2b23f7320b49cda50f03b964a7cb2c1a_JaffaCakes118

General

Target

2b23f7320b49cda50f03b964a7cb2c1a_JaffaCakes118
Size

2.1MB
MD5

2b23f7320b49cda50f03b964a7cb2c1a
SHA1

988f8cb7d400b13fae6c33ec998435bda9d59830
SHA256

2f68f4c61b887786047d8ef5fe9817b5304efe4a93ab73f54e7be9fbeae0d7c2
SHA512

a80d29a640b06625aa8c422465bbe6b9aea2db3d34899808194337e33461ad1bc9f041e9c727e6b79bb3432acc250621cf52b2d19f854ce0f20b977c00365b28
SSDEEP

49152:s4H9m5LhEciMU+7MaJyCbsKxsJA31vZfJ6myNSSQed4Ofl1fpu:7HWGYU+DcCbVOU9HUhNdH7fpu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b23f7320b49cda50f03b964a7cb2c1a_JaffaCakes118

Files

2b23f7320b49cda50f03b964a7cb2c1a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

12a7993db2222075573d964ddf965ce4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WritePrivateProfileStringA
SetConsoleMode
GetAtomNameA
CreateFileW
CreateDirectoryW
WriteConsoleOutputCharacterA
SetConsoleActiveScreenBuffer
GetCommState
SetVolumeLabelA
ReadConsoleInputW
GlobalFindAtomW
OpenSemaphoreW
FormatMessageA
lstrcatW
ExpandEnvironmentStringsW
GetSystemTime
GetEnvironmentVariableW
VirtualFree
GetSystemDefaultLangID
GetSystemTimeAsFileTime
QueryDosDeviceA
GetACP
FlushConsoleInputBuffer
RaiseException
EraseTape
GetProcessHeap
GetWindowsDirectoryA
PulseEvent
SetProcessAffinityMask
GetDiskFreeSpaceExA
WriteFile
DosDateTimeToFileTime
EnumResourceNamesA
GetFileAttributesExA
SetFileTime
GetTapeStatus
UnmapViewOfFile
SetNamedPipeHandleState
MoveFileW
LCMapStringA
ExitProcess

user32

GetCursor
SystemParametersInfoW
EnableWindow
GetTabbedTextExtentA
ReleaseCapture

comctl32

ImageList_AddMasked
ImageList_GetDragImage
ImageList_GetIcon

ole32

CoMarshalInterThreadInterfaceInStream
CoGetInterfaceAndReleaseStream

msvcrt

_ultoa
fseek
_stat
vfprintf
_ismbcdigit
_getmbcp
iswdigit
ctime
strrchr
_getch
_mbscpy
strncmp
_splitpath

Sections

.text
Size: 22KB - Virtual size: 239KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

12a7993db2222075573d964ddf965ce4

Headers

File Characteristics

Imports

kernel32

user32

comctl32

ole32

msvcrt

Sections

.text Size: 22KB - Virtual size: 239KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 1.8MB - Virtual size: 1.8MB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 22KB - Virtual size: 239KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 1.8MB - Virtual size: 1.8MB

.rsrc
Size: 17KB - Virtual size: 16KB