2b86ca184f7e8cca5b501ca241e121ec_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2b86ca184f7e8cca5b501ca241e121ec_JaffaCakes118
Size

340KB
MD5

2b86ca184f7e8cca5b501ca241e121ec
SHA1

6b5342fd79fb2a25425d4a03822353ed6aef5d6c
SHA256

0c13f141f8ae455813631faa29480731c4de4a1cf5f04c8c0325ce92898425df
SHA512

d4c2087fde97171ee7d26a4b8dc1753b50c465f89335b174bc1afe1c30aa4596e99c32360b1bef61003f72c45b6bc57782b851aebfbc742f4a8366998ef935f7
SSDEEP

6144:Der8TxOysDNQn9c1vC+FyTtKJRNAukqKurBtEmbKBkBf1ln9ZC+mLmEmHB9:DeogIbtKJRNAuGEtEmOkBfHn9ZSmJHB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b86ca184f7e8cca5b501ca241e121ec_JaffaCakes118

Files

2b86ca184f7e8cca5b501ca241e121ec_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b97b1c4f9c1b063399ffbb7b3333ae0a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
VirtualProtect
lstrlenA
GetCommandLineA
GetTempFileNameA
GetDiskFreeSpaceExW
GetLongPathNameW
GetVersion
VirtualQueryEx
OpenFileMappingW
WriteConsoleInputW
GlobalGetAtomNameA
ReadConsoleW
_lwrite
GetNumberFormatW
GetProcessAffinityMask
GetLargestConsoleWindowSize
WriteProfileStringW
WaitForSingleObjectEx
GlobalFindAtomA
GetNumberFormatA
SetEnvironmentVariableW
FindNextFileA
SetThreadLocale
FreeResource
HeapAlloc
SetCommTimeouts
GetConsoleCursorInfo
SetLastError
SwitchToFiber
TerminateProcess
GetTempFileNameW
FreeLibraryAndExitThread
FindResourceExA
GlobalHandle
WriteConsoleOutputA
lstrcpynW
lstrcpyW
GetShortPathNameW
GetPrivateProfileSectionA
VirtualQuery
GetConsoleTitleA
GetSystemDefaultLCID
WritePrivateProfileSectionW
GetTimeZoneInformation
IsBadStringPtrA
CreateNamedPipeA
EndUpdateResourceA
GlobalLock
SetConsoleTextAttribute
InitializeCriticalSectionAndSpinCount
ExitProcess

user32

CharPrevA
GetActiveWindow
CreateDialogParamW
GetDoubleClickTime
ModifyMenuW
LoadStringW
EnableScrollBar
TranslateAcceleratorA
InsertMenuA
DrawCaption
NotifyWinEvent
ShowWindow
PostQuitMessage
EnumDisplaySettingsW
RegisterDeviceNotificationA
GetDlgCtrlID
DefDlgProcW
MessageBoxExA
CreateCursor
ActivateKeyboardLayout
GetMenuStringW
CreateDesktopA
SetUserObjectInformationW
SetWindowsHookExW
VkKeyScanW
DrawAnimatedRects
GetUpdateRect
GetIconInfo
FillRect
TrackMouseEvent
EnableMenuItem
ToUnicodeEx
FlashWindow
DialogBoxIndirectParamW
GetAncestor
GetWindow
DispatchMessageW
UnhookWindowsHookEx
GetDialogBaseUnits
PostMessageA
SetTimer
GetMessageW
CharUpperBuffA
GetMenuItemRect
SetDlgItemInt
GetCaretBlinkTime
GetCaretPos
DefDlgProcA
GetWindowTextLengthW
WinHelpW
DestroyCursor
MsgWaitForMultipleObjectsEx
SetFocus
GetMenuItemCount

gdi32

EnumEnhMetaFile
GetCharacterPlacementW
PlayMetaFile
GetTextExtentExPointW
SaveDC
CreateEnhMetaFileA
ExtCreateRegion
GetViewportExtEx
EnumFontFamiliesExA
LineTo

comdlg32

GetOpenFileNameA
ChooseColorA
PrintDlgW

advapi32

SetEntriesInAclA
SetSecurityDescriptorOwner
GetUserNameW
LogonUserW
MakeSelfRelativeSD
NotifyBootConfigStatus
SetNamedSecurityInfoA
GetServiceKeyNameW
OpenProcessToken
RegSetValueExA
GetCurrentHwProfileW
LookupAccountNameA
LookupAccountSidA
SetFileSecurityA
GetSecurityDescriptorOwner
CryptSetKeyParam
RegQueryInfoKeyA
RegGetKeySecurity
QueryServiceConfigA
ImpersonateSelf
RegEnumKeyExW
RegDeleteValueW
GetServiceDisplayNameW
CloseEventLog
CryptExportKey
ObjectDeleteAuditAlarmW
EnumServicesStatusA
RegLoadKeyA
PrivilegeCheck
CloseServiceHandle
LookupAccountNameW
ClearEventLogW
SetEntriesInAclW
RegUnLoadKeyW

shell32

SHBrowseForFolderW
ExtractIconA
DoEnvironmentSubstW
ShellExecuteExW

ole32

GetClassFile

oleaut32

VariantCopyInd
RegisterTypeLi
SafeArrayCreateVector
SafeArrayGetElement

comctl32

ImageList_GetImageInfo
ord17
ImageList_BeginDrag
ImageList_DragLeave

shlwapi

UrlGetPartA
PathGetCharTypeW
SHRegSetUSValueW
StrRChrA
StrCmpLogicalW
StrFormatByteSizeA
StrCatBuffW
StrCmpNIW
PathFindFileNameW

setupapi

SetupDiGetDeviceInstanceIdW
SetupDiGetDriverInfoDetailW
SetupGetLineCountA

Sections

.text
Size: 288KB - Virtual size: 284KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

b97b1c4f9c1b063399ffbb7b3333ae0a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

setupapi

Sections

.text Size: 288KB - Virtual size: 284KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 40KB - Virtual size: 38KB

.text
Size: 288KB - Virtual size: 284KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 40KB - Virtual size: 38KB