2ae1dbea36981367034e70ebcff9b9c1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2ae1dbea36981367034e70ebcff9b9c1_JaffaCakes118
Size

280KB
MD5

2ae1dbea36981367034e70ebcff9b9c1
SHA1

20e1f5e29ee67eb3f7cbf468735885cc2ec6a65f
SHA256

9bdf2f269d231259e1827578deb58f7e4ddc9947908b62bc08dcba2f226bb729
SHA512

0bb072298f95c4670024f82b0f3f4248f7abc394ea618bd9568eb340fe5b09f574512eefbcd86734cf66cfbf0949b6c9642b73d77cdb84652550f11d69095fa7
SSDEEP

6144:MkEhsNEqg1PcgV1WfzoPLhhn68XzsF2x3sv3:MkEs5g67LoPLPn6a9cv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ae1dbea36981367034e70ebcff9b9c1_JaffaCakes118

Files

2ae1dbea36981367034e70ebcff9b9c1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3d0c4dda451458ab361fe50dee69ea6a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsProcessorFeaturePresent
CreateDirectoryA
PurgeComm
GetModuleHandleA
lstrcatW
GetLocaleInfoW
EraseTape
GetBinaryTypeA
CreateFileW
SwitchToFiber
FindResourceExA
SetMailslotInfo
GetTickCount
VirtualLock
WriteConsoleOutputW
GetSystemInfo
EnumResourceLanguagesW
GetLogicalDriveStringsA
TlsGetValue
UnhandledExceptionFilter
WriteFile
VirtualProtect
GetVersionExA
GetVolumeInformationW
FreeLibraryAndExitThread
GetHandleInformation
OpenMutexA
GetFileAttributesExA
GetCommandLineW
GetDriveTypeA
_lread
CloseHandle
GlobalAddAtomW
GetSystemTimeAsFileTime
SetTimeZoneInformation
CreateDirectoryExA
UnmapViewOfFile
MoveFileExA
GetCommConfig
LoadResource
GetFileAttributesA
VirtualAlloc
SetFileTime
SuspendThread
GetUserDefaultLangID
_hread
FindCloseChangeNotification
DuplicateHandle
ScrollConsoleScreenBufferA
IsBadWritePtr
GetTapeParameters
VirtualQuery
GetSystemTime
GetSystemTimeAdjustment
SetConsoleCursorPosition
EnumCalendarInfoA
ExitThread
CreateWaitableTimerA
GetNumberFormatW
RaiseException
CreateMutexA
GetEnvironmentStringsW
WritePrivateProfileSectionW
GetCurrentProcessId
ReadFileScatter
GetStartupInfoA

user32

GetKeyboardType
CallWindowProcA
GetProcessWindowStation
WinHelpA
EnumThreadWindows
SetDlgItemTextW
EnumDesktopsA
SetMenuItemInfoA
GetKeyNameTextW
GetMenuItemInfoA

gdi32

CreateEllipticRgnIndirect
GetCharWidth32A
PolyBezierTo
GetDeviceCaps
GetEnhMetaFileHeader
BitBlt
CreateBitmap
EnumFontFamiliesW
FillRgn
FillPath
GetGlyphOutlineW

comdlg32

FindTextW
PrintDlgA
ChooseFontA

advapi32

CryptExportKey
ChangeServiceConfigW
OpenEventLogW
CryptGetKeyParam
ImpersonateLoggedOnUser
RegCreateKeyW
RegUnLoadKeyW
RegConnectRegistryW
SetServiceObjectSecurity
StartServiceCtrlDispatcherA
BuildSecurityDescriptorW
CreateServiceA
RegSetKeySecurity
OpenSCManagerA
RegQueryInfoKeyW
CryptCreateHash
RegOpenKeyExW
RegLoadKeyA
RegDeleteKeyA
SetFileSecurityW
CloseServiceHandle
GetUserNameA
LockServiceDatabase
CreateServiceW
QueryServiceStatus
GetSidLengthRequired
GetUserNameW
FreeSid
ObjectCloseAuditAlarmW

shell32

DragAcceptFiles
DragQueryPoint
SHGetPathFromIDListA

ole32

GetRunningObjectTable

oleaut32

VariantCopy
SafeArrayCreate
VariantChangeType
SafeArrayGetElement
SafeArrayRedim
SafeArrayUnaccessData
SysAllocStringLen
SafeArrayPutElement

shlwapi

StrFormatByteSizeW
PathRelativePathToA
PathCompactPathW
PathRemoveBackslashA
PathUnquoteSpacesA
PathFindFileNameW
StrChrIW
SHRegSetUSValueW
SHDeleteKeyW
StrCmpNA
ChrCmpIW
UrlApplySchemeW

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 264KB - Virtual size: 263KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3d0c4dda451458ab361fe50dee69ea6a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

msvcrt

Sections

.text Size: 4KB - Virtual size: 3KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 264KB - Virtual size: 263KB

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 264KB - Virtual size: 263KB