2b837bb4f4e04b4e9202a629805fee9f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2b837bb4f4e04b4e9202a629805fee9f_JaffaCakes118
Size

190KB
MD5

2b837bb4f4e04b4e9202a629805fee9f
SHA1

9746a229810dd73b9f8108bb240720c11c60e328
SHA256

420bd5bf957703678b017e576571810751865057a3458f5b3ee879c0152769b9
SHA512

bec3e8b31fc2a68f846673982ac7ab0084c86248ec59e976f25a4222bd9e344d7cc567da05808f7e40d3a59a47a3c1ee55f06f513bdee11280fd86cefe5c194a
SSDEEP

3072:hdacnLTOxjQR9kW7bzxSH0S7+vM12Tc1K5HqguwB+SQVjDsLjaFYPSbvhQaf7:jacXOJnW3zmjU/TQq2JtVjILWFYPSbCI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b837bb4f4e04b4e9202a629805fee9f_JaffaCakes118

Files

2b837bb4f4e04b4e9202a629805fee9f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0461b43850c25960ff186d62fd464045

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryInfoKeyW
RegEnumKeyW
RegQueryValueW
RegCloseKey
RegSetValueExW
RegDeleteKeyW
RegEnumKeyExW
RegOpenKeyW
RegOpenKeyExW
RegCreateKeyExW
RegQueryValueExW

shlwapi

PathStripToRootW
PathIsUNCW
PathFindFileNameW
PathFileExistsW
PathFindExtensionW
PathRemoveFileSpecW
PathAppendW

kernel32

LoadLibraryW
FindFirstFileW
GetCalendarInfoW
SystemTimeToFileTime
GetFileAttributesW
FindNextFileW
SetFileTime
GetThreadContext
ConvertDefaultLocale
CreateFileW
EnumResourceLanguagesW
GetCurrentProcessId
InterlockedDecrement
GetSystemDefaultLangID
LocalFileTimeToFileTime
GetCurrentDirectoryW
EnumResourceNamesA
lstrcpyW
SetFilePointer
FindClose
GetModuleFileNameW
MultiByteToWideChar
WideCharToMultiByte
ExitProcess
ReadFile
GetLocaleInfoW
RemoveDirectoryW
CreateDirectoryW
MoveFileW
GetVersion
DeleteFileW
WriteFile
GetProcAddress

gdi32

SelectObject
PtVisible
ScaleWindowExtEx
ExtTextOutW
GetDeviceCaps
ScaleViewportExtEx
DeleteDC
GetMapMode
GetTextColor
GetBkColor
TextOutW
OffsetViewportOrgEx
SetWindowExtEx
SetViewportOrgEx
ExtSelectClipRgn
RectVisible
Escape
GetStockObject
GetRgnBox

user32

CreateWindowExW
GetClassLongW
CharNextW
WinHelpW
GetNextDlgGroupItem
SendDlgItemMessageA
MessageBeep
SetPropW
CopyAcceleratorTableW
InvalidateRgn
GetClassInfoExW
InvalidateRect
IsRectEmpty
GetPropW
CharUpperW
SetRect
RegisterWindowMessageW
GetNextDlgTabItem
RemovePropW
DestroyMenu

ole32

CoRevokeClassObject
CoUninitialize
OleUninitialize
OleFlushClipboard
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CoGetClassObject
CreateILockBytesOnHGlobal
CoTaskMemFree
CoInitialize
CoRegisterMessageFilter
CLSIDFromProgID
OleIsCurrentClipboard
OleInitialize
CoCreateInstance
CoTaskMemAlloc
CoFreeUnusedLibraries
CLSIDFromString

oleacc

LresultFromObject
CreateStdAccessibleObject

shell32

SHCreateDirectoryExW
SHGetSpecialFolderPathW

Sections

.text
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 1024B - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0461b43850c25960ff186d62fd464045

Headers

File Characteristics

Imports

advapi32

shlwapi

kernel32

gdi32

user32

ole32

oleacc

shell32

Sections

.text Size: 104KB - Virtual size: 104KB

.rdata Size: 3KB - Virtual size: 3KB

.bss Size: 80KB - Virtual size: 80KB

.edata Size: 1024B - Virtual size: 116KB

.text
Size: 104KB - Virtual size: 104KB

.rdata
Size: 3KB - Virtual size: 3KB

.bss
Size: 80KB - Virtual size: 80KB

.edata
Size: 1024B - Virtual size: 116KB