2ae3618e7f7befe9039adc90c47825f3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2ae3618e7f7befe9039adc90c47825f3_JaffaCakes118
Size

304KB
MD5

2ae3618e7f7befe9039adc90c47825f3
SHA1

b67622dbe5fb2bc44cc56aa6ee7e09fb90104f5d
SHA256

c9808e856ee1752b51b1424f5f34b548c125897adef511df8b75814f62954860
SHA512

1e67172fd7597865749e5d09066bfa1ddb21991aab3762f3619ac1df4b25cda629ba56247a8763597e7036df5ffc3e89020e1f22bd538dab9e1efcf1b7322919
SSDEEP

6144:XKi0sKPBK9UvJhXQK3/EYz0AfyiyQnT3ArmU2IZi+GD2:XK3s8BCUvjAA8ayiyQ09ZBGD2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ae3618e7f7befe9039adc90c47825f3_JaffaCakes118

Files

2ae3618e7f7befe9039adc90c47825f3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

09b0998152d5bb21db25de666adeaca0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalReAlloc
GetVersionExA
GetCommandLineA
lstrlenA
VirtualProtect
ExitProcess

user32

IsCharUpperW
CharPrevA
CharNextExA
CloseDesktop
PeekMessageA
MapVirtualKeyExW
GetKeyState
GetLastActivePopup
SetWindowWord
SetMenuDefaultItem
SystemParametersInfoW
CharLowerBuffA
CharLowerBuffW
GrayStringA
GetClipboardFormatNameA
EnumDisplayDevicesW
IsCharAlphaNumericW
WinHelpW
GetDesktopWindow
ReplyMessage
IsCharAlphaNumericA
ActivateKeyboardLayout
LoadCursorA
SetCursorPos
CharToOemA
ValidateRect
wvsprintfA
EnumWindowStationsW
GetCapture
ValidateRgn
GetClipCursor
EnumWindows
MsgWaitForMultipleObjects
TrackMouseEvent
CloseClipboard
SetDlgItemTextA
wvsprintfW
GetClassInfoW
ToUnicode
GetTabbedTextExtentA
GetWindowThreadProcessId
MessageBoxExA
OpenWindowStationW
GetWindowDC
IsClipboardFormatAvailable
TranslateMDISysAccel
InsertMenuItemW
DefMDIChildProcA

gdi32

ExtTextOutW
SelectPalette
ChoosePixelFormat
GetBitmapBits
CreateMetaFileW
GetOutlineTextMetricsA
GetBkColor
GetTextExtentExPointA
SetSystemPaletteUse
SetViewportOrgEx
CreateEnhMetaFileW
GetPaletteEntries
SetBrushOrgEx
GetCharacterPlacementA
EnumObjects
GetWindowExtEx

comdlg32

GetSaveFileNameW
FindTextA

advapi32

BuildSecurityDescriptorW
RegQueryValueW
CryptSignHashW
GetSecurityDescriptorControl
IsTextUnicode
RegRestoreKeyW
CryptAcquireContextA
CryptVerifySignatureW
SetEntriesInAclW
GetCurrentHwProfileW
StartServiceCtrlDispatcherA
RegEnumValueW
ObjectDeleteAuditAlarmW
CloseEventLog
RegisterEventSourceW
RegSaveKeyW
GetSidLengthRequired
InitiateSystemShutdownW

shell32

DragAcceptFiles
Shell_NotifyIconW
SHChangeNotify
ShellAboutA

ole32

ReleaseStgMedium
CoLoadLibrary
CoInitialize
CoFileTimeNow
OleBuildVersion

oleaut32

LoadTypeLibEx
SafeArrayAccessData
VariantInit
SysAllocString
VariantClear
GetErrorInfo

comctl32

ImageList_ReplaceIcon
ImageList_SetOverlayImage
ImageList_SetIconSize
ImageList_GetIconSize

shlwapi

PathSkipRootW
PathIsNetworkPathW
PathAppendW

setupapi

SetupLogErrorW
SetupTermDefaultQueueCallback
SetupDiCallClassInstaller
SetupOpenInfFileW
SetupDiEnumDriverInfoA
SetupDefaultQueueCallbackA
SetupDiGetDeviceInstallParamsW
SetupGetStringFieldW
SetupGetStringFieldA

Sections

.text
Size: 292KB - Virtual size: 291KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

09b0998152d5bb21db25de666adeaca0

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

setupapi

Sections

.text Size: 292KB - Virtual size: 291KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 3KB

.text
Size: 292KB - Virtual size: 291KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 3KB