2b718024d26deb3a50ae000b21559dd1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2b718024d26deb3a50ae000b21559dd1_JaffaCakes118
Size

194KB
MD5

2b718024d26deb3a50ae000b21559dd1
SHA1

ef7e5668d0f8b884f8a36e433c972f1de9b26fd0
SHA256

71d5930a136a7a49c08665c19d639c177a289884cedbd4c6da5a4c585b9937cf
SHA512

2e5ea818f363571f38751f71ef5f2dc797746bbc683d74521b802be0bf3d0f7701425f5f8d6d50cd60add7c0eac0eb8539de311cad8dba011410f97a6865f9de
SSDEEP

6144:LaQX85lbyNdb8N7mDelUGtGmEzi23c95f:LRX8fb+bdyUBmE+23C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b718024d26deb3a50ae000b21559dd1_JaffaCakes118

Files

2b718024d26deb3a50ae000b21559dd1_JaffaCakes118
.exe windows:1 windows x86 arch:x86

2d57f0b06ec1fd7249fbc86411a8cc7d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetConsoleCP
InterlockedDecrement
ExitProcess
GetCurrentProcess
FindResourceA
SuspendThread
LoadResource
SizeofResource
GlobalAlloc
LocalAlloc
ExitThread
LocalFree
VirtualProtectEx
LoadLibraryA
CreateEventA
GetProcAddress
GetModuleHandleA
lstrcmpi
GlobalSize
ReadFile
RemoveDirectoryA
ClearCommBreak
OpenEventA
SetThreadPriority
PeekConsoleInputA
GetWindowsDirectoryA
DuplicateHandle
GetTickCount
FindFirstFileA
GlobalUnlock
GetConsoleTitleA
ReadConsoleA
GetCurrencyFormatA
GetFileSize
CreateThread
GetSystemTime
SystemTimeToFileTime
GetConsoleCP
TerminateProcess
GlobalReAlloc
CreateSemaphoreA
OpenMutexA
GetDiskFreeSpaceA
UnlockFile
CreateProcessA
FindNextFileA
GetDriveTypeA
GetExitCodeProcess
GetCommTimeouts
DisconnectNamedPipe
TerminateThread
FileTimeToDosDateTime
SetConsoleCursorPosition
SetEvent
SetConsoleScreenBufferSize
lstrcmpA
SetupComm
GetTempPathA
SetLocalTime
SetConsoleTextAttribute
SetCommState
WriteConsoleOutputA
InitializeCriticalSection
FreeConsole
DosDateTimeToFileTime
FindResourceExA
GetEnvironmentVariableA
Sleep
GetCurrentDirectoryA
TlsAlloc
GetCommandLineA
GetStdHandle
CreatePipe
ClearCommError
GetLocalTime
GetLogicalDrives
GetConsoleOutputCP
GetExitCodeThread
GetPriorityClass
GetFullPathNameA
SetFilePointer
GlobalHandle
ReleaseSemaphore
GetEnvironmentStringsA
BuildCommDCBA
SetConsoleTitleA
MoveFileA
SetConsoleOutputCP
AllocConsole
CreateFileA
SetCommMask
GetCurrentProcessId
GetCommState
GetCommConfig
WaitCommEvent
ResetEvent
DeleteAtom
CloseHandle
ReleaseMutex
GlobalFree
GetFileTime
GetCurrentThreadId
WriteConsoleInputA
SetCurrentDirectoryA
FileTimeToLocalFileTime
GetNamedPipeInfo
LockFile
GetCPInfo
Beep
LoadModule
GetFileAttributesA
LeaveCriticalSection
InterlockedExchange
GetFileType
TlsFree
LocalReAlloc
UnmapViewOfFile
OpenSemaphoreA
DeleteCriticalSection
EnterCriticalSection
FindClose
GetSystemDirectoryA
SetFileTime
CreateConsoleScreenBuffer

wsock32

setsockopt
listen
WSACleanup
ntohs
gethostname
connect
send
htonl
recvfrom
WSAStartup
recv
ntohl
gethostbyname
WSAGetLastError
accept
closesocket
inet_ntoa
sendto
getsockname
bind
select
htons
gethostbyaddr
shutdown
socket
getsockopt

advapi32

RegQueryInfoKeyA
RegEnumKeyExA
RegQueryValueA
RegConnectRegistryA
RegOpenKeyExA
RegDeleteValueA
RegCreateKeyExA
RegCloseKey
RegEnumKeyA

user32

AttachThreadInput
ScreenToClient
SetTimer
IsChild
GetDC
ReleaseDC
GetDlgItem
FrameRect
SetCursorPos
GetDesktopWindow
RegisterClassA
GetMenuItemCount
DestroyWindow
EnableMenuItem
GetMenuItemRect
CharToOemA
ExitWindowsEx
GetTopWindow
DestroyCursor
GetMenuState
DefDlgProcA
CallMsgFilterA
GetKeyboardLayout
DestroyMenu
CloseWindow
SetWindowTextA
GetClassLongA
InsertMenuA
UnregisterClassA
GetMenu
ClientToScreen
GetActiveWindow
CharUpperA
MoveWindow
LoadStringA
AppendMenuA
EnableWindow
wsprintfA
DestroyIcon
SetActiveWindow
PeekMessageA
TranslateAcceleratorA
PostQuitMessage
GetKeyboardState
DispatchMessageA
KillTimer
GetClientRect
CreateIcon
GetForegroundWindow
FillRect
GetMenuDefaultItem
CheckMenuItem
IsZoomed
WindowFromPoint
SendMessageA
GetMenuItemID
ChildWindowFromPoint
ScrollWindowEx
ScrollWindow
SetScrollInfo
GetCursorPos
GetSystemMetrics
ShowCursor
GetWindowTextA
EnumChildWindows
DeleteMenu
EndPaint
GetWindowDC
SetMenu
CharUpperBuffA
LoadIconA
IsWindowEnabled
InsertMenuItemA

gdi32

GetPixelFormat
SelectPalette
GetWorldTransform
CreateFontA
GetBkMode
PolyDraw
CreateDCA
StretchDIBits
GetWindowExtEx
DeleteDC
GetSystemPaletteUse
GetTextMetricsA
UnrealizeObject
AnimatePalette
RestoreDC
RectVisible
GetStockObject
GetBitmapBits
Arc
SetMapMode
FloodFill
GetArcDirection
GetViewportOrgEx
PaintRgn
SetBitmapBits
GetDIBits
StretchBlt
GetPath
GetRgnBox
SetViewportOrgEx
Rectangle
GetNearestColor
TextOutA
Ellipse
SelectObject
GetDeviceCaps
LineTo
SetWorldTransform
GetPixel

Sections

AUTO
Size: 9KB - Virtual size:

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

BSS
Size: 2KB - Virtual size:

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 169KB - Virtual size:

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2d57f0b06ec1fd7249fbc86411a8cc7d

Headers

File Characteristics

Imports

kernel32

wsock32

advapi32

user32

gdi32

Sections

AUTO Size: 9KB - Virtual size:

BSS Size: 2KB - Virtual size:

.data Size: 3KB - Virtual size:

.idata Size: 6KB - Virtual size:

.reloc Size: 5KB - Virtual size:

.rsrc Size: 169KB - Virtual size:

AUTO
Size: 9KB - Virtual size:

BSS
Size: 2KB - Virtual size:

.data
Size: 3KB - Virtual size:

.idata
Size: 6KB - Virtual size:

.reloc
Size: 5KB - Virtual size:

.rsrc
Size: 169KB - Virtual size: