSpaceExA
EraseTape
GetOverlappedResult
EnumCalendarInfoW
CompareStringW
MultiByteToWideChar
GetUserDefaultLCID
FlushConsoleInputBuffer
SetConsoleActiveScreenBuffer
PeekConsoleInputW
_lopen
LocalReAlloc
GetVersionExA
EnumSystemCodePagesW
GetCommConfig
ReadConsoleA
LCMapStringA
FlushFileBuffers
WriteConsoleOutputW
ReadFile
GetCompressedFileSizeW
GetTempPathW
IsProcessorFeaturePresent
LoadResource
OutputDebugStringA
LoadLibraryExA
OpenSemaphoreW
CreateDirectoryA
SetMailslotInfo
GetHandleInformation
FreeLibraryAndExitThread
SearchPathW
SetStdHandle
GetSystemDefaultLangID
CreateDirectoryW
EnumCalendarInfoA
FreeResource
GetDriveTypeW
CreateIoCompletionPort
ReadConsoleInputW
SetConsoleWindowInfo
DosDateTimeToFileTime
FreeLibrary
GetCommandLineA
ReadDirectoryChangesW
WriteProcessMemory
_lread
GetTapeStatus
ReadConsoleOutputA
GlobalAddAtomA
GetCurrentProcessId
DeleteCriticalSection
GetStringTypeExW
lstrlenA
VirtualProtect
GetFileAttributesA
ExitProcess

user32

InflateRect
GetUserObjectSecurity
DrawAnimatedRects
VkKeyScanA
GetKeyboardLayoutNameW
GetClipCursor
GetMenuItemRect
SendMessageTimeoutA
SendInput
LookupIconIdFromDirectory
GetWindowLongA
CopyAcceleratorTableA
SetMenuItemInfoW
GetClientRect
SetWindowTextA
DrawTextExA
VkKeyScanW
EnumChildWindows
WaitForInputIdle
InvalidateRgn
SetPropA
DrawCaption
ChangeDisplaySettingsW
CharToOemW
GetClassNameA
GetAncestor
SetClassLongW
MessageBoxW
LoadIconA
CharNextA

gdi32

EndPage
GetTextCharset
SetTextColor
GetCharWidth32A
OffsetClipRgn
SetPixelFormat
GetTextExtentPointA
ExtSelectClipRgn

comdlg32

PageSetupDlgW
GetOpenFileNameW
PrintDlgA
GetFileTitleW

advapi32

RegLoadKeyW
OpenServiceW
DuplicateTokenEx
LookupAccountNameW
CryptEncrypt
ReportEventW
SetKernelObjectSecurity
InitializeSid
DuplicateToken
RegCreateKeyExW
RegEnumKeyW
RegisterServiceCtrlHandlerW
RegQueryValueA
SetSecurityDescriptorGroup
InitializeAcl
RegSetKeySecurity
CryptGetKeyParam
RegEnumValueA
CryptReleaseContext
GetSidSubAuthorityCount
CryptGenRandom
RegCreateKeyW
GetNamedSecurityInfoA
RegOpenKeyExA
GetUserNameW
AddAccessAllowedAce
GetSecurityDescriptorSacl
SetSecurityInfo
FreeSid

shell32

SHGetSpecialFolderLocation

ole32

CoRegisterClassObject
CoCreateInstanceEx

oleaut32

SafeArrayGetElement

comctl32

ImageList_GetIconSize
ImageList_AddMasked
ImageList_GetImageInfo
ord17

setupapi

SetupFindNextLine

Sections

.text
Size: 284KB - Virtual size: 282KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 892B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b4515067dabf1c30a883891b53b05edf

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

setupapi

Sections

.text Size: 284KB - Virtual size: 282KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 892B

.text
Size: 284KB - Virtual size: 282KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 892B