2b85ec736200ccec5314fafabe7ac685_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2b85ec736200ccec5314fafabe7ac685_JaffaCakes118
Size

208KB
MD5

2b85ec736200ccec5314fafabe7ac685
SHA1

6f4ce28ede14844ef7a59851587e3a0194918a8b
SHA256

5ec5de51d6ef8641800145b223d212110b85e0bc58e83ab816299955e8a62002
SHA512

50fc0b762024eaf6bced1f68903e5567bc544ce19472e63369a949890bb535024d2f2c03a9dd5f3e79da6e33e11930a6b1a8ca930690df35c82a35512a7f0700
SSDEEP

3072:V4x0njdsHL1fD6+1S4aRCES99Voq0Lb7sfBhZiBHgr9UD0m+79kfEOcv2fGGHKEs:7aJfGUS4uY07MBiWrq89kc5/GqP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b85ec736200ccec5314fafabe7ac685_JaffaCakes118

Files

2b85ec736200ccec5314fafabe7ac685_JaffaCakes118
.exe windows:4 windows x86 arch:x86

866d00da7442a779bd6253b026f0d174

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedIncrement
EnterCriticalSection
LeaveCriticalSection
lstrcpyA
DeleteCriticalSection
lstrcatA
lstrcpynA
InitializeCriticalSection
IsDBCSLeadByte
LoadResource
LoadLibraryExA
FindResourceA
GetShortPathNameA
SizeofResource
GetModuleHandleA
FreeLibrary
LoadLibraryA
GetProcAddress
lstrcmpiA
lstrlenA
GetCommandLineA
InterlockedDecrement
CreateDirectoryA
GetCurrentThreadId
lstrlenW
GetModuleFileNameA
MultiByteToWideChar
GetCurrentThread
WideCharToMultiByte
GetVersionExA
GetLastError
GetCurrentProcess
CloseHandle
LocalFree
LCMapStringW
RaiseException
GetStartupInfoA
GetStringTypeA
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
SetEnvironmentVariableA
FormatMessageA
GetLocaleInfoW
SetEndOfFile
CreateFileA
GetOEMCP
GetACP
ReadFile
SetStdHandle
IsBadCodePtr
IsBadReadPtr
GetStringTypeW
CompareStringA
GetCPInfo
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
FlushFileBuffers
Sleep
InterlockedExchange
RtlUnwind
GetTimeZoneInformation
GetSystemTime
GetLocalTime
HeapFree
HeapAlloc
HeapReAlloc
GetFileType
GetStdHandle
GetVersion
ExitProcess
LCMapStringA
SetHandleCount
HeapSize
TerminateProcess
CompareStringW
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
WriteFile
SetFilePointer
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr

user32

ExitWindowsEx
CharNextA
PostThreadMessageA
DispatchMessageA
GetMessageA
LoadStringA
MessageBoxA

advapi32

RegDeleteKeyA
StartServiceCtrlDispatcherA
RegCreateKeyExA
DeleteService
CreateServiceA
ControlService
LookupPrivilegeValueA
RegQueryValueExA
StartServiceA
SetServiceStatus
RegisterServiceCtrlHandlerA
RegCloseKey
ReportEventA
DeregisterEventSource
RegisterEventSourceA
OpenServiceA
CloseServiceHandle
OpenSCManagerA
RegOpenKeyExA
RegSetValueExA
RegDeleteValueA
OpenProcessToken
AdjustTokenPrivileges
OpenThreadToken
EqualSid
RegEnumKeyExA
GetTokenInformation
RegEnumValueA
SetSecurityDescriptorDacl
RegQueryInfoKeyA
CopySid
GetLengthSid
SetSecurityDescriptorGroup
InitializeSecurityDescriptor
SetSecurityDescriptorOwner

ole32

CoTaskMemAlloc
CoCreateInstance
CoRevokeClassObject
CoRegisterClassObject
CoTaskMemRealloc
CoTaskMemFree
CoInitialize
CoInitializeSecurity
CoUninitialize
CoImpersonateClient
CoRevertToSelf

oleaut32

SysStringLen
LoadRegTypeLi
RegisterTypeLi
LoadTypeLi
SysAllocString
VarUI4FromStr
SysAllocStringLen
SysFreeString

Sections

.text
Size: 140KB - Virtual size: 138KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

866d00da7442a779bd6253b026f0d174

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

Sections

.text Size: 140KB - Virtual size: 138KB

.rdata Size: 24KB - Virtual size: 23KB

.data Size: 20KB - Virtual size: 24KB

.rsrc Size: 20KB - Virtual size: 40KB

.text
Size: 140KB - Virtual size: 138KB

.rdata
Size: 24KB - Virtual size: 23KB

.data
Size: 20KB - Virtual size: 24KB

.rsrc
Size: 20KB - Virtual size: 40KB