2b7500ac7aeb6c6abe71915f6f23e7ab_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2b7500ac7aeb6c6abe71915f6f23e7ab_JaffaCakes118
Size

371KB
MD5

2b7500ac7aeb6c6abe71915f6f23e7ab
SHA1

219f85009e0533e430c818dc9408cbf9886949d5
SHA256

f8b9cebaa106317b8a21a8523306617af0a362465665ba33653773342b2dc2c1
SHA512

27979d96840d5c548d5e3ba01a8ff70fcb74cc414d65e9fe9d99e9290cb4f88d48d5a0f8338209ed138842faa3707df6fd843881a9e05216c387ab32920fa898
SSDEEP

6144:oJhlMCcmGqIrgxYBjnMBT7h/YPJnu8DICYLfUC4zZhfAltyo15g8mbly5wCuiSLr:4lr0gO5Ml9YPlXSv47OyovBsw5wVHM3a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b7500ac7aeb6c6abe71915f6f23e7ab_JaffaCakes118

Files

2b7500ac7aeb6c6abe71915f6f23e7ab_JaffaCakes118
.exe windows:4 windows x86 arch:x86

352b6fb457cb4eda9ceccb96eae8c1ed

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

CreateWindowExA
GetSysColor
BringWindowToTop
GetWindowThreadProcessId
GetClientRect
DeferWindowPos
GetWindowPlacement
FindWindowA
DialogBoxParamA
GetDlgItemTextA
CreateDialogParamA
EnumWindows

gdi32

Chord
GetBitmapDimensionEx
DeleteDC
DeleteMetaFile
CreateDiscardableBitmap
CopyMetaFileW
DrawEscape
ChoosePixelFormat
CreateCompatibleDC
CombineRgn

kernel32

GetACP
GetOEMCP
HeapAlloc
VirtualAlloc
HeapReAlloc
LoadLibraryA
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetCPInfo
GetStartupInfoA
VirtualProtectEx
GlobalUnlock
GetStringTypeA
GetProcAddress
CopyFileA
VirtualAllocEx
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
WriteFile
RtlUnwind
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetLastError
TlsGetValue
SetLastError
TlsAlloc
GetModuleHandleA
GetStringTypeW
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetCurrentThreadId
TlsSetValue

secur32

ApplyControlToken
VerifySignature
DeleteSecurityContext
DecryptMessage
MakeSignature
CompleteAuthToken

netapi32

NetUserDel
Netbios
NetFileEnum
NetAuditRead
NetFileGetInfo
NetErrorLogRead
NetGetAnyDCName

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hjp
Size: 332KB - Virtual size: 331KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

352b6fb457cb4eda9ceccb96eae8c1ed

Headers

File Characteristics

Imports

user32

gdi32

kernel32

secur32

netapi32

Sections

.text Size: 29KB - Virtual size: 28KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 2KB - Virtual size: 80KB

.hjp Size: 332KB - Virtual size: 331KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 29KB - Virtual size: 28KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 2KB - Virtual size: 80KB

.hjp
Size: 332KB - Virtual size: 331KB

.rsrc
Size: 3KB - Virtual size: 2KB