2b8a181c21d96ad585e366b3090769dd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2b8a181c21d96ad585e366b3090769dd_JaffaCakes118
Size

24KB
MD5

2b8a181c21d96ad585e366b3090769dd
SHA1

f186365862faebf216871276781813db9505e97e
SHA256

b2ea6806b9ce8748a28531bd8f21857b445bce93448af9fd0970dffd9e0820b7
SHA512

746e647178a88f779201bc71f8efb91e90b81e63c3fcb77cb55216657e38ce922b156b97e7b635194d393f91740fc018c03d6e4bb37f7826420f5f7646d24e33
SSDEEP

384:Oja/teMiLP9K5Yz6/+qTIWZtXizO7ym1DAYUawz0VS8scbLLycWl/sB:OWVejgTTIW3r7ymCka0dMNl/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b8a181c21d96ad585e366b3090769dd_JaffaCakes118

Files

2b8a181c21d96ad585e366b3090769dd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4dccc74673a5feaf27c0ef39a850050f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetCursorInfo
CreateCaret
DrawFrameControl
CloseDesktop
ChildWindowFromPointEx
CascadeChildWindows
EnumChildWindows
DdeQueryStringA
GetClassInfoA
EnumPropsA
EnableMenuItem
DeferWindowPos
CharToOemA
CallMsgFilterA
DdeGetLastError
FlashWindow
CopyAcceleratorTableW
DragObject
DestroyWindow
CreateDialogIndirectParamA
ChildWindowFromPoint
EnableScrollBar
CopyRect

kernel32

GetDefaultCommConfigA
SetFileTime
BackupRead
QueryDosDeviceA
ReadConsoleW
GetConsoleTitleW
GetCommandLineW
LocalReAlloc
SetEnvironmentVariableW
VirtualAlloc
CreateMailslotA
GetConsoleScreenBufferInfo
RemoveDirectoryW
EnumSystemCodePagesA
lstrlenW
SetConsoleDisplayMode
RtlZeroMemory
GetProcessPriorityBoost
GetStartupInfoA
GetModuleHandleA
SetConsoleScreenBufferSize
GetFileType
OpenMutexW
_lclose
GetCPInfoExW
GetCommState
EnumCalendarInfoExW
VirtualFreeEx
GetModuleHandleA
FindFirstChangeNotificationW
Sleep
VirtualFree
EnumResourceLanguagesW
lstrcpynA
ExitProcess
GetConsoleAliasesLengthA
UpdateResourceA
SignalObjectAndWait
lstrcpyA
DefineDosDeviceW
OpenFileMappingA
SystemTimeToFileTime
LocalFlags
GetConsoleAliasExesLengthA
EnumDateFormatsA
EscapeCommFunction

msvcrt

_chdir
_findnext64
_wsetlocale
_wrmdir
_wperror
_setmbcp
fgetpos
ungetc
strcoll
atof
_i64tow
fputws
_abnormal_termination
_HUGE
_atoldbl
tmpnam
_fpreset
putwchar
__badioinfo
_mbbtype
_wsplitpath
_read
getenv
_getsystime
strtok
_wgetcwd
cos
_wcsupr
_searchenv
_wsystem
_inp
puts
_cscanf
_makepath
_gmtime64
remove
__p___argv
strncmp
_wcslwr

gdi32

GetRgnBox
Escape
OffsetViewportOrgEx
SelectPalette
CreateMetaFileA
StretchDIBits
AbortPath
CreateEnhMetaFileA
Chord
SetBkMode
TextOutA
SwapBuffers
GetCharABCWidthsFloatA
SetDIBColorTable
ExtEscape
SetTextCharacterExtra
PolyTextOutW
CopyMetaFileW
GetCharacterPlacementW
SetRectRgn

Sections

.text
Size: 5KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sunr
Size: 7KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sau
Size: 5KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ngg
Size: 5KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4dccc74673a5feaf27c0ef39a850050f

Headers

File Characteristics

Imports

user32

kernel32

msvcrt

gdi32

Sections

.text Size: 5KB - Virtual size: 6KB

.sunr Size: 7KB - Virtual size: 16KB

.sau Size: 5KB - Virtual size: 10KB

.ngg Size: 5KB - Virtual size: 18KB

.reloc Size: 1024B - Virtual size: 1KB

.text
Size: 5KB - Virtual size: 6KB

.sunr
Size: 7KB - Virtual size: 16KB

.sau
Size: 5KB - Virtual size: 10KB

.ngg
Size: 5KB - Virtual size: 18KB

.reloc
Size: 1024B - Virtual size: 1KB