2b4c2f9c1920a1ff5432f4738432b10c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2b4c2f9c1920a1ff5432f4738432b10c_JaffaCakes118
Size

388KB
MD5

2b4c2f9c1920a1ff5432f4738432b10c
SHA1

7b19e3199e766f0646903c32a5553046b45ccc55
SHA256

09a0a623353f84e1a2472ba6438c395a7f63e2cfdc7248fe6761aa07d46bab1e
SHA512

32c95c7e3811ec6f3b99262311aa03310ff02211bf336501bc66aad01ccba17325ba0bc554a124595ab14bb1e6aac8538092e65444b21430e9b340950d766b24
SSDEEP

12288:wixOvzM848f7tfiXVIlbJYaKm3SewGu4e:wKOv7f7taXVUbJJhTF/e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b4c2f9c1920a1ff5432f4738432b10c_JaffaCakes118

Files

2b4c2f9c1920a1ff5432f4738432b10c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5afece4b1853f00b8df67f2ad6853e07

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

k:\geefir.PDB

Imports

wininet

InternetCanonicalizeUrlA
RunOnceUrlCache
InternetInitializeAutoProxyDll
FindNextUrlCacheContainerA
ShowX509EncodedCertificate

kernel32

LoadLibraryA
VirtualAllocEx
GetProcessHeap
TlsFree
GetCurrencyFormatW
GetShortPathNameA
UnhandledExceptionFilter
IsValidLocale
TransactNamedPipe
CreateMutexA
GetTempFileNameW
GetDateFormatA
ReadFile
InterlockedExchange
SetHandleCount
GetCurrentProcess
FreeEnvironmentStringsA
LCMapStringA
SetConsoleCtrlHandler
IsDebuggerPresent
SetEnvironmentVariableA
InterlockedIncrement
HeapDestroy
WideCharToMultiByte
LeaveCriticalSection
GetCPInfo
HeapFree
GetCommandLineA
InitializeCriticalSection
GetStartupInfoA
DosDateTimeToFileTime
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
GetModuleFileNameA
HeapReAlloc
GetCurrentProcessId
ExitProcess
GetConsoleMode
WriteFile
GetCurrentThreadId
OpenMutexA
GetCommandLineW
GetStringTypeA
GetTempPathW
ConnectNamedPipe
CreateFileA
TlsAlloc
GetTickCount
VirtualQuery
TlsSetValue
GlobalAddAtomW
IsValidCodePage
WriteFileEx
GetEnvironmentStringsW
GetLocaleInfoA
HeapAlloc
GetVersionExA
CompareStringA
GetConsoleOutputCP
SystemTimeToTzSpecificLocalTime
GetFileType
WriteConsoleW
GetProcAddress
GetTimeFormatA
LCMapStringW
SetStdHandle
GetLocaleInfoW
GetExitCodeThread
GetModuleFileNameW
RtlUnwind
DeleteCriticalSection
Sleep
GetACP
FreeEnvironmentStringsW
CreateFileMappingW
CloseHandle
GetEnvironmentStrings
RemoveDirectoryA
GetLastError
FreeLibrary
WriteConsoleA
SetFilePointer
VirtualAlloc
TerminateProcess
TlsGetValue
MultiByteToWideChar
GetOEMCP
SetLastError
LocalSize
CompareStringW
GetStdHandle
GetTimeZoneInformation
HeapCreate
VirtualFree
InterlockedDecrement
FlushFileBuffers
SetTimeZoneInformation
GetUserDefaultLCID
ReadConsoleInputA
EnterCriticalSection
GetStringTypeW
HeapSize
EnumSystemLocalesA
GetConsoleCP
GetStartupInfoW
SetFileAttributesA
QueryPerformanceCounter
GetModuleHandleA
GetCurrentThread
DuplicateHandle

comdlg32

ChooseFontA

comctl32

DrawInsert
CreateStatusWindow
InitCommonControlsEx
InitMUILanguage

advapi32

CryptDestroyKey
CryptEnumProviderTypesA
CryptGetDefaultProviderA
RegEnumKeyExW
RegReplaceKeyA
RegCreateKeyW
LookupPrivilegeNameA
CryptAcquireContextW

gdi32

GetRasterizerCaps
WidenPath
CreatePen
DeleteDC
SetBoundsRect
CancelDC
SetROP2
GetObjectW
GetEnhMetaFileW
GetCharABCWidthsFloatA
GetObjectA
ExcludeClipRect
DeleteObject
SetBkMode
SetMagicColors
DeviceCapabilitiesExA
GetDeviceGammaRamp
SetDIBitsToDevice
CreateHatchBrush
AnimatePalette
GdiSetBatchLimit
GetDeviceCaps
GetViewportExtEx
CreateColorSpaceW
SelectObject
CreateDCA

user32

GetMenuBarInfo
RegisterClassExA
GetMenuItemInfoW
ToAsciiEx
SendMessageA
SendIMEMessageExW
ChangeClipboardChain
CopyIcon
DdeAccessData
LoadMenuIndirectW
DefMDIChildProcA
IsCharLowerA
DestroyWindow
CreateWindowExW
LoadIconW
GetCapture
DdeInitializeW
ToUnicodeEx
SetDoubleClickTime
GetTabbedTextExtentA
FlashWindowEx
EnumDesktopsW
GetAncestor
GetSystemMenu
CreateDesktopW
GetKeyboardLayoutList
SetKeyboardState
RemoveMenu
DdeQueryConvInfo
DestroyIcon
CharLowerBuffA
PostMessageW
EnumDesktopsA
SetClassLongA
GrayStringW
OpenWindowStationA
DefWindowProcW
CharUpperW
GetWindow
RegisterClassA
CharPrevA
GetProcessWindowStation
CharUpperA
CopyImage
ScreenToClient
MoveWindow
wvsprintfA
CharPrevW
WindowFromPoint
CallNextHookEx
EnumDesktopWindows
DrawAnimatedRects
GetWindowInfo
IsWindowVisible
ShowWindow
MessageBoxA
SetActiveWindow
WaitMessage
GetForegroundWindow
AppendMenuA

Sections

.text
Size: 180KB - Virtual size: 179KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 117KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5afece4b1853f00b8df67f2ad6853e07

Headers

File Characteristics

PDB Paths

Imports

wininet

kernel32

comdlg32

comctl32

advapi32

gdi32

user32

Sections

.text Size: 180KB - Virtual size: 179KB

.rdata Size: 76KB - Virtual size: 75KB

.data Size: 96KB - Virtual size: 117KB

.rsrc Size: 32KB - Virtual size: 30KB

.text
Size: 180KB - Virtual size: 179KB

.rdata
Size: 76KB - Virtual size: 75KB

.data
Size: 96KB - Virtual size: 117KB

.rsrc
Size: 32KB - Virtual size: 30KB