2b14173e635ee6a5f9f6f534ff251c28_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2b14173e635ee6a5f9f6f534ff251c28_JaffaCakes118
Size

387KB
MD5

2b14173e635ee6a5f9f6f534ff251c28
SHA1

fe9c3080967b0a29294bd87aaab905b4328b326b
SHA256

cd03e65e177a9a85aa2a95e9fe20c2e81a066dd1cc23cc96eb2749e048b1da57
SHA512

32ce868612997b6d6f040c20dab051e3f562e39a7fbefcf7991ae6761943f68d442bea1c4e35d4d7e6785986803790c2ae286aaa1524b2fd1fd4eaeba0bb73c4
SSDEEP

6144:wtOcgQmXHIfrLlzkF/+5oeE+7ZUxjOaAmL9PyjqYBwUf:UgQm4TLJw+5rlEL9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b14173e635ee6a5f9f6f534ff251c28_JaffaCakes118

Files

2b14173e635ee6a5f9f6f534ff251c28_JaffaCakes118
.exe windows:4 windows x86 arch:x86

adb0ee3b2a84f0f8a5208a86ce3f7b5e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\tsg\aelfme.pdb

Imports

kernel32

UnhandledExceptionFilter
CompareStringW
VirtualAlloc
VirtualQuery
GetSystemTimeAsFileTime
IsDebuggerPresent
InterlockedDecrement
FlushFileBuffers
GetStartupInfoA
GetTickCount
GetDiskFreeSpaceW
LoadLibraryA
TlsAlloc
HeapDestroy
GetEnvironmentStringsW
GetConsoleMode
TlsGetValue
GetCommandLineA
GetUserDefaultLCID
IsValidCodePage
FreeEnvironmentStringsW
SetFilePointer
HeapCreate
InterlockedExchange
LCMapStringA
GetCurrentProcess
FindFirstFileA
GetProcAddress
WideCharToMultiByte
ExitProcess
VirtualFree
GetCurrentProcessId
SetThreadIdealProcessor
ReadFile
WriteConsoleA
EnumSystemLocalesA
CloseHandle
GetStdHandle
GetCurrentThread
GetTimeFormatA
GetStringTypeA
GetModuleHandleA
GetConsoleOutputCP
SetStdHandle
SetEnvironmentVariableA
Sleep
SetUnhandledExceptionFilter
TlsSetValue
GlobalAddAtomW
GetModuleFileNameA
GetFileAttributesA
GetOEMCP
SetConsoleCursorPosition
EnumCalendarInfoExA
GetModuleHandleW
CreateMutexA
FreeResource
HeapSize
WriteConsoleW
TlsFree
WriteFile
GetLocaleInfoW
GetACP
GetLocaleInfoA
GetFileType
UnmapViewOfFile
FindNextFileW
ReadConsoleInputA
lstrcat
HeapReAlloc
HeapFree
GetEnvironmentStrings
FormatMessageA
SetHandleCount
FreeEnvironmentStringsA
GetConsoleCP
SetLastError
RtlUnwind
DeleteCriticalSection
GetLastError
HeapAlloc
LCMapStringW
CompareStringA
GetCurrentThreadId
SetConsoleCtrlHandler
GetCPInfo
GetDateFormatA
GetTimeZoneInformation
CreateFileA
InitializeCriticalSectionAndSpinCount
EnterCriticalSection
QueryPerformanceCounter
FreeLibrary
MultiByteToWideChar
GetDiskFreeSpaceA
LoadLibraryExW
OpenMutexA
InterlockedIncrement
TerminateProcess
IsValidLocale
LeaveCriticalSection
GetStringTypeW

comctl32

ImageList_AddIcon
InitMUILanguage
ImageList_SetDragCursorImage
ImageList_GetBkColor
DrawStatusTextW
ImageList_SetOverlayImage
_TrackMouseEvent
DrawStatusTextA
ImageList_Read
MakeDragList
ImageList_Create
ImageList_LoadImageW
InitCommonControlsEx
ImageList_GetImageRect
GetEffectiveClientRect
ImageList_Duplicate
ImageList_SetIconSize
ImageList_GetImageInfo
ImageList_SetBkColor
ImageList_EndDrag

user32

GetPropA
ShowWindow
DrawFrameControl
OemKeyScan
DrawTextA
GetMessageExtraInfo
EditWndProc
TranslateAcceleratorA
WINNLSGetIMEHotkey
MessageBoxA
BroadcastSystemMessageW
RegisterClassExA
LoadAcceleratorsW
SetSysColors
SystemParametersInfoA
CountClipboardFormats
InvalidateRgn
IsMenu
DefWindowProcA
IsCharAlphaNumericW
EnumDesktopsW
IsDialogMessageA
RegisterClassA
SendMessageTimeoutW
RegisterClipboardFormatW
ScrollWindowEx
CreateWindowExW
TranslateMDISysAccel
DestroyWindow

Sections

.text
Size: 130KB - Virtual size: 130KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 90KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 102KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

adb0ee3b2a84f0f8a5208a86ce3f7b5e

Headers

File Characteristics

PDB Paths

Imports

kernel32

comctl32

user32

Sections

.text Size: 130KB - Virtual size: 130KB

.rdata Size: 64KB - Virtual size: 90KB

.data Size: 88KB - Virtual size: 88KB

.rsrc Size: 102KB - Virtual size: 102KB

.text
Size: 130KB - Virtual size: 130KB

.rdata
Size: 64KB - Virtual size: 90KB

.data
Size: 88KB - Virtual size: 88KB

.rsrc
Size: 102KB - Virtual size: 102KB