2b81b746dbe2ff09ae30dcaff28a8318_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2b81b746dbe2ff09ae30dcaff28a8318_JaffaCakes118
Size

324KB
MD5

2b81b746dbe2ff09ae30dcaff28a8318
SHA1

40df201ac3eeadcc3c61dafe244e94e86e5df3f8
SHA256

0cdb3e41ebb9fd1656dc49ded16b1683e4d563833071ed0045d9fa7c3a284721
SHA512

f79884939054ee754547d49aad6b4e9c4abd0a1343f120e1c1f3b7068a7357da569747887afde6a5d86ecbf09830a681de9d0c4d8154b8c1e32e94ee03158879
SSDEEP

6144:1GZEnH8omsGkEOpVqHO9K7TMt8uLJPOlZonq24HA2HzC0EPtQWTE:GmJGypVqHSWC8uLNyZonPv0A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b81b746dbe2ff09ae30dcaff28a8318_JaffaCakes118

Files

2b81b746dbe2ff09ae30dcaff28a8318_JaffaCakes118
.exe windows:4 windows x86 arch:x86

abaf21210d0e61c5e01322b9fcddeecd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

PeekMessageA
DestroyWindow

comctl32

ImageList_Add
ImageList_Write
ImageList_Remove

shlwapi

PathIsContentTypeA
SHStrDupA
SHSetValueA
SHQueryValueExA
SHQueryInfoKeyA
PathIsDirectoryA

kernel32

VirtualAllocEx
GetStringTypeA
InitializeCriticalSection
GlobalDeleteAtom
HeapAlloc
LoadResource
LockResource
GetVersionExA
GetProcessHeap
GlobalFindAtomA
GetStdHandle
GetLocaleInfoA
RaiseException
GetStringTypeW
LoadLibraryExA
GetStartupInfoA
LoadLibraryA
IsBadReadPtr
lstrlenA
GetModuleFileNameA
ExitThread
GlobalAlloc
ExitProcess
GetUserDefaultLCID
GetSystemDefaultLangID
GetThreadLocale
lstrlenW
HeapFree
GetModuleHandleW
GetLocalTime
GetModuleHandleA
GetProcAddress
GetVersion
GlobalAddAtomA
GetOEMCP
GetTickCount

advapi32

RegQueryValueExA
RegEnumKeyExA

Sections

CODE
Size: 288KB - Virtual size: 284KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 557B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 149B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.adata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 836B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

abaf21210d0e61c5e01322b9fcddeecd

Headers

File Characteristics

Imports

user32

comctl32

shlwapi

kernel32

advapi32

Sections

CODE Size: 288KB - Virtual size: 284KB

.rdata Size: 4KB - Virtual size: 557B

.data Size: 4KB - Virtual size: 149B

DATA Size: 4KB - Virtual size: 1KB

.bdata Size: 12KB - Virtual size: 9KB

.adata Size: 4KB - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 836B

CODE
Size: 288KB - Virtual size: 284KB

.rdata
Size: 4KB - Virtual size: 557B

.data
Size: 4KB - Virtual size: 149B

DATA
Size: 4KB - Virtual size: 1KB

.bdata
Size: 12KB - Virtual size: 9KB

.adata
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 836B