2b537e5c5c73f67a755eb972df25996d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2b537e5c5c73f67a755eb972df25996d_JaffaCakes118
Size

376KB
MD5

2b537e5c5c73f67a755eb972df25996d
SHA1

ae6a91f1a393430f053f0135cad48b62319ed0e3
SHA256

da94cfaea9e62736c0ea5ad2baabb3c0b1d5375aaeebaef9897c887a02681277
SHA512

7763f12b7b7615b7947ef8e491097fcb596ccef61ec2afe7aa304f4f1de35865a5b8019d463261ba30036d015dd68b67ce3ffa090ea5805cf6be7af064a8a3d0
SSDEEP

6144:4tz3ikUkd6A++WTH6tO52mNVGuAl323v2LZgZMzjD011r6bporfxvjN0AIHyHF:oJUkiDT1PGuA9evrGjQbAafd7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b537e5c5c73f67a755eb972df25996d_JaffaCakes118

Files

2b537e5c5c73f67a755eb972df25996d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7badb6c527da48d318a8a25a41bd6acf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
GetCommandLineA
GetVersionExA
PrepareTape
WritePrivateProfileSectionW
DebugBreak
IsBadReadPtr
LoadLibraryExW
SuspendThread
EnumResourceNamesW
IsValidLocale
GetConsoleCursorInfo
lstrlenA
VirtualProtect

user32

IsCharAlphaNumericA
GetWindowTextLengthA
WinHelpA
SetWindowTextW
ToUnicode
GetUserObjectSecurity
SetLastErrorEx
GetWindowRgn
IsChild
FindWindowExW
GetMessageW
SetClassLongW
ScrollWindowEx
SetMenuDefaultItem
TrackPopupMenuEx
DefMDIChildProcW
EndDialog
LoadKeyboardLayoutW
GetPropW
UnregisterDeviceNotification
GetCapture
GetClassNameW
DrawMenuBar
MapVirtualKeyA
SetWindowLongA
TileWindows
SetMenuInfo
DrawTextExW
SetMenuItemInfoW
SetClipboardData
OpenWindowStationA

gdi32

EnumEnhMetaFile
EnumFontFamiliesExW
GetOutlineTextMetricsA
SetPixel
GetClipBox
SetSystemPaletteUse
SetRectRgn
SetAbortProc
CreateEnhMetaFileA
SetColorAdjustment
UnrealizeObject
GetTextAlign
OffsetClipRgn
SaveDC
GetSystemPaletteUse
RectVisible

comdlg32

GetSaveFileNameA
CommDlgExtendedError

advapi32

AddAce
NotifyBootConfigStatus
RegEnumKeyA
RegConnectRegistryA
SetSecurityDescriptorOwner
CreateServiceW
GetSecurityDescriptorSacl
RegQueryValueExW
RegEnumValueA
RegSetValueW
AbortSystemShutdownA
RegUnLoadKeyA
EnumServicesStatusA
CreateServiceA
GetAce
LookupPrivilegeValueW
GetLengthSid
CloseEventLog
RegOpenKeyA
LookupAccountNameA
InitiateSystemShutdownW
GetSecurityDescriptorGroup
LogonUserA
RegEnumKeyExA
DuplicateToken
RegLoadKeyA
CryptReleaseContext
GetUserNameW
EnumServicesStatusW
CreatePrivateObjectSecurity

ole32

CoTaskMemRealloc
StgOpenStorage
OleConvertIStorageToOLESTREAM
CoGetObject
OleSetContainedObject

oleaut32

LoadTypeLibEx

comctl32

ImageList_Replace
ImageList_SetDragCursorImage

shlwapi

StrStrW
PathIsRootA
StrStrIW
SHRegCreateUSKeyW
PathGetDriveNumberA
SHRegGetUSValueW
StrTrimW
SHOpenRegStream2W
StrFormatByteSizeA
PathAddBackslashA
StrCatW
SHRegGetBoolUSValueW
PathQuoteSpacesW
StrStrIA
UrlCreateFromPathW
SHRegWriteUSValueW
StrRetToStrW
SHCopyKeyA

setupapi

SetupDiGetClassDescriptionW
SetupOpenAppendInfFileA
SetupDiRemoveDevice
SetupGetIntField
SetupCloseInfFile
SetupDiGetDeviceRegistryPropertyA
SetupDiGetDeviceInfoListDetailA
SetupGetTargetPathW
SetupDiGetClassDescriptionExA

Sections

.text
Size: 332KB - Virtual size: 331KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7badb6c527da48d318a8a25a41bd6acf

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

ole32

oleaut32

comctl32

shlwapi

setupapi

Sections

.text Size: 332KB - Virtual size: 331KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 36KB - Virtual size: 34KB

.text
Size: 332KB - Virtual size: 331KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 36KB - Virtual size: 34KB