2ad6aa5a43f418989dd5066f813e4f00_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2ad6aa5a43f418989dd5066f813e4f00_JaffaCakes118
Size

1.6MB
MD5

2ad6aa5a43f418989dd5066f813e4f00
SHA1

e87d7d32556a4c61b78df50f3c4800b4ba3aae49
SHA256

6c7b13acc4a49f161acef24da95b835331c8887af4aff095d0d5e9753eadd701
SHA512

e5f5af090bad69dbe5ab9c1daf901f009f1837b265a8eab4557332d470237ba16269ffbd7a1739a6afe85b1ab3c2b5a053b390176cf7e7ffe6e79007754f9f37
SSDEEP

49152:5Dt12214UpebUun30JJ7ackGhcBUrMV0TWVF:5Dt1R7nuy7ackRExTWP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ad6aa5a43f418989dd5066f813e4f00_JaffaCakes118

Files

2ad6aa5a43f418989dd5066f813e4f00_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dc012022656895c7c5a27c4de32986b6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

m:\axbqy.PDB

Imports

user32

CreateWindowExW
SetClipboardData
DefWindowProcA
DrawFrameControl
UnregisterHotKey
GetUpdateRgn
CreateIconFromResource
MessageBoxA
FlashWindow
GetMenuInfo
RegisterClassExA
DestroyWindow
IsCharAlphaA
ShowWindowAsync
RegisterClassA
InsertMenuItemA
SetClipboardViewer
ShowWindow
SetProcessDefaultLayout
SendMessageW
MapVirtualKeyExA
DdeFreeStringHandle
CharToOemBuffA
GetIconInfo
OpenWindowStationW
GetMenuItemInfoW
GetWindowRect
EnumChildWindows

comctl32

ImageList_Create
_TrackMouseEvent
ImageList_AddIcon
ImageList_ReplaceIcon
ImageList_SetIconSize
CreatePropertySheetPageA
ImageList_SetFlags
InitCommonControlsEx
ImageList_Read
ImageList_DragEnter
DrawStatusTextA

kernel32

GetProcAddress
GetCPInfo
GetStartupInfoA
LoadLibraryA
SetStdHandle
OpenFileMappingW
VirtualQuery
FreeEnvironmentStringsW
WriteConsoleA
GetCommandLineW
WaitForMultipleObjects
CreateDirectoryA
WideCharToMultiByte
GetCurrentProcessId
InterlockedDecrement
MapViewOfFile
SetEnvironmentVariableA
GetCommandLineA
GetTimeFormatW
GetModuleHandleW
SetUnhandledExceptionFilter
GetDateFormatA
SetLastError
RtlUnwind
lstrcpyW
GetUserDefaultLCID
TlsAlloc
EnumSystemLocalesA
HeapSize
GetModuleHandleA
FreeLibrary
GetModuleFileNameW
ExitProcess
GetConsoleOutputCP
GetModuleFileNameA
GetOEMCP
GetACP
GetStartupInfoW
IsBadReadPtr
MultiByteToWideChar
GetConsoleMode
GetEnvironmentStringsW
Sleep
LCMapStringW
CreateRemoteThread
QueryPerformanceCounter
GetFileType
SetHandleCount
GetStringTypeA
IsDebuggerPresent
VirtualFree
VirtualLock
WriteFile
GetTickCount
DebugBreak
ReadFile
SetConsoleCtrlHandler
GetStringTypeW
HeapValidate
CompareStringA
OutputDebugStringW
GetCurrentProcess
GetSystemTimeAsFileTime
HeapFree
CloseHandle
EnterCriticalSection
GetTimeFormatA
GetLastError
LCMapStringA
TerminateProcess
CreateMutexA
RaiseException
OutputDebugStringA
CreateFileA
OpenMutexA
TlsFree
GetStdHandle
FindNextChangeNotification
HeapDestroy
InterlockedExchange
lstrlenA
HeapAlloc
LoadLibraryW
GetCurrentThreadId
SetFilePointer
HeapReAlloc
ExpandEnvironmentStringsW
LeaveCriticalSection
GetTimeZoneInformation
VirtualAlloc
TlsSetValue
GetLocaleInfoW
GetProcessHeap
GetLocaleInfoA
TlsGetValue
GetCurrentThread
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
HeapCreate
InterlockedIncrement
WriteConsoleW
IsValidLocale
GetTempFileNameW
UnhandledExceptionFilter
GetConsoleCP
FlushFileBuffers
IsValidCodePage
CompareStringW

shell32

ExtractIconExW
FindExecutableW
SHFileOperationA

advapi32

RegConnectRegistryA
CryptDecrypt
CryptSetProviderA
RegQueryValueExA
RegQueryValueA
RegCreateKeyExW
RegSaveKeyW

gdi32

SetRectRgn
GetViewportExtEx
GetDIBits
SetTextAlign
EndPath
BitBlt
GetRasterizerCaps

comdlg32

LoadAlterBitmap
PageSetupDlgA
PageSetupDlgW

Sections

.text
Size: 457KB - Virtual size: 457KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 92KB - Virtual size: 118KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1022KB - Virtual size: 995KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dc012022656895c7c5a27c4de32986b6

Headers

File Characteristics

PDB Paths

Imports

user32

comctl32

kernel32

shell32

advapi32

gdi32

comdlg32

Sections

.text Size: 457KB - Virtual size: 457KB

.rdata Size: 92KB - Virtual size: 118KB

.data Size: 1022KB - Virtual size: 995KB

.rsrc Size: 18KB - Virtual size: 18KB

.text
Size: 457KB - Virtual size: 457KB

.rdata
Size: 92KB - Virtual size: 118KB

.data
Size: 1022KB - Virtual size: 995KB

.rsrc
Size: 18KB - Virtual size: 18KB