2af6e0676fdd32fc5df98e246633a08d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2af6e0676fdd32fc5df98e246633a08d_JaffaCakes118
Size

186KB
MD5

2af6e0676fdd32fc5df98e246633a08d
SHA1

8f3fc6908914a445a4cfc1556593512ed9b72478
SHA256

789793364f84f4f066d8e7ff06504ed28497c9a97a28ac648f3d5182f57ed710
SHA512

8a40ceaaaebcda8bbd19e0a3992d94281a64439310f2d3318dc3b13afa1c6d2f804eaa42507f8ab9d82684f1448a96985e0a04164dea7436e631ff4cb09db2b2
SSDEEP

3072:jW82GEV0fIv43GRmoiO2EHKhfyMt3r6CDXQ0jItnBaFmAU:15Vf93wQ8HKd9t3r6CDA0UemA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2af6e0676fdd32fc5df98e246633a08d_JaffaCakes118

Files

2af6e0676fdd32fc5df98e246633a08d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cf9a89ef647bdd8f2fcdead9e62a678e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32

TranslateMessage
GetTopWindow
GetDC
GetMenu
TranslateMDISysAccel
SystemParametersInfoA
GetCursor
CharNextA
IsCharUpperA
GetSysColorBrush

kernel32

CreateThread
GetFileType
VirtualAllocEx
VirtualFree
GetOEMCP
GetLocaleInfoA
LocalFree
GetCommandLineW
GetSystemDefaultLangID
GetStartupInfoA
HeapFree
GetThreadLocale
GetVersion
GlobalAlloc
GetDateFormatA
FindResourceA
lstrcpyA
FindClose
SizeofResource
GetLocalTime
LoadResource
GetDiskFreeSpaceA
DeleteFileA
IsBadReadPtr
GetCPInfo
WriteFile
SetEvent
GetCommandLineA
ExitProcess
ResetEvent
CreateEventA
RaiseException
GetCurrentProcess
EnumCalendarInfoA
SetLastError
VirtualAlloc
SetHandleCount
GetProcAddress
LocalReAlloc
GetStdHandle
FindFirstFileA
lstrlenA
WaitForSingleObject
GetLastError
CompareStringA
FreeResource
FormatMessageA
Sleep
FreeLibrary
CloseHandle
GetProcessHeap

shlwapi

SHStrDupA
SHEnumValueA
PathIsDirectoryA
PathFileExistsA

Exports

Exports

_8ee
_C@20
D8@24
bD@8
_y
OtM
_G
Aml
b@20
_U@24
4@24
_aQ
t@16
_Zy@4
_n@4
_vG@24

Sections

.text
Size: 19KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 144KB - Virtual size: 148KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 1KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

bbs
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cf9a89ef647bdd8f2fcdead9e62a678e

Headers

File Characteristics

Imports

user32

kernel32

shlwapi

Exports

Exports

Sections

.text Size: 19KB - Virtual size: 20KB

.data Size: 144KB - Virtual size: 148KB

BSS Size: 1KB - Virtual size: 44KB

.tls Size: 1024B - Virtual size: 4KB

rdata Size: 512B - Virtual size: 4KB

.edata Size: 512B - Virtual size: 4KB

.idata Size: 2KB - Virtual size: 4KB

bbs Size: 512B - Virtual size: 4KB

.rsrc Size: 15KB - Virtual size: 16KB

.text
Size: 19KB - Virtual size: 20KB

.data
Size: 144KB - Virtual size: 148KB

BSS
Size: 1KB - Virtual size: 44KB

.tls
Size: 1024B - Virtual size: 4KB

rdata
Size: 512B - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.idata
Size: 2KB - Virtual size: 4KB

bbs
Size: 512B - Virtual size: 4KB

.rsrc
Size: 15KB - Virtual size: 16KB