2b0c4275c7f3a1fbc5cca8330d774281_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2b0c4275c7f3a1fbc5cca8330d774281_JaffaCakes118
Size

248KB
MD5

2b0c4275c7f3a1fbc5cca8330d774281
SHA1

5895c9be2e0845a21613caeee189362985e14ba4
SHA256

ab77c53a94554412cfbd14b84fcf0bcbb37d61dae1b2b06341b753e52174bd2e
SHA512

60fa5c87ed2d7c22f8e823ec50541c1dad5c7d9e9ebca1fd50f64b6702687e68dd003c5d91d9eb769b4a5f6f145cf526b6fcc91b15355d2ca60c47c06328cf14
SSDEEP

3072:P137yXilJnayPb32PAtkNlHU0MBlpJKGDxiBjaI4MS4fG7EMMSntoUHjy:xaiTtPb3CAKNBU0MBlpoGyru7EmtD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b0c4275c7f3a1fbc5cca8330d774281_JaffaCakes118

Files

2b0c4275c7f3a1fbc5cca8330d774281_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9f1e82ef83ae29dbb99e31ac0b974c3d

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetMapMode
GetGlyphOutlineA
GetSystemPaletteEntries
DrawEscape
SetPixelV
TextOutA
CreatePen
SetFontEnumeration
SetColorAdjustment
DeleteObject
GetCharABCWidthsW
RoundRect
DescribePixelFormat
GetTextExtentExPointW
SelectPalette
CreateSolidBrush
EnumFontFamiliesW
GetEnhMetaFileDescriptionW
ColorMatchToTarget
ResizePalette
GetClipBox

advapi32

LookupPrivilegeNameW
CryptSetProviderExW
RegOpenKeyW
LookupAccountNameW
CryptSetProvParam
RegEnumKeyW
RegSetValueExW
GetUserNameW
RegSetValueExA
RegCreateKeyW
RegConnectRegistryW
CryptGetHashParam
DuplicateToken
LookupAccountNameA

user32

TranslateAccelerator
GetMessageA
CascadeChildWindows
PostThreadMessageW
RegisterClassExW
SetUserObjectInformationW
WINNLSEnableIME
CharUpperBuffA
DdePostAdvise
CreateWindowStationA
CopyIcon
GetTabbedTextExtentA
CallNextHookEx
GetPriorityClipboardFormat
IsChild
GetWindow
ModifyMenuW
ShowWindow
GrayStringA
DrawTextA
CharLowerBuffW
IsCharLowerA
SetFocus
DdeSetUserHandle
GetWindowThreadProcessId

wininet

InternetOpenW
InternetConfirmZoneCrossing
GopherGetLocatorTypeW
SetUrlCacheGroupAttributeW
InternetGetConnectedStateExW
InternetShowSecurityInfoByURL
FtpCreateDirectoryA
CreateUrlCacheContainerA
InternetHangUp
LoadUrlCacheContent
RetrieveUrlCacheEntryFileW
FindNextUrlCacheEntryW
GopherFindFirstFileA
FtpRemoveDirectoryW
InternetCrackUrlA

kernel32

RtlUnwind
FreeEnvironmentStringsA
GetTickCount
SetLastError
GetStringTypeW
ExitProcess
IsDebuggerPresent
GetStdHandle
GetVersionExA
HeapCreate
MultiByteToWideChar
LCMapStringW
HeapReAlloc
SetUnhandledExceptionFilter
GetStartupInfoA
GetStringTypeA
GetEnvironmentStrings
GetCommandLineA
GetModuleHandleA
GetOEMCP
IsValidLocale
GetModuleFileNameW
FreeLibrary
GetLastError
GetProcAddress
GetLongPathNameW
EnumSystemLocalesA
VirtualAlloc
SetConsoleCtrlHandler
LCMapStringA
UnhandledExceptionFilter
GetACP
InterlockedExchange
GetFileType
InterlockedIncrement
CompareStringA
GetCurrentThread
GetUserDefaultLCID
GetStartupInfoW
HeapSize
InitializeCriticalSection
HeapAlloc
TlsFree
HeapFree
EnterCriticalSection
GetCurrentThreadId
GetDateFormatA
InterlockedDecrement
TlsSetValue
GetCPInfo
SetHandleCount
GetModuleFileNameA
HeapDestroy
GetCurrentProcess
VirtualFree
GetLocaleInfoW
SetEnvironmentVariableA
GetTimeFormatA
WriteFile
GetLocaleInfoA
WideCharToMultiByte
GetTimeZoneInformation
TlsAlloc
GetEnvironmentStringsW
LeaveCriticalSection
TlsGetValue
TerminateProcess
DeleteCriticalSection
GetSystemTimeAsFileTime
LoadLibraryA
IsValidCodePage
GetProcessHeap
GetCommandLineW
RtlZeroMemory
FreeEnvironmentStringsW
VirtualQuery
GetCurrentProcessId
Sleep
CompareStringW
QueryPerformanceCounter

comdlg32

FindTextW
GetFileTitleW
ChooseFontA
ChooseFontW
ReplaceTextA
GetOpenFileNameA
ChooseColorA
GetOpenFileNameW
ChooseColorW
GetSaveFileNameA
ReplaceTextW
LoadAlterBitmap
PageSetupDlgA
GetSaveFileNameW
PageSetupDlgW
FindTextA
PrintDlgA

Sections

.avx��
Size: 244KB - Virtual size: 244KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9f1e82ef83ae29dbb99e31ac0b974c3d

Headers

File Characteristics

Imports

gdi32

advapi32

user32

wininet

kernel32

comdlg32

Sections

.avx���� Size: 244KB - Virtual size: 244KB

.avx��
Size: 244KB - Virtual size: 244KB