2b9b51bb218773b1ea584494aa3a64ba_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2b9b51bb218773b1ea584494aa3a64ba_JaffaCakes118
Size

341KB
MD5

2b9b51bb218773b1ea584494aa3a64ba
SHA1

c025078e4e4c08623d622de0f2b2cfbdd673055d
SHA256

53f23c23b6938e0adbe240935b104ffe97e8a83bdd71c62070b8ff4614d55ce8
SHA512

872f3580f6b711d29f90b0c7ba09627d11ec7f4af77133525504e73433997588ff2f8c8892419fe3849d17387766a1928fd71a4fb557518b7db3fb28dc1abb8b
SSDEEP

6144:qDwbzDYTQsWFSUXpycpnn5X5ZNY41QQkdLZ3l8a5H2nsznfl:rzkMFEc9nZadQ03eQH2nszfl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b9b51bb218773b1ea584494aa3a64ba_JaffaCakes118

Files

2b9b51bb218773b1ea584494aa3a64ba_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2a133abaf85910ca1e90527ea7719594

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryInfoKeyA
RegDeleteKeyA
RegSetValueExW
RegDeleteValueW
RegQueryValueExA
RegOpenKeyExA
RegEnumKeyExA
RegQueryInfoKeyW
CryptDestroyHash

gdi32

RealizePalette
GetObjectA
CreatePen
SetStretchBltMode
DeleteObject
CreateCompatibleDC
BitBlt

kernel32

CreateFileMappingA
DeleteCriticalSection
FindFirstFileW
CreateFileW
FindAtomW
EnterCriticalSection
InitializeCriticalSection
LoadLibraryA
CreateDirectoryW
GetVersion
LoadResource
OpenProcess
MultiByteToWideChar
WideCharToMultiByte
GlobalLock
GetSystemTimeAsFileTime
GetProcAddress
LeaveCriticalSection
GetCurrentProcess
TerminateProcess
MoveFileW
GlobalUnlock
ReleaseMutex
InterlockedIncrement
CreateFileMappingW
GetModuleHandleA
InterlockedExchange
InterlockedDecrement
InterlockedCompareExchange
MulDiv
GetProcessHeap
SizeofResource
CompareFileTime
UnhandledExceptionFilter
LoadLibraryW
DuplicateHandle
SystemTimeToFileTime
GetModuleHandleW
SetEvent
GetCurrentProcessId
WaitForSingleObject
GetStartupInfoA
CreateMutexA
MapViewOfFile
HeapSize
CreateEventA
SetUnhandledExceptionFilter
lstrcmpiA
GetFileAttributesW
AddAtomW
TlsAlloc
LCMapStringW
VirtualAlloc
DeleteAtom
GetVersionExA
HeapReAlloc
EnumSystemCodePagesA
FormatMessageW
LoadLibraryExW
GetSystemTime
WriteFile
GetUserDefaultUILanguage
HeapDestroy
GetUserDefaultLCID
GlobalAlloc
ExitProcess
HeapAlloc
CopyFileW
GetLastError
ReadFile
FindResourceExA
GetStdHandle
GetFileAttributesA
LCMapStringA
GetModuleFileNameW
HeapFree
lstrlenW
FindNextFileW
FindResourceA
LoadLibraryExA
GetTickCount
IsDBCSLeadByte
FreeLibrary
FlushFileBuffers
LockResource
GetLocaleInfoA
CreateProcessA
RaiseException
TlsGetValue
GetFileAttributesExW
GetACP

user32

LoadBitmapA
CreateWindowExA
MessageBoxA
DrawTextW
DefWindowProcA
UpdateWindow
ReleaseDC
CharNextA
EnumDisplayMonitors
BeginPaint
GetWindowLongA
GetDC
GetSystemMetrics
SystemParametersInfoA
LoadStringW
UnregisterClassA
DestroyWindow
LoadIconA
GetDesktopWindow
RegisterClassA
LoadImageA
SetWindowLongA
SetForegroundWindow
MessageBoxW
CharNextW
EndPaint

Sections

.text
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2a133abaf85910ca1e90527ea7719594

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

gdi32

kernel32

user32

Sections

.text Size: 41KB - Virtual size: 41KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 24KB - Virtual size: 24KB

.rsrc Size: 1KB - Virtual size: 1KB

.text
Size: 41KB - Virtual size: 41KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 24KB - Virtual size: 24KB

.rsrc
Size: 1KB - Virtual size: 1KB