2bb952cda50fe410dfd16eb1afe95241_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2bb952cda50fe410dfd16eb1afe95241_JaffaCakes118
Size

24KB
MD5

2bb952cda50fe410dfd16eb1afe95241
SHA1

edba2a1ea9acd72b6704d1f67869fb97e9386d88
SHA256

30492ffbd617dea66dac67e4f5a239c06053d3cde6812e88f2bb9bf0acfedc0a
SHA512

0e6ea807ce7d6b0ce0962791564b53a861fcd4282502fb4e82c91dcbc88e872b6c12f2d0c5a8e34eea4a00ba92b93ce6c6df70dd0a252122e2eb6d306fc3a8e4
SSDEEP

384:y+oeGbscki7FAfqi8j9q7RJq9vne7RmerrxRKPD:y+oeksK9i8K49vn7E8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2bb952cda50fe410dfd16eb1afe95241_JaffaCakes118

Files

2bb952cda50fe410dfd16eb1afe95241_JaffaCakes118
.exe windows:4 windows x86 arch:x86

598683b96e08d238ed1356751880b075

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetKerningPairs
PlayEnhMetaFileRecord
CreateRectRgnIndirect
GetGlyphOutlineA
SetBkMode
GetObjectA
EnumEnhMetaFile
FixBrushOrgEx
GetRandomRgn

user32

DlgDirSelectComboBoxExA
SetCaretPos
LoadStringA
SetCapture
ScrollWindow
CreateMDIWindowW
BroadcastSystemMessageW
ActivateKeyboardLayout
InSendMessage
EnumPropsExA
LoadImageW
FillRect
MapVirtualKeyA
AttachThreadInput
CreateMDIWindowA
CreateDialogParamW
AnyPopup
PtInRect
CharNextW
GetMessageTime
GetProcessDefaultLayout
DdeKeepStringHandle

shell32

DragFinish
SheChangeDirA

msvcrt

_j1
strtoul
_wcsupr
_nextafter
_tolower
_spawnlp
wcslen
_safe_fdivr
_rmtmp
__argv
fseek
_ismbclower
isspace

ole32

CreateClassMoniker
OleRegGetUserType
WriteClassStg

kernel32

GetLocalTime
_lclose
GetDateFormatW
GetSystemTime
GlobalUnfix
GetModuleFileNameW
GetNumberFormatW
DeleteFileA
LoadLibraryExA
WriteConsoleInputW
GetQueuedCompletionStatus
Sleep
SetConsoleActiveScreenBuffer
QueueUserAPC
FindNextChangeNotification
LocalUnlock
GetExitCodeThread
GetStartupInfoW
GetModuleHandleA
_hwrite
VirtualFree
GetModuleHandleW
MoveFileExA
GetCurrencyFormatW
lstrlenW
lstrcmpA
lstrcmpiA
GetLogicalDrives
CallNamedPipeW
EnumTimeFormatsA
GetPrivateProfileSectionNamesA
VirtualAlloc
lstrlenA
SetLocalTime
ExitProcess
UTRegister
lstrcmpiW
lstrcmpW
SetFileAttributesA

Sections

.text
Size: 5KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.ors
Size: 4KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.iqv
Size: 7KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wlnn
Size: 6KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

598683b96e08d238ed1356751880b075

Headers

File Characteristics

Imports

gdi32

user32

shell32

msvcrt

ole32

kernel32

Sections

.text Size: 5KB - Virtual size: 6KB

.ors Size: 4KB - Virtual size: 19KB

.iqv Size: 7KB - Virtual size: 15KB

.wlnn Size: 6KB - Virtual size: 15KB

.reloc Size: 1024B - Virtual size: 1KB

.text
Size: 5KB - Virtual size: 6KB

.ors
Size: 4KB - Virtual size: 19KB

.iqv
Size: 7KB - Virtual size: 15KB

.wlnn
Size: 6KB - Virtual size: 15KB

.reloc
Size: 1024B - Virtual size: 1KB