2b37b8d1e081dd3af4f916eb43806ddd_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2b37b8d1e081dd3af4f916eb43806ddd_JaffaCakes118
Size

332KB
MD5

2b37b8d1e081dd3af4f916eb43806ddd
SHA1

e62f3ee2d95c6baa92490b58a8d287e6ea151fe6
SHA256

1fb95de5caeebaf65fa6bf2f9724c1b776ec3a2d45881bc9e73ea985985d8b27
SHA512

be416dbf627cb5a4a634787c103c965f4fe2978f895f9e140536c5fc41819113958d7d661d523b549ab6bdbdd4c0820461390caac773b833e3bb4257bf0ed2d0
SSDEEP

6144:CuiKAoxmz9XomnStbpSNTLvYhh+aJXtNRiorThCffEt9u92u:jAoxmz94mpTa+aZtNsorTUfEqk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b37b8d1e081dd3af4f916eb43806ddd_JaffaCakes118

Files

2b37b8d1e081dd3af4f916eb43806ddd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

21dfb1ebe98728dfee0bb22fbfd53948

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
SetHandleCount
LocalSize
QueryDosDeviceA
VirtualQuery
WriteConsoleOutputW
WritePrivateProfileSectionA
DeleteFiber
CreateProcessA
GetCommConfig
GetLogicalDriveStringsA
EnumResourceLanguagesW
CreateDirectoryA
FindFirstFileExW
GetSystemInfo
Beep
GetCommModemStatus
CloseHandle
GetLongPathNameA
PeekConsoleInputW
GetEnvironmentStringsW
GetWindowsDirectoryA
SetSystemTime
SetEnvironmentVariableW
ExitProcess
GlobalGetAtomNameW
GetCommandLineA
VirtualProtect

user32

GetMenuItemCount
ShowCursor
ShowWindowAsync
SetClassLongA
RegisterClipboardFormatA
SystemParametersInfoA
OpenDesktopA
ExcludeUpdateRgn
DefDlgProcW
SetUserObjectInformationW

comdlg32

ReplaceTextA

advapi32

GetExplicitEntriesFromAclW
CryptReleaseContext
CryptSetHashParam
RegQueryValueExA
RegFlushKey
LogonUserW
QueryServiceStatus
ObjectDeleteAuditAlarmW
RegConnectRegistryW
RegCreateKeyA
DestroyPrivateObjectSecurity
DuplicateToken
CryptAcquireContextW
AllocateAndInitializeSid
RegUnLoadKeyW
LookupPrivilegeNameA
GetNamedSecurityInfoA
IsValidSecurityDescriptor
RegEnumKeyA
ChangeServiceConfigA
SetServiceStatus
RegCreateKeyExW
RegRestoreKeyA
QueryServiceConfigA
RegSetValueA
CryptGetProvParam
RegOpenKeyA
CryptSignHashW
RegConnectRegistryA
RegRestoreKeyW
ObjectCloseAuditAlarmA
LookupAccountSidW
GetServiceKeyNameW
GetServiceDisplayNameW
RegDeleteValueA
GetSecurityDescriptorOwner
EqualSid

shell32

SHGetSpecialFolderPathW
SHGetSpecialFolderPathA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
ExtractIconExW

ole32

CoDisconnectObject
ReadFmtUserTypeStg
OleCreateLink
CoImpersonateClient
CoGetClassObject
CoCreateInstance
OleSave
OleCreate
OleGetIconOfClass
StgSetTimes

oleaut32

SafeArrayGetElement
SysAllocStringLen
QueryPathOfRegTypeLi
SetErrorInfo
SafeArrayRedim
SysStringLen

shlwapi

PathCanonicalizeA
SHCreateStreamOnFileW
PathCompactPathExW
StrCpyNW
StrStrA
PathIsDirectoryEmptyW
PathGetArgsW
StrCmpNW
StrCmpNIA
PathIsFileSpecA
PathSkipRootW
StrFormatByteSize64A
StrFormatByteSizeW
PathFileExistsA
StrCatW
StrStrIA
PathFindFileNameW

setupapi

SetupDiGetClassDevsA
SetupDiGetDeviceInterfaceDetailW

Sections

.text
Size: 300KB - Virtual size: 296KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

21dfb1ebe98728dfee0bb22fbfd53948

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

setupapi

Sections

.text Size: 300KB - Virtual size: 296KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 24KB - Virtual size: 20KB

.text
Size: 300KB - Virtual size: 296KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 24KB - Virtual size: 20KB