2b2e853815747e2fc8eff61b5fbd0a9f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2b2e853815747e2fc8eff61b5fbd0a9f_JaffaCakes118
Size

340KB
MD5

2b2e853815747e2fc8eff61b5fbd0a9f
SHA1

6270983a4efb484e61f22f95d73a6b9b61cc2ca1
SHA256

809ea6745e49894567dad6162461a73a2bdb7f93b29a1898293f3a22ca0e17e8
SHA512

1e2b7baf3b0c6fc9dc13a75012eb40a04ffdd8c7c5305bed274b23146c848e6d640175880ff15dc83ea48a5ada61ebb1b8a919aa6cc8a872bc6e0d4dc6b028ae
SSDEEP

6144:xR+MzFv8V6MdhYlZDd9Cf5FZ5LX7J7AWUk8bQcFdlRyukjsEGy:q+st4o5TRt75Ujb7FdqJjl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b2e853815747e2fc8eff61b5fbd0a9f_JaffaCakes118

Files

2b2e853815747e2fc8eff61b5fbd0a9f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

22e30b6c7abafb49274cb64fe46f0df8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringW
RemoveDirectoryW
GetThreadPriority
GetLocaleInfoW
GetConsoleCursorInfo
EnumResourceLanguagesW
SizeofResource
WriteProcessMemory
GetFileInformationByHandle
SetProcessWorkingSetSize
GetThreadContext
CreateDirectoryExA
WritePrivateProfileStringW
GetCompressedFileSizeW
SetThreadAffinityMask
LeaveCriticalSection
EraseTape
GetCurrentDirectoryW
UnhandledExceptionFilter
SetNamedPipeHandleState
CreateProcessA
PurgeComm
GetLongPathNameA
LocalSize
SetThreadPriorityBoost
UnmapViewOfFile
GetUserDefaultLangID
MultiByteToWideChar
CreateFileW
SetEndOfFile
GetStartupInfoA
GetDiskFreeSpaceExA
SetConsoleOutputCP
GetAtomNameA
DuplicateHandle
SetProcessAffinityMask
CopyFileExW
GetOverlappedResult
EndUpdateResourceA
GetBinaryTypeW
VirtualProtect
WriteConsoleOutputW
GetCommState
GetCurrentProcess
GetLogicalDriveStringsA
SuspendThread
SetCurrentDirectoryA
DeleteFiber
CreateMutexW
GetCPInfo
SetConsoleWindowInfo
GetFileAttributesExA
PulseEvent
GetProfileStringA
SetEnvironmentVariableW
EnumSystemCodePagesW
CreatePipe
GetOEMCP
ReadFileScatter
SetEvent
WritePrivateProfileSectionW
SetConsoleCursorPosition
GlobalAddAtomW
GetDiskFreeSpaceW
GetStringTypeExW
EnumDateFormatsW
EnumCalendarInfoA
GetDriveTypeA
GetCommModemStatus
GetTempPathW
ExpandEnvironmentStringsW
GetACP
SetMailslotInfo
GetModuleHandleA
GetModuleFileNameW
lstrcmpA
CloseHandle
GetFileAttributesA
ExitProcess
LoadLibraryExW
DeleteCriticalSection
VirtualFree
ReadDirectoryChangesW
CreateDirectoryA
CancelIo
LoadLibraryExA
lstrcmpiW
GetVolumeInformationW
GetCommandLineA
GetVersionExA
GetTimeZoneInformation
lstrlenA

user32

DrawTextA
IsWindowUnicode
DispatchMessageW
FlashWindow
GetCaretBlinkTime
RegisterClipboardFormatA
WinHelpA
GetProcessWindowStation
SetDlgItemTextA
RegisterDeviceNotificationA

gdi32

CreateFontIndirectW
ModifyWorldTransform
GetCharWidthA
SetEnhMetaFileBits
GetTextCharacterExtra
GetBkMode
CreateEnhMetaFileA
EnumMetaFile

comdlg32

PageSetupDlgW
ReplaceTextW

advapi32

AddAccessAllowedAce
AllocateLocallyUniqueId
FreeSid
CryptDestroyHash
ImpersonateNamedPipeClient
RegDeleteValueA
NotifyBootConfigStatus
LogonUserA
OpenThreadToken
RegDeleteKeyW
ObjectCloseAuditAlarmW
RegConnectRegistryA
SetKernelObjectSecurity
CryptDeriveKey
SetServiceStatus
IsValidSid
SetSecurityInfo
LookupPrivilegeNameA
SetSecurityDescriptorDacl
RegRestoreKeyW
CryptVerifySignatureW
MapGenericMask
CryptSetKeyParam
SetSecurityDescriptorOwner
SetEntriesInAclA
SetNamedSecurityInfoA
RegSetValueExW
GetSecurityDescriptorOwner
GetPrivateObjectSecurity
ChangeServiceConfigW
ControlService
LookupAccountSidA
RegOpenKeyExA
RegQueryValueA
ReportEventW
ObjectDeleteAuditAlarmW
RegisterServiceCtrlHandlerA
OpenSCManagerA

shell32

Shell_NotifyIconW
DragQueryPoint
FindExecutableA
ShellExecuteA
SHGetSpecialFolderPathA

ole32

OleInitialize
StgOpenStorage

oleaut32

LoadTypeLibEx
SafeArrayRedim
SafeArrayPutElement
SysStringLen
QueryPathOfRegTypeLi
SafeArrayGetLBound
SafeArrayUnaccessData

comctl32

ImageList_GetIconSize
ImageList_GetImageInfo

shlwapi

StrFormatByteSize64A
SHRegCloseUSKey
PathFindFileNameA
StrCmpNW
PathIsFileSpecW
PathRemoveFileSpecW
PathFindExtensionA
PathFileExistsW
AssocQueryStringW
SHDeleteValueW
SHAutoComplete
SHRegGetBoolUSValueW
PathRemoveExtensionW
PathRemoveBackslashW
SHOpenRegStream2W
SHSetValueA

setupapi

SetupDiGetDeviceRegistryPropertyA
SetupDiSetSelectedDriverW
SetupDiBuildClassInfoList
SetupCloseFileQueue
SetupGetLineTextW
SetupInstallServicesFromInfSectionA
SetupDiGetDeviceInstallParamsA

Sections

.text
Size: 308KB - Virtual size: 306KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

22e30b6c7abafb49274cb64fe46f0df8

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

setupapi

Sections

.text Size: 308KB - Virtual size: 306KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 20KB - Virtual size: 18KB

.text
Size: 308KB - Virtual size: 306KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 20KB - Virtual size: 18KB