2b6eb7b5016f84909a0c42a3d7497bd9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2b6eb7b5016f84909a0c42a3d7497bd9_JaffaCakes118
Size

1003KB
MD5

2b6eb7b5016f84909a0c42a3d7497bd9
SHA1

254c2545b00c9e4ca834579f7ddb55dd88815be6
SHA256

89b8019e23d49238ac36649bbac8aa467f6f0e2e65bc419ab70c8df1a5d01784
SHA512

aeb51e5ab06ab76d7c540d75f0d97de58af1579af03e208c364f645350bf09f50bd6484e3d64f0418a5cf69148a85eee5d82c70ca315edc087aacf9093bb03d2
SSDEEP

24576:e77C4Gu8Cszgtpt2M7P27YlTXBUj8IsGjaxnkARnhkHb/DU13A9xFAmHo:+XOgRT7O7YlTXOjsGj4nkARhk7/I13Ay

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b6eb7b5016f84909a0c42a3d7497bd9_JaffaCakes118

Files

2b6eb7b5016f84909a0c42a3d7497bd9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0f38a2c7bd8622cfe143a1b9eb49e354

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindFirstFileA
GetDiskFreeSpaceA
GetModuleHandleA
lstrlenW
RemoveDirectoryA
DeleteFileA
CloseHandle
SetFileTime
CreateFileA
SetFileAttributesA
GetTempPathA
GetWindowsDirectoryA
GetSystemDirectoryA
EnterCriticalSection
LeaveCriticalSection
FlushInstructionCache
GetCurrentProcess
HeapFree
GetProcessHeap
HeapAlloc
FormatMessageA
GetCurrentThreadId
FindNextFileA
ReadFile
GetFileSize
lstrcmpiA
GetSystemDefaultLangID
SetLastError
GetModuleFileNameA
CompareStringA
GetFileAttributesA
WaitForSingleObject
GetTickCount
GetExitCodeProcess
CreateProcessA
UnmapViewOfFile
MapViewOfFile
CreateFileMappingA
RtlUnwind
GetCommandLineA
GetStartupInfoA
HeapReAlloc
HeapSize
FindClose
GetLastError
CreateDirectoryA
LoadLibraryA
GetProcAddress
FreeLibrary
MultiByteToWideChar
OutputDebugStringA
DebugBreak
InterlockedIncrement
InterlockedDecrement
lstrcmpA
GetStringTypeExA
lstrlenA
ExitProcess
DeleteCriticalSection
InitializeCriticalSection
VirtualQuery
RaiseException
WideCharToMultiByte
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
WriteFile
InterlockedExchange

user32

MapWindowPoints
SetWindowPos
IsWindow
MessageBoxA
SetDlgItemTextA
SendDlgItemMessageA
GetDlgItemTextA
CheckDlgButton
KillTimer
SetTimer
SystemParametersInfoA
ShowWindow
GetClientRect
LoadImageA
GetWindowLongA
SetWindowLongA
SendMessageA
EndDialog
GetDlgItem
LoadCursorA
SetCursor
GetWindowRect
MsgWaitForMultipleObjects
CharUpperA
RedrawWindow
GetDesktopWindow
UnregisterClassA
LoadStringA
CharNextA
wvsprintfA
DispatchMessageA
TranslateMessage
InvalidateRect
DestroyCursor
EnumChildWindows
DialogBoxParamA
GetSystemMetrics
GetDlgCtrlID
FillRect
GetWindowTextLengthA
GetWindowTextA
wsprintfA
GetSysColorBrush
EnableWindow
GetParent
SetWindowTextA
GetWindow
PeekMessageA
IsDlgButtonChecked

gdi32

CreateSolidBrush
DeleteObject
CreateCompatibleDC
SelectObject
BitBlt
DeleteDC
GetObjectA
CreateFontIndirectA
SetBkMode
SetTextColor
AddFontResourceA
CreateDIBSection
GetStockObject

advapi32

RegOpenKeyExA
OpenSCManagerA
CreateServiceW
CloseServiceHandle
RegCloseKey
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA

shell32

SHGetSpecialFolderLocation
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
ShellExecuteExA

ole32

OleUninitialize
StringFromGUID2
CLSIDFromProgID
CoCreateInstance
OleInitialize

oleaut32

SysStringLen
LoadTypeLi
RegisterTypeLi
SysAllocString
VariantClear
VariantInit
VariantCopy
VariantChangeType
VariantCopyInd
SysAllocStringLen
SysStringByteLen
SysAllocStringByteLen
SysFreeString
BstrFromVector

comctl32

ord17

Sections

.text
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0f38a2c7bd8622cfe143a1b9eb49e354

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

Sections

.text Size: 47KB - Virtual size: 47KB

.rdata Size: 8KB - Virtual size: 8KB

.data Size: 1024B - Virtual size: 2KB

.rsrc Size: 6KB - Virtual size: 5KB

.text
Size: 47KB - Virtual size: 47KB

.rdata
Size: 8KB - Virtual size: 8KB

.data
Size: 1024B - Virtual size: 2KB

.rsrc
Size: 6KB - Virtual size: 5KB