2b26457df15ffff4c6dff0644aed17ab_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2b26457df15ffff4c6dff0644aed17ab_JaffaCakes118
Size

551KB
MD5

2b26457df15ffff4c6dff0644aed17ab
SHA1

27163e6e723c2178234af5dbfccb48c1f9009ddd
SHA256

93102804af7dd7b52ffd9eef682243d3989d6b4c7097a167ca9531e1c65e9a61
SHA512

a8bd73bde1c1965bc23a45ec35129dbae8e1771bf54496a0b888b3c92f9e945b6ea3749faa878db63eb1847498a2a7ca288175148e7ca8813b6cce9d67fe7ba9
SSDEEP

12288:FGV/DmCia7qJtagojyVOWE3B4vMxesmiBwCSZqqLF/E:FGV/SCR7bgojGw4ZiBwprB/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b26457df15ffff4c6dff0644aed17ab_JaffaCakes118

Files

2b26457df15ffff4c6dff0644aed17ab_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7b7f2f1aa02089f67a54feec948c11b3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\wbsgfeks\faommkfy\ov

Imports

shell32

SHGetDesktopFolder
SHInvokePrinterCommandA
SHEmptyRecycleBinA
SheChangeDirExW
FindExecutableA

advapi32

RegQueryValueExA
CryptSetProviderExA
CryptSignHashW
RegSaveKeyA
ReportEventA
RegEnumValueW
RegDeleteKeyW
CryptVerifySignatureW
RegEnumKeyA
CryptDuplicateHash
RegConnectRegistryA
CryptSignHashA
LookupPrivilegeDisplayNameW
CryptGetKeyParam
DuplicateToken
RegCreateKeyA
CryptEnumProvidersA
CryptGetHashParam
LogonUserA
CryptSetProviderW
RegSetValueW
RegEnumKeyW

user32

EnableWindow
AppendMenuA
GetMonitorInfoA
MessageBoxA
GetCaretBlinkTime
GetCursor
MapDialogRect
LockWindowUpdate
RemovePropA
SetWindowTextW
SetWindowsHookExW
GetClientRect
InsertMenuW
ShowWindow
RegisterClassExA
OpenWindowStationW
RegisterClassA
DrawIconEx
GetSubMenu
CreateWindowExA

wininet

InternetCreateUrlA
FtpDeleteFileW
SetUrlCacheGroupAttributeW
InternetInitializeAutoProxyDll
FtpCommandW
CreateUrlCacheContainerA
SetUrlCacheGroupAttributeA
InternetGoOnline

comctl32

DrawStatusTextA
ImageList_GetDragImage
ImageList_AddMasked
InitCommonControlsEx
ImageList_DragMove

kernel32

TlsGetValue
SystemTimeToFileTime
CreateMutexA
SetStdHandle
QueryPerformanceCounter
EnumResourceTypesW
GetCurrentThread
GetStringTypeExW
GetLocaleInfoA
GetFileType
WriteConsoleW
CompareStringA
ReadConsoleOutputA
CloseHandle
GetVersionExA
MoveFileExA
LCMapStringA
LCMapStringW
TerminateProcess
TlsAlloc
GetDateFormatA
GetConsoleCursorInfo
CreateFileA
GetCurrentProcess
HeapAlloc
IsValidLocale
InterlockedDecrement
WriteConsoleA
FindNextChangeNotification
ExpandEnvironmentStringsW
GetPrivateProfileStringW
HeapDestroy
InterlockedIncrement
GetModuleHandleA
FlushFileBuffers
WideCharToMultiByte
CommConfigDialogW
ReadFile
GetProcAddress
SetFilePointer
GetStringTypeW
GetUserDefaultLCID
HeapSize
GetFileSize
WriteFile
GetConsoleMode
FreeEnvironmentStringsW
GetCurrentProcessId
MultiByteToWideChar
SetEnvironmentVariableA
GetStdHandle
GetACP
GetCommandLineA
InitializeCriticalSection
UnhandledExceptionFilter
VirtualQuery
ConnectNamedPipe
GetEnvironmentStringsW
IsDebuggerPresent
GetEnvironmentStrings
HeapCreate
InterlockedExchange
HeapReAlloc
EnumSystemLocalesA
RtlUnwind
GetLastError
FillConsoleOutputAttribute
GetCurrentThreadId
GetLocaleInfoW
GetProcessHeap
GetStartupInfoA
DeleteCriticalSection
DebugBreak
SetConsoleCursorInfo
CreateFileMappingA
SetConsoleCtrlHandler
FreeLibrary
GetCPInfo
GetStringTypeA
FreeEnvironmentStringsA
ExitProcess
CreatePipe
SystemTimeToTzSpecificLocalTime
GetConsoleOutputCP
GetConsoleCP
HeapFree
LeaveCriticalSection
LoadLibraryA
SetLastError
SetHandleCount
TlsSetValue
GetTimeFormatA
GetOEMCP
Sleep
EnterCriticalSection
CompareStringW
GetModuleFileNameA
GetTimeZoneInformation
GetTickCount
TlsFree
OpenMutexA
IsValidCodePage
VirtualAlloc
SetUnhandledExceptionFilter
VirtualFree
GetSystemTimeAsFileTime

Sections

.text
Size: 379KB - Virtual size: 378KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7b7f2f1aa02089f67a54feec948c11b3

Headers

File Characteristics

PDB Paths

Imports

shell32

advapi32

user32

wininet

comctl32

kernel32

Sections

.text Size: 379KB - Virtual size: 378KB

.rdata Size: 40KB - Virtual size: 65KB

.data Size: 115KB - Virtual size: 114KB

.rsrc Size: 15KB - Virtual size: 15KB

.text
Size: 379KB - Virtual size: 378KB

.rdata
Size: 40KB - Virtual size: 65KB

.data
Size: 115KB - Virtual size: 114KB

.rsrc
Size: 15KB - Virtual size: 15KB