2b1220a24ff5131596ccde96c523a91e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2b1220a24ff5131596ccde96c523a91e_JaffaCakes118
Size

320KB
MD5

2b1220a24ff5131596ccde96c523a91e
SHA1

fdd313f2966a330ba86e4a8d55747bde20d70c6c
SHA256

3fa87ac0828e0d76e960d7c44ff479b0b17c948dde685adfc70a738ca5912104
SHA512

93054e1f615dbf0996e8cfa4b26ce3c94d91a195ec4c3e6a710dbedddf8e3a3edf5892ada0adb2d78ab7e78664572d0ccf685a875e7ec324c7c41b6a4c603eb6
SSDEEP

6144:KKu0G3+tQTIn5V+0F9etpkPoORROJc7EH7+hNDjGmih5B+JAzbarg:xud3Env+0WpkxL7EH6R8R+JAvk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b1220a24ff5131596ccde96c523a91e_JaffaCakes118

Files

2b1220a24ff5131596ccde96c523a91e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cf9a79d4e91b7f6da99b92ef5bfd701e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrlenA
VirtualAllocEx
IsProcessorFeaturePresent
GetVersionExA
CompareStringA
GetCommModemStatus
ExitProcess
OpenProcess
LCMapStringW
FreeConsole
OutputDebugStringA
CompareStringW
SetStdHandle
ExitThread
FillConsoleOutputCharacterW
GetModuleFileNameW
GetNumberOfConsoleInputEvents
HeapAlloc
_lclose
EnumResourceTypesA
EnumResourceLanguagesW
FindResourceExA
lstrcpyW
PrepareTape
GetFileSize
AddAtomA
GetACP
SetConsoleTitleA
DebugBreak
SetCommBreak
VirtualProtect
GetCommandLineA
SearchPathA

user32

GetSysColorBrush
TabbedTextOutW
GetInputState
EnumWindowStationsW
EnumDisplayMonitors
GetWindowTextW
CharLowerBuffA
GetClipboardSequenceNumber
GetDlgItemTextA
LoadStringW
SetWindowLongW
InsertMenuItemW
SendDlgItemMessageA
BringWindowToTop
ReleaseDC
GetClassInfoExA
CloseDesktop
ChangeMenuW
DrawTextW
OpenInputDesktop
LoadIconW
CreateDesktopA
GetMenuStringA
SetCursor
GetFocus
WaitForInputIdle
wvsprintfA
CreateIcon
GetSubMenu
CreateCursor
SubtractRect
GetUserObjectSecurity
GetClipboardOwner
SetWindowsHookExW
LockWindowUpdate
GetMessageA
SetCaretPos
GetNextDlgGroupItem
CreateMDIWindowW
ChangeClipboardChain
GetKeyboardLayout
PostMessageA
GetWindowPlacement
SetCapture

gdi32

ExtCreatePen
FillRgn
GetRgnBox
SetTextColor
StretchBlt
BeginPath
CreatePalette
GetTextFaceA
EnumFontFamiliesExW
GetTextExtentExPointW
GetTextAlign
SetWindowExtEx
StartDocA
GetViewportExtEx
GetPixelFormat
PaintRgn
SelectClipRgn

comdlg32

GetSaveFileNameA
GetOpenFileNameA

advapi32

GetExplicitEntriesFromAclW
CryptExportKey
SetNamedSecurityInfoW
GetSidSubAuthorityCount
RegQueryValueExA
RegRestoreKeyA
AbortSystemShutdownA
AllocateAndInitializeSid
LookupPrivilegeValueA
RegSaveKeyW

shell32

DoEnvironmentSubstW
ExtractIconExA
SHGetSpecialFolderLocation

ole32

CLSIDFromProgID
GetHGlobalFromStream
CoResumeClassObjects
OleGetIconOfClass
CoDisconnectObject
CoGetObject

oleaut32

SafeArrayPtrOfIndex
SafeArrayUnaccessData
SysFreeString
SetErrorInfo
GetActiveObject

shlwapi

StrRChrW
PathAddBackslashW
StrRStrIW
SHDeleteKeyW
StrCpyNW
PathRemoveBackslashW
PathStripPathA
StrChrW
SHQueryValueExW
PathIsURLW
PathFindFileNameA
PathUnquoteSpacesA
PathFindNextComponentW
PathSkipRootW
SHEnumValueW

setupapi

SetupCloseInfFile
SetupDiSetSelectedDriverA
SetupDiGetClassDevsExW

Sections

.text
Size: 292KB - Virtual size: 291KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

cf9a79d4e91b7f6da99b92ef5bfd701e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

setupapi

Sections

.text Size: 292KB - Virtual size: 291KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 20KB - Virtual size: 17KB

.text
Size: 292KB - Virtual size: 291KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 20KB - Virtual size: 17KB