2aaaa3e1d36b5bda5375cc84fb8c72a2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2aaaa3e1d36b5bda5375cc84fb8c72a2_JaffaCakes118
Size

340KB
MD5

2aaaa3e1d36b5bda5375cc84fb8c72a2
SHA1

bf8bc8f196c8f5992be5d3c4e032890af19ec045
SHA256

ea0a796b55dc2d3cc6254c6454bb8b363e2c82a23a861d3d8a49f7233b92b876
SHA512

cf43f9334ab409df02dfeab554b0b92fa6f0f1801a256b3f4019ab216522ecd841127f3c65b6426b40e8693d8ddf11586493b2186d4f0d6cf591c72363700d78
SSDEEP

6144:kIYEwsQDzSpP4QwgQH51S6nwMAgPEDkKqgvylIdtjb9GJ:WRsQ6wFgQZIrMAgPEIK3y0jW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2aaaa3e1d36b5bda5375cc84fb8c72a2_JaffaCakes118

Files

2aaaa3e1d36b5bda5375cc84fb8c72a2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1b71eedd1bc202694350bd6935a46ca1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcpynA
HeapDestroy
MulDiv
GetPriorityClass
ClearCommBreak
EndUpdateResourceA
Beep
DosDateTimeToFileTime
OpenMutexW
InterlockedExchangeAdd
GetVersionExA
ExitProcess
FindFirstFileW
LocalSize
GetThreadLocale
SleepEx
SystemTimeToFileTime
RemoveDirectoryW
FindFirstFileExW
SetProcessShutdownParameters
lstrcmpW
LockFile
_lcreat
InterlockedExchange
CreateProcessA
GetDiskFreeSpaceA
FreeResource
MoveFileW
TerminateThread
CreateDirectoryExA
EnumResourceNamesW
QueryDosDeviceW
SetFileAttributesA
GetCommandLineA
VirtualProtect
CreateIoCompletionPort

user32

EnumDesktopWindows
GetTabbedTextExtentA
ScreenToClient
CharPrevW
UnregisterClassW
InflateRect
SendMessageW
AppendMenuA
DeleteMenu
SetKeyboardState
CharNextA
DrawMenuBar
DestroyCursor
SetCapture
SetMenuDefaultItem
OpenDesktopW
UnregisterDeviceNotification
SetMenu
EnumDisplayDevicesA
SetDlgItemTextW
SetWindowsHookExW
GetWindowContextHelpId
mouse_event
GetTopWindow
MsgWaitForMultipleObjectsEx
CopyAcceleratorTableW
GetMenu
DestroyAcceleratorTable
WaitForInputIdle
BeginDeferWindowPos
GetUserObjectInformationW
GetScrollPos
EndDialog
GetDC
BringWindowToTop
SetWindowWord
EnumChildWindows
GetProcessWindowStation
GetKeyboardType
MoveWindow
EnumDesktopsW
SetMenuInfo
EnumDisplayMonitors

gdi32

EndPage
UpdateColors
SetDIBitsToDevice
CreateFontIndirectA
GetNearestPaletteIndex
SwapBuffers
GetROP2
GetRegionData
GetOutlineTextMetricsW
GetOutlineTextMetricsA
SetDIBits
GetEnhMetaFileHeader

comdlg32

ReplaceTextA
PrintDlgW

advapi32

CreatePrivateObjectSecurity
PrivilegeCheck
DeleteAce
ChangeServiceConfigA
CryptEncrypt
QueryServiceObjectSecurity
RegCreateKeyExA
GetAclInformation
AddAce
InitializeAcl
CryptAcquireContextW
IsValidSecurityDescriptor

ole32

DoDragDrop
OleInitialize
CoSetProxyBlanket
OleDraw
GetHGlobalFromStream
OleSave
StgCreateDocfileOnILockBytes
OleSetContainedObject

oleaut32

SafeArrayPtrOfIndex
DispGetIDsOfNames
LoadTypeLibEx
SafeArrayAccessData
LoadTypeLi
SafeArrayCreateVector
SafeArrayCreate
SetErrorInfo
SafeArrayRedim

comctl32

CreateToolbarEx
ImageList_Replace
ImageList_Duplicate
ImageList_Draw

shlwapi

StrStrIW

setupapi

SetupDiGetDeviceInstallParamsW
SetupCloseFileQueue
SetupOpenAppendInfFileW
SetupFindFirstLineA
SetupDiCreateDeviceInfoList
SetupDiBuildDriverInfoList
SetupDiDeleteDeviceInfo

Sections

.text
Size: 288KB - Virtual size: 286KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1b71eedd1bc202694350bd6935a46ca1

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

ole32

oleaut32

comctl32

shlwapi

setupapi

Sections

.text Size: 288KB - Virtual size: 286KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 44KB - Virtual size: 43KB

.text
Size: 288KB - Virtual size: 286KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 44KB - Virtual size: 43KB