2b7750fee5a89c087f66359de25faf8a_JaffaCakes118

General

Target

2b7750fee5a89c087f66359de25faf8a_JaffaCakes118
Size

240KB
MD5

2b7750fee5a89c087f66359de25faf8a
SHA1

372f941a89a0b7c2364ec4b5645717f3b716788d
SHA256

9c97d63ea3dd554c1aee15f27bd35ad220e76671699a920754ecfdf82580eae7
SHA512

4e41db62f252bca1a65786b579f6396e1848acd76337f84d7c57dd45c58bc032642d9791fa5d804a0f5bb89e744061ced07e1ec21cc80ef1e19ab2a1ec3671cd
SSDEEP

6144:a+jb1tHwNDF1wDK3BFS2KpxkhOmO2jOYmUCSp+52L:/XNK3z0kcmOA+UBa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b7750fee5a89c087f66359de25faf8a_JaffaCakes118

Files

2b7750fee5a89c087f66359de25faf8a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

54edbfb180406b936dafd9cfc8d68a58

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FileTimeToSystemTime
VirtualFree
GetFileAttributesW
FindNextFileW
MultiByteToWideChar
FindResourceExW
SetThreadPriority
LoadLibraryA
MoveFileW
GetLastError
WriteFile
GetLogicalDrives
DuplicateHandle
GetProcAddress
GetCurrentThreadId
GetVersion
GetTickCount
CreateWaitableTimerW
LoadResource
CancelWaitableTimer

user32

OffsetRect
SetDlgItemTextW
FillRect
GetMessageW
CreateWindowExW
GetWindowRect
GetWindowTextW
WindowFromPoint
DispatchMessageW
PostMessageW
PostQuitMessage
RedrawWindow
SetCursor
SystemParametersInfoW
DialogBoxParamW
SetCursorPos
IsWindow
RegisterClassExW
SetForegroundWindow
GetDlgItem
GetParent
ReleaseCapture
SetLayeredWindowAttributes
SetWindowTextW
TranslateMessage

gdi32

CreateRoundRectRgn
GetClipBox
SetMapMode
BitBlt
SelectObject
CreateCompatibleDC
LineTo
DeleteDC

advapi32

LookupPrivilegeValueW
GetUserNameW
RegNotifyChangeKeyValue
RegSetValueExW
RegQueryValueExW

Sections

.euct
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bvno
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vhfawt
Size: 212KB - Virtual size: 212KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

54edbfb180406b936dafd9cfc8d68a58

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.euct Size: 20KB - Virtual size: 17KB

.bvno Size: 4KB - Virtual size: 1KB

.vhfawt Size: 212KB - Virtual size: 212KB

.euct
Size: 20KB - Virtual size: 17KB

.bvno
Size: 4KB - Virtual size: 1KB

.vhfawt
Size: 212KB - Virtual size: 212KB