2ba2da3e1411e1750ca10cc4f74cd39a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2ba2da3e1411e1750ca10cc4f74cd39a_JaffaCakes118
Size

280KB
MD5

2ba2da3e1411e1750ca10cc4f74cd39a
SHA1

f72d917fcbe91891612fd33d50f1795eb808f33d
SHA256

304cca23a878f7e42e769c306651ee08bd323cedb80889bacab5c03391ec95df
SHA512

81aa04dfc76a215ea944fe3f39a4812a5366e1fcd400ae94a2058ff8c9c35be278122365d02df0d8c8992251bed9946971ba61070ad6ca1c239fa254cf690720
SSDEEP

6144:mnMwci0IAyLHBKdETqkC15ZMGjvOOSbSgYtitm:mnMbQhKdaCxjWOSbKs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ba2da3e1411e1750ca10cc4f74cd39a_JaffaCakes118

Files

2ba2da3e1411e1750ca10cc4f74cd39a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4419d20947c8b5967f81b6f9c74b2da1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalGetAtomNameA
_lopen
_hread
GetCompressedFileSizeA
GlobalReAlloc
GetVersionExA
GetModuleHandleA
VirtualProtect
GetStartupInfoA

user32

FindWindowExA
OpenWindowStationA
ChangeMenuA
SetMessageQueue
RegisterHotKey
SetMenuInfo
CountClipboardFormats
OemToCharBuffW
ModifyMenuA
ReplyMessage
CopyAcceleratorTableW
GetIconInfo
GetMenuInfo
MessageBoxExA
OpenDesktopA
SetWindowPos

gdi32

PolyPolyline
GetTextExtentPointA
EnumObjects
ModifyWorldTransform
RectInRegion
PlayMetaFileRecord
SetWinMetaFileBits
ResizePalette
TranslateCharsetInfo
PolyBezierTo
UpdateColors
CreateRoundRectRgn
SetWindowExtEx
StartPage
SaveDC
ChoosePixelFormat

comdlg32

ReplaceTextW

advapi32

EnumDependentServicesA
RegSetValueExW
RegCloseKey
GetSidLengthRequired
RegGetKeySecurity
CloseEventLog
QueryServiceLockStatusW
BuildTrusteeWithSidW
RegQueryValueExW
DestroyPrivateObjectSecurity
OpenEventLogW
RegSaveKeyA
UnlockServiceDatabase
GetAce
OpenServiceW
StartServiceCtrlDispatcherA
IsValidAcl
AbortSystemShutdownA
CreateProcessAsUserA
EnumDependentServicesW
CryptAcquireContextW
CreateProcessAsUserW
GetExplicitEntriesFromAclW
RegEnumValueW
IsTextUnicode
QueryServiceConfigW
EnumServicesStatusW
DuplicateToken
DeleteService
SetEntriesInAclW
RegQueryInfoKeyW
OpenSCManagerW
IsValidSid
DuplicateTokenEx
CryptAcquireContextA

shell32

ExtractIconExW
SHGetFileInfoA
SHFileOperationW
SHGetSettings
SHGetPathFromIDListA

ole32

CoUninitialize
CreateGenericComposite

oleaut32

GetActiveObject
VariantCopyInd
SafeArrayPtrOfIndex
SafeArrayCreate

shlwapi

PathFileExistsW
SHRegCloseUSKey
StrRChrW
AssocQueryKeyW
StrToIntExW
AssocCreate

setupapi

SetupGetLineTextW
SetupGetLineCountA
SetupTermDefaultQueueCallback

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit

Sections

.text
Size: 260KB - Virtual size: 257KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

4419d20947c8b5967f81b6f9c74b2da1

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

setupapi

msvcrt

Sections

.text Size: 260KB - Virtual size: 257KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 11KB

.text
Size: 260KB - Virtual size: 257KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 11KB