2bb533fe381528f2410d65b291c66540_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2bb533fe381528f2410d65b291c66540_JaffaCakes118
Size

315KB
MD5

2bb533fe381528f2410d65b291c66540
SHA1

8798de627b216d1793e3f6237bc377f8a9c2aa9a
SHA256

43a5ed71f6a3937921244781902f5e67d38ec148fa26ca79dc15aa519cd5f40c
SHA512

291f840ff4d5e055e302b49cdb7498fef9d5d2964fa4f51ed1db493f6ce3b0e96e79d1f62ff1ba2b425ca000e058fe30674f9c017f120ee1ad33eea3a7684d51
SSDEEP

6144:RhGOuKvmKd6X8LdKceGDWM+O/NPKDYgs9/Y6n4VfyP:RjHmKIX8JKc1WM+DMgsgffy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2bb533fe381528f2410d65b291c66540_JaffaCakes118

Files

2bb533fe381528f2410d65b291c66540_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b25b4937b66f4e908d40d988d2ed512b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

Imports

kernel32

HeapReAlloc
ReadConsoleOutputAttribute
CloseHandle
GetCommandLineW
HeapSize
IsBadWritePtr
GetStringTypeW
CreateMutexA
GetCurrentProcess
IsValidCodePage
TerminateProcess
GetDateFormatA
SetStdHandle
InitializeCriticalSection
TlsFree
QueryPerformanceCounter
InterlockedExchange
WideCharToMultiByte
GetStartupInfoA
FreeEnvironmentStringsW
WriteFile
GetLastError
LoadLibraryA
HeapDestroy
GetTimeZoneInformation
SetFilePointer
GetCurrentThreadId
GetTickCount
VirtualProtect
FreeEnvironmentStringsA
LCMapStringW
OpenMutexA
TlsGetValue
GetLocaleInfoA
GetCPInfo
LeaveCriticalSection
VirtualAlloc
HeapCreate
SetHandleCount
HeapFree
UnhandledExceptionFilter
EnterCriticalSection
RtlUnwind
GetVersionExA
GetStringTypeA
GetModuleFileNameA
GetTimeFormatA
VirtualFree
IsValidLocale
GetFileType
GetModuleHandleA
FlushFileBuffers
LCMapStringA
VirtualQuery
GetSystemTimeAsFileTime
EnumSystemLocalesA
GetModuleFileNameW
GetProcAddress
CompareStringW
GetStartupInfoW
GetLocaleInfoW
HeapAlloc
ExitProcess
GetEnvironmentStringsW
MultiByteToWideChar
TlsAlloc
CompareStringA
SetEnvironmentVariableA
GetACP
TlsSetValue
GetOEMCP
GetStdHandle
GetSystemInfo
DeleteCriticalSection
GetCurrentProcessId
SetLastError
GetCurrentThread
ReadFile
GetUserDefaultLCID
GetCommandLineA
GetEnvironmentStrings

shell32

SHGetNewLinkInfo

user32

RegisterClassA
GetComboBoxInfo
RegisterClassExA
CreateDesktopW
ActivateKeyboardLayout
LoadMenuW
GetTitleBarInfo
DestroyWindow
DefWindowProcA
ValidateRect
CreateWindowExW
MessageBoxW
MoveWindow
GetMenuContextHelpId
GetDC
GetProcessWindowStation
DrawTextExA
OpenWindowStationW
SetMenuItemBitmaps
ScrollDC
LoadBitmapW
OffsetRect
SetMenuItemInfoW
GetUserObjectInformationA
DdeDisconnectList
CallMsgFilterA
ShowWindow

comdlg32

PrintDlgA

comctl32

DrawStatusText
CreateToolbarEx
ImageList_SetImageCount
CreateStatusWindowA
ImageList_SetBkColor
ImageList_SetIconSize
ImageList_AddIcon
GetEffectiveClientRect
ImageList_DragLeave
ImageList_BeginDrag
InitCommonControlsEx
MakeDragList
ImageList_Merge
ImageList_GetFlags
CreatePropertySheetPage
ImageList_ReplaceIcon
ImageList_Destroy
CreateStatusWindowW

Sections

.text
Size: 140KB - Virtual size: 139KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 75KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 87KB - Virtual size: 93KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b25b4937b66f4e908d40d988d2ed512b

Headers

File Characteristics

PDB Paths

Imports

kernel32

shell32

user32

comdlg32

comctl32

Sections

.text Size: 140KB - Virtual size: 139KB

.rdata Size: 75KB - Virtual size: 75KB

.data Size: 87KB - Virtual size: 93KB

.rsrc Size: 11KB - Virtual size: 11KB

.text
Size: 140KB - Virtual size: 139KB

.rdata
Size: 75KB - Virtual size: 75KB

.data
Size: 87KB - Virtual size: 93KB

.rsrc
Size: 11KB - Virtual size: 11KB