2b6fb8a002ee99633c424be7dd00327e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2b6fb8a002ee99633c424be7dd00327e_JaffaCakes118
Size

111KB
MD5

2b6fb8a002ee99633c424be7dd00327e
SHA1

92984030dc62b7c34aa5c54c603740420f4ebb17
SHA256

8c252bb22fad940eb5771840df038d1e7d8d77d9c0e10d2e7e48e68db4eb140e
SHA512

a5c3cc007dbc5257d65d3a0fb64fa68ed51e7fa019faa60739f8775c1df9fac999375070290ab2c3cf034f254272fc139afe1760f2544fd396383dd96c8965fa
SSDEEP

1536:17pIIe2iGmluMKqgzv2JnL3WQcUjBZF/PJfTxbBPoqN+geWB7gyw/RMQ:17Li9KNjOr3ZZF/lwqxeWB7gy4RMQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b6fb8a002ee99633c424be7dd00327e_JaffaCakes118

Files

2b6fb8a002ee99633c424be7dd00327e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0d1b552140897115952c4e34854506b1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

VirtualAlloc
FreeEnvironmentStringsA
lstrcmpiW
GetUserDefaultLCID
SetLastError
GetStartupInfoA
RemoveDirectoryA
Sleep
GetSystemDirectoryA
EnumCalendarInfoA
GetStartupInfoW
VirtualProtect
FileTimeToSystemTime
GetCPInfo
SetFileTime
GetModuleHandleA
GetTimeZoneInformation
WaitForMultipleObjects

user32

GetSysColor
GetPropA
GetMenuItemID
InflateRect
GetFocus
LoadBitmapA
DrawFrameControl
IntersectRect
SendMessageA
GetDesktopWindow
CallWindowProcA

msvcrt

_CIpow
__badioinfo
_XcptFilter
_initterm
strcspn
__p__fmode
_wcslwr
__getmainargs
__p__commode
atol
_acmdln
_getcwd
exit
sqrt
__set_app_type
_adjust_fdiv
remove
__setusermatherr
_except_handler3

advapi32

FreeSid
RegEnumKeyA
OpenServiceW
DeleteService
RegFlushKey
RevertToSelf
RegCloseKey

shell32

ExtractIconExA
CommandLineToArgvW
ShellExecuteExA
SHBindToParent
DragAcceptFiles
ExtractIconExW
SHGetSettings
SHAddToRecentDocs
SHGetFileInfoA
SHGetDiskFreeSpaceExW
SHCreateDirectoryExA
SHFileOperationW
ExtractIconW

ole32

CoTaskMemRealloc
CoRevokeClassObject
StgCreateDocfileOnILockBytes
CoGetInterfaceAndReleaseStream
CreateItemMoniker
DoDragDrop
CoTaskMemFree
CoReleaseMarshalData
StgOpenStorageOnILockBytes
CreateStreamOnHGlobal

comctl32

CreateStatusWindowA
ImageList_Replace
ImageList_GetIconSize
ImageList_DragShowNolock
ImageList_Write
ImageList_SetBkColor
InitializeFlatSB

oleaut32

CreateErrorInfo
SysAllocStringByteLen
SafeArrayPtrOfIndex
GetActiveObject
SafeArrayRedim

Sections

.text
Size: 81KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0d1b552140897115952c4e34854506b1

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

advapi32

shell32

ole32

comctl32

oleaut32

Sections

.text Size: 81KB - Virtual size: 80KB

.data Size: 4KB - Virtual size: 3KB

.rsrc Size: 25KB - Virtual size: 25KB

.text
Size: 81KB - Virtual size: 80KB

.data
Size: 4KB - Virtual size: 3KB

.rsrc
Size: 25KB - Virtual size: 25KB