2b3881812f8f0f842ae8f4416ceb9fab_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2b3881812f8f0f842ae8f4416ceb9fab_JaffaCakes118
Size

279KB
MD5

2b3881812f8f0f842ae8f4416ceb9fab
SHA1

1bc56fc7560d537875ba665aeefc74f170e9d99f
SHA256

e6b97ac446c80d24cc3a4cfff6941bf445cb0eed8e0c3667a05d371fcd944f2e
SHA512

fb190731e455cd70237a01daa4a2b7920eb839cf2aff3ec0d10916ab828a43b09a47d9a1e65a1f0e4600567dd8f326b540779ac78437fad1c6cd5ccfc1c3d4e1
SSDEEP

6144:qCXqS9cmfFbvG6PCpni05JoH3E2DHieX/BAOGP8Fv+X3efx4:qDmJG66v3oH3E2b7PWPk+ne

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b3881812f8f0f842ae8f4416ceb9fab_JaffaCakes118

Files

2b3881812f8f0f842ae8f4416ceb9fab_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4b7ed62bb485d3ad3cd2c987ab4214f9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

AdjustTokenPrivileges
ChangeServiceConfigA
GetUserNameA
LookupPrivilegeValueA
OpenSCManagerA
RegDeleteKeyA
RegOpenKeyExA
RegSetValueExA
UnlockServiceDatabase

kernel32

CopyFileA
CreateMutexA
DeleteFileA
DisableThreadLibraryCalls
ExitProcess
FileTimeToLocalFileTime
FindNextFileA
FindResourceA
FlushFileBuffers
FormatMessageA
FreeEnvironmentStringsA
FreeLibrary
GetACP
GetCPInfo
GetCommandLineA
GetConsoleCP
GetConsoleMode
GetCurrentDirectoryA
GetCurrentThreadId
GetDateFormatA
GetExitCodeProcess
GetLastError
GetLocalTime
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetPrivateProfileSectionA
GetProcAddress
GetShortPathNameA
GetStartupInfoA
GetStdHandle
GetSystemInfo
GetSystemTimeAsFileTime
GetTempFileNameA
GetThreadLocale
GetThreadTimes
GetTickCount
GetTimeFormatA
GetTimeZoneInformation
GetVersionExA
GetWindowsDirectoryA
GlobalHandle
HeapAlloc
HeapDestroy
HeapFree
InitializeCriticalSection
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsBadCodePtr
IsBadWritePtr
IsValidCodePage
LeaveCriticalSection
LoadLibraryA
Module32First
Module32Next
QueryPerformanceCounter
RemoveDirectoryA
RtlUnwind
SetCurrentDirectoryA
SetEvent
SetFileAttributesA
SetFileTime
SetLastError
SetStdHandle
Sleep
SuspendThread
SystemTimeToFileTime
TlsFree
TlsGetValue
UnhandledExceptionFilter
UnmapViewOfFile
VirtualFree
WaitForSingleObject
WideCharToMultiByte
WriteConsoleA
WritePrivateProfileStringA
lstrcatA
lstrcmpiA
lstrcpyA
lstrcpynA

user32

CallNextHookEx
CharNextA
CreateWindowExA
DestroyMenu
DialogBoxParamA
EqualRect
ExitWindowsEx
GetDlgItem
GetMenuItemCount
GetSysColorBrush
GetSystemMetrics
GetWindowRect
IntersectRect
IsDlgButtonChecked
IsWindow
MessageBoxA
PostMessageA
RegisterClassA
RegisterClassExA
RegisterClipboardFormatA
ReleaseDC
SendMessageA
SetCapture
SetForegroundWindow
SetWindowTextA
ShowWindow
SystemParametersInfoA
UpdateWindow
wsprintfA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.INIT
Size: 230KB - Virtual size: 2.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4b7ed62bb485d3ad3cd2c987ab4214f9

Headers

File Characteristics

Imports

advapi32

kernel32

user32

version

Sections

.text Size: 26KB - Virtual size: 28KB

.INIT Size: 230KB - Virtual size: 2.8MB

.data Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 3KB - Virtual size: 4KB

.edata Size: 15KB - Virtual size: 16KB

.rsrc Size: 2KB - Virtual size: 4KB

.text
Size: 26KB - Virtual size: 28KB

.INIT
Size: 230KB - Virtual size: 2.8MB

.data
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 3KB - Virtual size: 4KB

.edata
Size: 15KB - Virtual size: 16KB

.rsrc
Size: 2KB - Virtual size: 4KB