2bc670bfdc3aaa5033ec09b923f49464_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2bc670bfdc3aaa5033ec09b923f49464_JaffaCakes118
Size

121KB
MD5

2bc670bfdc3aaa5033ec09b923f49464
SHA1

2e7350d1014453f4ed0d1c6ea1c685e504311ddd
SHA256

3ff052a43179bb5f164a026fd2ce2eb320b992f7d4ae9f3144641e955959581b
SHA512

d5cbdb485a972c85b2b4c3766ff9021d77f9c9ad5617e108c4331e28f5550b10c77155232325dfded0b45fd132ed2e4ae2cd8787c12d5dec02882b3f18d17d19
SSDEEP

3072:lQvTJ99Jh1ai4nZSaYYowS5HohPOjsgQtS0vA:KTTai3LYBSGg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2bc670bfdc3aaa5033ec09b923f49464_JaffaCakes118

Files

2bc670bfdc3aaa5033ec09b923f49464_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c5b1ddf68a24cdc3837b73fd3cdf5cc7

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetSystemDirectoryA
GetFileTime
FormatMessageA
GetStartupInfoA
lstrcmpA
GetUserDefaultLangID
GetModuleHandleA
GetTickCount
GetVersionExW
DeviceIoControl
VirtualProtect
GetSystemDefaultLCID
lstrcpyA
GlobalLock
lstrlenW

user32

LoadCursorA
GetScrollPos
CallNextHookEx
ClientToScreen
CallWindowProcA
GetWindowThreadProcessId
CloseClipboard

msvcrt

log10
_mktemp
_read
fwrite
_ismbblead
__set_app_type
_initterm
__getmainargs
__setusermatherr
__p__commode
sqrt
_XcptFilter
exit
qsort
_adjust_fdiv
atol
_acmdln
__p__fmode
_CIsqrt
memchr
_except_handler3

ole32

RevokeDragDrop
CoCreateGuid
PropVariantClear
CreateStreamOnHGlobal
CreateILockBytesOnHGlobal
CoCreateInstance
OleGetClipboard

oleaut32

SafeArrayCreate
LoadTypeLib
VariantCopyInd
SysAllocStringByteLen
SafeArrayGetUBound
VariantClear
SafeArrayGetElement
SafeArrayUnaccessData

comctl32

ImageList_Destroy
ImageList_SetOverlayImage
ImageList_DragLeave
ImageList_Draw
CreatePropertySheetPageA
PropertySheetA
ImageList_DrawEx
CreateToolbarEx

version

VerInstallFileA
GetFileVersionInfoA
VerLanguageNameA
VerFindFileW
GetFileVersionInfoW

shell32

DoEnvironmentSubstW
SHBrowseForFolder
Shell_NotifyIconA
ShellExecuteW
SHGetFileInfoA
FindExecutableW
SHGetSpecialFolderPathW

advapi32

RegEnumKeyW
GetTokenInformation
RegEnumKeyExW
RegOpenKeyExW

Sections

.text
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c5b1ddf68a24cdc3837b73fd3cdf5cc7

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

ole32

oleaut32

comctl32

version

shell32

advapi32

Sections

.text Size: 74KB - Virtual size: 74KB

.data Size: 15KB - Virtual size: 15KB

.rsrc Size: 30KB - Virtual size: 29KB

.text
Size: 74KB - Virtual size: 74KB

.data
Size: 15KB - Virtual size: 15KB

.rsrc
Size: 30KB - Virtual size: 29KB