2b827f19c62fe18319753aa5d22c4cbf_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2b827f19c62fe18319753aa5d22c4cbf_JaffaCakes118
Size

204KB
MD5

2b827f19c62fe18319753aa5d22c4cbf
SHA1

16eb2f82f88eba7033a8e329a0e08127a795dae9
SHA256

ddc0663b449bdeb9379100cbfcfa2a4be96902e2713ea506ac12d60970c7b7c4
SHA512

e3a2c70995b96113f2f1b7390d6820ba8db15a6665bb864a986648f2d82ac7da93e7e3f00c40bda084f74be08b0173f3305be709c2e5652e9b78fbc56c70743a
SSDEEP

3072:AL2k2MxDH7zlOkQza4ohwEX1RcCWWm53TBf6cbM4YEZtXRLj:AL92MxDHNOkQzaFwO8C/m53TBicQETRn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b827f19c62fe18319753aa5d22c4cbf_JaffaCakes118

Files

2b827f19c62fe18319753aa5d22c4cbf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f9b3ddcddfe1e1e01048b86a2f7ada93

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapAlloc
GetProcessHeap
lstrcmpA
FreeLibrary
LoadLibraryA
OpenMutexA
lstrcatA
GetLocalTime
GetThreadLocale
WriteFile
CreateFileA
DeleteFileA
ReadFile
GetFileSize
FindClose
FindFirstFileA
CreateDirectoryA
GetVersionExA
lstrcpyA
GetModuleFileNameA
SetFilePointer
Sleep
CreateThread
HeapFree
FileTimeToLocalFileTime
SetEnvironmentVariableA
SetEndOfFile
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
SetStdHandle
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetConsoleMode
GetConsoleCP
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
WaitForSingleObject
CreateMutexA
ReleaseMutex
CloseHandle
GetStringTypeExA
lstrlenA
lstrcmpiA
CompareStringW
CompareStringA
SetLastError
FindResourceExA
FindResourceA
LoadResource
LockResource
SizeofResource
GetLastError
WideCharToMultiByte
InterlockedExchange
MultiByteToWideChar
FileTimeToDosDateTime
FreeEnvironmentStringsA
GetTimeZoneInformation
IsValidCodePage
GetOEMCP
GetCPInfo
InterlockedDecrement
GetCurrentThreadId
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetStdHandle
ExitProcess
HeapCreate
VirtualFree
GetStartupInfoA
GetCommandLineA
GetDateFormatA
GetTimeFormatA
GetSystemTimeAsFileTime
RtlUnwind
GetACP
GetLocaleInfoA
HeapDestroy
HeapReAlloc
HeapSize
RaiseException
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
VirtualAlloc
GetProcAddress
GetModuleHandleA

user32

SetTimer
TranslateMessage
CharLowerBuffA
DispatchMessageA
CreateWindowExA
GetMessageA
wvsprintfA
CharNextA
SetWindowTextA
SendMessageA
SendMessageW
DestroyWindow
LoadImageA
DefWindowProcA
GetWindowLongA
PostQuitMessage
UnregisterClassA
LoadCursorA
RegisterClassExA
PostMessageA
SetWindowLongA

gdi32

GetStockObject

advapi32

LookupAccountNameA
GetUserNameA
GetFileSecurityA
InitializeSecurityDescriptor
GetSecurityDescriptorDacl
GetAclInformation
GetLengthSid
InitializeAcl
GetAce
EqualSid
AddAce
AddAccessAllowedAceEx
SetSecurityDescriptorDacl
GetSecurityDescriptorControl
SetSecurityDescriptorControl
SetFileSecurityA

shell32

SHGetSpecialFolderPathA

ole32

CoUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
OleDuplicateData
OleSetContainedObject
OleCreateStaticFromData
CoInitialize

oleaut32

VariantTimeToSystemTime
SystemTimeToVariantTime

shlwapi

PathFileExistsA
StrToIntExA

wpcap

pcap_findalldevs
pcap_open
pcap_setfilter
pcap_next_ex
pcap_freealldevs
pcap_compile

ws2_32

gethostbyaddr
ntohs

Sections

.text
Size: 148KB - Virtual size: 146KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f9b3ddcddfe1e1e01048b86a2f7ada93

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

shlwapi

wpcap

ws2_32

Sections

.text Size: 148KB - Virtual size: 146KB

.rdata Size: 40KB - Virtual size: 37KB

.data Size: 8KB - Virtual size: 12KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 148KB - Virtual size: 146KB

.rdata
Size: 40KB - Virtual size: 37KB

.data
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 4KB - Virtual size: 1KB