2b06765405b589999ee8f94536216fbf_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2b06765405b589999ee8f94536216fbf_JaffaCakes118
Size

332KB
MD5

2b06765405b589999ee8f94536216fbf
SHA1

7b1fc315bc55a215735536caae8b6eab205e2b5d
SHA256

5183e82a55e8543dab4d986347aef4f86c43a38b805fa789540ec0e8845efe76
SHA512

4b0b81444f3ff70cde1fc594c3e27fe33734f80ff888d1e5b8ea7f90f7a684aa12e8a236d0f1b22157b7707237d503bebb0698d42fb051d021a7286db644b96e
SSDEEP

6144:ZC78bB40WApEBl5MuoYk/NnAH8amf1jRrOPXYwvB4+VL:ZC7q40FKl5MuoYklnAcaw1jkPXYN+V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b06765405b589999ee8f94536216fbf_JaffaCakes118

Files

2b06765405b589999ee8f94536216fbf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3e1ddd3aec110b3a87ee61a8080f50a7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileStringW
GetCommandLineA
lstrlenA
GetVersionExA
VirtualProtect
ExitProcess

user32

GetShellWindow
LoadMenuIndirectW
CallWindowProcA
HideCaret
OemToCharBuffA
CloseDesktop
DrawStateW
EnumWindowStationsW
PeekMessageA
VkKeyScanW
RedrawWindow
IsWindowUnicode
SetMenu
IsWindowVisible
wsprintfW
UnionRect
CreatePopupMenu
SetRect
SendMessageW
ShowWindow
GetDlgItemTextW
GetClassLongA
GetMessageW
GetWindowThreadProcessId
GetKeyNameTextA
DestroyWindow
GetFocus
EnumChildWindows
DrawCaption
GetDesktopWindow
CheckDlgButton
GrayStringA
CreateDesktopA
ShowWindowAsync
ReleaseDC
ValidateRect
CharLowerA
FindWindowExA
CloseWindowStation
TileWindows
SetWindowTextA
SetMenuInfo
EnableWindow
GetMenuItemInfoA
CharToOemW
MoveWindow
MessageBeep
RegisterClassA
LoadKeyboardLayoutA
CreateIconFromResource
SetWinEventHook
SetWindowPlacement
UnhookWinEvent
SetClassLongW

comdlg32

GetSaveFileNameW
PageSetupDlgW

advapi32

RegEnumKeyExA
RegQueryValueExA

ole32

CreateOleAdviseHolder
IIDFromString

oleaut32

SysFreeString
SafeArrayGetLBound
SafeArrayPutElement
SafeArrayCreate
SetErrorInfo

comctl32

ImageList_ReplaceIcon

shlwapi

SHDeleteValueW
PathRemoveArgsW

setupapi

SetupDiSetDeviceInstallParamsW
SetupDiBuildClassInfoList
SetupDiOpenDevRegKey
SetupDiRemoveDevice
SetupDiGetClassDevsExA
SetupGetStringFieldA
SetupScanFileQueueA
SetupDiDeleteDeviceInfo

Sections

.text
Size: 304KB - Virtual size: 300KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3e1ddd3aec110b3a87ee61a8080f50a7

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

advapi32

ole32

oleaut32

comctl32

shlwapi

setupapi

Sections

.text Size: 304KB - Virtual size: 300KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 20KB - Virtual size: 16KB

.text
Size: 304KB - Virtual size: 300KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 20KB - Virtual size: 16KB