2b9d08d82d6b01f23fb9d2224fb73dde_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2b9d08d82d6b01f23fb9d2224fb73dde_JaffaCakes118
Size

644KB
MD5

2b9d08d82d6b01f23fb9d2224fb73dde
SHA1

250330f77760d41f0334d40f0821c48c30d8cf76
SHA256

74b997091d9292a04ac787936766b5670386bbf61aee043f5d2ba3f1844a5302
SHA512

a413e1392fdcea8b18c15b2fe711f8e0ce083f734c893eef6ef2ce9d7a204d0e2abfd99411d32c48b9fa22abd2b7e65ce9d12fe87cf2ae538f0aebbc26769041
SSDEEP

12288:8Kf5tQ5apqBAyZ3x7OSjBgdUiZDcRzkwbq0titxeb8RhXWaIao:8ktQ3CgZCVDc2wb3cGwWaIL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b9d08d82d6b01f23fb9d2224fb73dde_JaffaCakes118

Files

2b9d08d82d6b01f23fb9d2224fb73dde_JaffaCakes118
.exe windows:4 windows x86 arch:x86

047935859b6b4bc47027fd3876fead53

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetViewportOrgEx
GetBoundsRect
CopyMetaFileA
CopyMetaFileW
SetEnhMetaFileBits
CreateColorSpaceW
SetROP2
CloseFigure
PtVisible
GetTextMetricsW
OffsetClipRgn
GetCharABCWidthsA
GetICMProfileW
CreatePatternBrush
PlayEnhMetaFile
PolyTextOutA
SetTextCharacterExtra
SetPolyFillMode
GetKerningPairs
CreateScalableFontResourceA
SelectPalette
GetObjectA
CloseMetaFile

advapi32

LookupSecurityDescriptorPartsW
CryptSetProviderExA
RegEnumKeyA
ReportEventA
RegDeleteValueW
CryptHashData
LookupPrivilegeNameW
CryptAcquireContextW
RegDeleteKeyW
LookupSecurityDescriptorPartsA
RegOpenKeyA
CryptGetProvParam
CryptDestroyKey
CryptReleaseContext
RegSetValueExW
RegCreateKeyExW
CryptEnumProviderTypesW
GetUserNameA
RegSetKeySecurity
CryptGetDefaultProviderA
CryptDuplicateHash
RegQueryValueA
RegCreateKeyW
RegQueryValueExA
RegSetValueExA

kernel32

HeapReAlloc
FreeEnvironmentStringsA
InterlockedDecrement
TlsAlloc
TerminateProcess
UnhandledExceptionFilter
GetVersionExA
HeapDestroy
CompareStringA
GetConsoleOutputCP
SetLastError
HeapSize
GetCurrentProcess
SetUnhandledExceptionFilter
FindResourceW
FoldStringW
FreeEnvironmentStringsW
GetConsoleCP
TlsSetValue
GetTimeZoneInformation
GetModuleHandleA
CompareStringW
GetModuleFileNameA
LCMapStringA
GetUserDefaultLCID
SetFilePointer
GetStringTypeW
SetConsoleTitleW
GetACP
GetProcAddress
WideCharToMultiByte
ReadFile
InterlockedExchange
SetEnvironmentVariableA
EnterCriticalSection
AllocConsole
LeaveCriticalSection
GetDateFormatA
WriteConsoleOutputCharacterW
GetCurrentThreadId
ExitProcess
TlsFree
EnumSystemLocalesA
GetCurrentProcessId
GetProcessHeap
GetLocaleInfoA
SetConsoleCtrlHandler
InterlockedIncrement
GetCurrentThread
QueryPerformanceCounter
HeapCreate
GetLastError
GetOEMCP
WriteFile
SetThreadContext
GetExitCodeProcess
GetConsoleMode
HeapAlloc
GetSystemTimeAsFileTime
GetStartupInfoA
GetCommandLineA
IsDebuggerPresent
SetHandleCount
GetCPInfo
OpenMutexA
SetStdHandle
IsValidCodePage
FileTimeToDosDateTime
GetLocaleInfoW
LoadLibraryA
CreateDirectoryExA
FreeLibrary
WaitForSingleObject
GetStdHandle
GetFileType
GetEnvironmentStringsW
HeapFree
VirtualQuery
WriteConsoleW
TlsGetValue
VirtualFree
GetTimeFormatA
CreateMutexA
LCMapStringW
FlushFileBuffers
GetStringTypeA
GetEnvironmentStrings
Sleep
MultiByteToWideChar
RtlUnwind
WriteConsoleA
CommConfigDialogW
IsValidLocale
CloseHandle
CreateFileA
GetTickCount
InitializeCriticalSection
VirtualAlloc
DeleteCriticalSection
ReadFileEx

user32

DrawTextExA
CopyAcceleratorTableA
SetSystemCursor
GetWindowRect
SetWindowContextHelpId
GetMenuCheckMarkDimensions
AttachThreadInput
DdeAddData
SetWindowsHookExW
LoadIconA
SetWindowsHookW
RegisterClassExA
DdeDisconnect
SetActiveWindow
SendIMEMessageExA
PeekMessageW
GetUpdateRect
InvertRect
SetProcessWindowStation
RegisterClassA
LoadMenuA
GetDlgItemInt

shell32

SHFormatDrive
SHGetPathFromIDListW
ExtractIconW

comdlg32

FindTextA
ChooseFontW
ReplaceTextA
FindTextW

comctl32

CreatePropertySheetPageA
ImageList_ReplaceIcon
ImageList_GetFlags
DrawStatusTextW
InitCommonControlsEx
ImageList_Create
ImageList_Read
CreateUpDownControl
CreateMappedBitmap
ImageList_DragEnter
ImageList_DragMove
ImageList_Merge

Sections

.text
Size: 244KB - Virtual size: 243KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 216KB - Virtual size: 221KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 75KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

047935859b6b4bc47027fd3876fead53

Headers

File Characteristics

Imports

gdi32

advapi32

kernel32

user32

shell32

comdlg32

comctl32

Sections

.text Size: 244KB - Virtual size: 243KB

.rdata Size: 216KB - Virtual size: 221KB

.data Size: 108KB - Virtual size: 107KB

.rsrc Size: 75KB - Virtual size: 74KB

.text
Size: 244KB - Virtual size: 243KB

.rdata
Size: 216KB - Virtual size: 221KB

.data
Size: 108KB - Virtual size: 107KB

.rsrc
Size: 75KB - Virtual size: 74KB