2aeafad88cedf008f2de13412cd20999_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2aeafad88cedf008f2de13412cd20999_JaffaCakes118
Size

227KB
MD5

2aeafad88cedf008f2de13412cd20999
SHA1

c96195876a1a726eb3bafd4dda43a9e1bf22138c
SHA256

0e121b6953ce50f600d672b4a2a79269e439274aaaec50a88949d75ea8cdb73c
SHA512

2b073161dabea6c2cef4bc58902c5e4a2dbcd4bb0e2472ccdc59235a6a8f573eaa8b551388a1318665a04dff34b0134320508036420a9f2f0f0ae394595da4eb
SSDEEP

6144:jXCNCRdZ8c7tHR4HDOnLsHuQN2YHWv0Xhjr5p:jXCWdZ8Uj4KnAHxX60Rjr5p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2aeafad88cedf008f2de13412cd20999_JaffaCakes118

Files

2aeafad88cedf008f2de13412cd20999_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1fb88103779b85020a81dfc78f6f568e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalFindAtomW
lstrcpynW
GetEnvironmentVariableA
GetModuleHandleA
lstrlenW
Sleep
GetCurrentDirectoryW
SetEvent
CreateMailslotA
OpenEventW
GetAtomNameA
GetWindowsDirectoryW
GetProcAddress
GetSystemInfo
DuplicateHandle
WaitForSingleObject
GetEnvironmentVariableW
lstrcpyA
GetLocaleInfoA
GetLocalTime
FileTimeToSystemTime
IsValidCodePage
CreateMutexW
IsBadWritePtr
GetNumberFormatW
lstrcmpiA
GetACP
lstrlenA
FindResourceA
GetDateFormatW
GetEnvironmentStringsW
LoadLibraryW
GetThreadPriority
GetThreadLocale
lstrcmpi
SleepEx
TlsAlloc
RemoveDirectoryW
GetFileAttributesW
GetExitCodeProcess
GetCurrentProcessId
GetStartupInfoW
SetCurrentDirectoryA
GetUserDefaultLangID
IsBadReadPtr

user32

CharUpperA
EnumWindows
GetDesktopWindow
GetMenuStringA
WinHelpA
LoadImageA
CharPrevW
GetMenuInfo
SetMenu
CreateDialogParamA
CharNextW
PostQuitMessage
GetDlgItemTextW
LoadMenuA
CopyRect
DefWindowProcA
ActivateKeyboardLayout

gdi32

GetEnhMetaFileA
CreateDIBPatternBrushPt
SetWinMetaFileBits
AddFontResourceW
CreatePolyPolygonRgn
GetTextExtentPointW
CreateBitmap
CreateEllipticRgn
CreateFontIndirectW
GetMetaFileA
CreateFontIndirectExW
SetEnhMetaFileBits
CreatePatternBrush
CreatePalette
SetMetaFileBitsEx

shlwapi

PathCompactPathExW
PathRemoveBlanksA

oleaut32

VarUI8FromDec
VarDecFromUI1
VarCyFromI1
VarDecFromBool
VarR8FromI8
VarDecFromI8
VarDecFromI1

urlmon

CoGetClassObjectFromURL
DllRegisterServer
HlinkGoBack
URLDownloadW
GetClassFileOrMime
CopyStgMedium
FindMimeFromData
DllInstall
CreateAsyncBindCtx
FindMediaType
CoInternetParseUrl
RegisterBindStatusCallback
CDLGetLongPathNameW

sqlunirl

_ChangeDisplaySettings_@8
_GetCharacterPlacement_@24
_AppendMenu_@16
_CompareString_@24
_CharLower@4
_GetFileTitle@12
_GetUserName@8
_OpenSemaphore_@12
_SetWindowText@8
_SetWindowLong@12
_GetDefaultCommConfig_@12
_GetProp@8
_CreateDialogIndirectParam@20
_CreateFile@28
_WriteProfileSection_@8

Sections

.OiIJN
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ayX
Size: 2KB - Virtual size: 87KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.yyrzhx
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.H
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.P
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.EWF
Size: 3KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.wyzw
Size: 5KB - Virtual size: 319KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.qgc
Size: 82KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.WTJq
Size: 12KB - Virtual size: 274KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.HYIsg
Size: 4KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.iNYg
Size: 2KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1fb88103779b85020a81dfc78f6f568e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shlwapi

oleaut32

urlmon

sqlunirl

Sections

.OiIJN Size: 1KB - Virtual size: 1KB

.ayX Size: 2KB - Virtual size: 87KB

.yyrzhx Size: 84KB - Virtual size: 83KB

.H Size: 12KB - Virtual size: 12KB

.P Size: 4KB - Virtual size: 9KB

.EWF Size: 3KB - Virtual size: 32KB

.wyzw Size: 5KB - Virtual size: 319KB

.qgc Size: 82KB - Virtual size: 82KB

.WTJq Size: 12KB - Virtual size: 274KB

.HYIsg Size: 4KB - Virtual size: 23KB

.iNYg Size: 2KB - Virtual size: 63KB

.rsrc Size: 10KB - Virtual size: 10KB

.reloc Size: 1024B - Virtual size: 1024B

.OiIJN
Size: 1KB - Virtual size: 1KB

.ayX
Size: 2KB - Virtual size: 87KB

.yyrzhx
Size: 84KB - Virtual size: 83KB

.H
Size: 12KB - Virtual size: 12KB

.P
Size: 4KB - Virtual size: 9KB

.EWF
Size: 3KB - Virtual size: 32KB

.wyzw
Size: 5KB - Virtual size: 319KB

.qgc
Size: 82KB - Virtual size: 82KB

.WTJq
Size: 12KB - Virtual size: 274KB

.HYIsg
Size: 4KB - Virtual size: 23KB

.iNYg
Size: 2KB - Virtual size: 63KB

.rsrc
Size: 10KB - Virtual size: 10KB

.reloc
Size: 1024B - Virtual size: 1024B