2b3fbf2ee7380f1f7caaafed86042fba_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2b3fbf2ee7380f1f7caaafed86042fba_JaffaCakes118
Size

545KB
MD5

2b3fbf2ee7380f1f7caaafed86042fba
SHA1

73e7d7a44be95f6958131b43c02b70361317e99b
SHA256

140aa0f65efb035fcf42ee635ed182d1e6922360e92656ccb6c89e58f1fb85c5
SHA512

4fb7a2bb1486b92153f45263a1b50ce91add42c3522bd5d01db769d05ff9747a2f77e73795c17592d3fc825b597a914d5668b00855b657356dae47f9dffdf93b
SSDEEP

12288:VLM6d/LT304McPAt0Q0MWStKjbYwEXdVe:DdLT3ZHPAt08yYFve

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b3fbf2ee7380f1f7caaafed86042fba_JaffaCakes118

Files

2b3fbf2ee7380f1f7caaafed86042fba_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f1158d8516a049ceb9f7dfc75e2502a7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

IsWindowVisible
CreateIcon
CopyImage
RegisterClassExA
OpenIcon
SetWindowsHookExA
LoadBitmapA
RegisterClassA
DrawMenuBar
GetWindowInfo
CallNextHookEx
GetGuiResources

comctl32

InitCommonControlsEx

comdlg32

PageSetupDlgW

shell32

SheChangeDirExW
RealShellExecuteExW
SHFreeNameMappings
SHFileOperation

gdi32

GetRandomRgn
CreateDIBPatternBrushPt
GetFontData
PathToRegion
SetRectRgn
PtVisible
GetTextMetricsW
GdiPlayScript
PlayEnhMetaFile
UpdateICMRegKeyA
ChoosePixelFormat
MoveToEx

kernel32

GetCPInfo
InterlockedDecrement
TerminateProcess
GetStdHandle
HeapCreate
GetModuleHandleA
GetCommandLineW
GetStringTypeW
SetEnvironmentVariableA
VirtualQuery
GetSystemTime
SetLastError
WriteConsoleOutputAttribute
HeapDestroy
VirtualAlloc
LCMapStringA
GetFileType
DeleteCriticalSection
MultiByteToWideChar
GetStartupInfoA
InterlockedIncrement
ReadConsoleInputW
TlsGetValue
WriteFile
TlsSetValue
GetPrivateProfileStructW
LeaveCriticalSection
GetStringTypeA
ReadFile
DosDateTimeToFileTime
CompareStringW
GetTimeZoneInformation
GetVolumeInformationA
GetVersion
CompareStringA
SetHandleCount
GetEnvironmentStrings
GetStartupInfoW
SetStdHandle
GetLastError
ExitProcess
GetCurrentThread
CloseHandle
FreeEnvironmentStringsW
GetModuleFileNameW
OpenMutexA
FreeEnvironmentStringsA
TlsAlloc
LoadLibraryA
QueryPerformanceCounter
lstrcmpA
EnterCriticalSection
GetLocalTime
WideCharToMultiByte
CreateMutexA
GetModuleFileNameA
HeapFree
GetCurrentProcess
HeapAlloc
GetTempPathA
GetSystemTimeAsFileTime
InterlockedExchange
SetFilePointer
GetDriveTypeW
GetProcAddress
TlsFree
GetCurrentThreadId
FlushFileBuffers
IsBadWritePtr
GetCurrentProcessId
RtlUnwind
GetTickCount
DuplicateHandle
GetEnvironmentStringsW
GetCommandLineA
HeapReAlloc
LCMapStringW
InitializeCriticalSection
VirtualFree
UnhandledExceptionFilter

Sections

.text
Size: 212KB - Virtual size: 212KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 317KB - Virtual size: 316KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f1158d8516a049ceb9f7dfc75e2502a7

Headers

File Characteristics

Imports

user32

comctl32

comdlg32

shell32

gdi32

kernel32

Sections

.text Size: 212KB - Virtual size: 212KB

.rdata Size: 4KB - Virtual size: 16KB

.data Size: 317KB - Virtual size: 316KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 212KB - Virtual size: 212KB

.rdata
Size: 4KB - Virtual size: 16KB

.data
Size: 317KB - Virtual size: 316KB

.rsrc
Size: 10KB - Virtual size: 10KB