2bbe8a68a583146df0b234fc5fd2d370_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2bbe8a68a583146df0b234fc5fd2d370_JaffaCakes118
Size

792KB
MD5

2bbe8a68a583146df0b234fc5fd2d370
SHA1

9018a60da070bcc9e0ad8e188ec53807750a7890
SHA256

a60c92bda6ca6e259ac5334d3c66d641759cec13464604d3d9b5395c0d16831c
SHA512

43bf66e52799bd0bc914a1af4afd00c7475e9d47170d6d227619d468a6d740b36422f5129a16f4b5591e46c7969b43fb248dc2cd9a2ef173f7e9c8a45b581aa6
SSDEEP

12288:bkCFAGa1jHrk55gZ6yWzVjhL6ILWa51yUphsvHs1tx7nSBwJ:4sA7j45KIyoVjXLR5gUgvM0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2bbe8a68a583146df0b234fc5fd2d370_JaffaCakes118

Files

2bbe8a68a583146df0b234fc5fd2d370_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b7eacfbf55dcb6fe13ac317ea486df4f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\ptfrtegnao\umeebr

Imports

comctl32

ImageList_DrawIndirect
ImageList_Read
ImageList_ReplaceIcon
ImageList_AddMasked
InitCommonControlsEx
ImageList_GetDragImage
DrawStatusTextA
ImageList_DragShowNolock

user32

CreateWindowExA
GetCapture
CharNextExA
CharNextA
GetWindowTextA
CreateIcon
UnregisterHotKey
ChangeMenuW
DefDlgProcW
CreateWindowStationA
GetMenuStringA
BeginDeferWindowPos
SetForegroundWindow
GetWindowPlacement
GetQueueStatus
SetWindowsHookA
IsWindowEnabled
ChangeDisplaySettingsA
SetClassLongA
DdeCmpStringHandles
RegisterClassExA
CreateAcceleratorTableA
DdeAbandonTransaction
CharNextW
RegisterClassExW
RegisterClassA
LoadStringW
GetGuiResources

kernel32

GetLocalTime
GetStringTypeA
GetStringTypeW
GetStdHandle
GetCommandLineA
EnumDateFormatsW
ReadFile
RtlUnwind
GetCurrentThreadId
InterlockedIncrement
DeleteCriticalSection
SetStdHandle
OpenWaitableTimerW
UnhandledExceptionFilter
TlsGetValue
FreeEnvironmentStringsA
LCMapStringW
GetCurrentProcessId
CloseHandle
SetEnvironmentVariableA
WideCharToMultiByte
GetFileType
GetTimeZoneInformation
IsBadWritePtr
GetModuleFileNameA
ExitProcess
InterlockedCompareExchange
GetPrivateProfileIntW
LeaveCriticalSection
GetSystemTimeAsFileTime
lstrcmpiW
SetLastError
GetStartupInfoA
EnterCriticalSection
FreeEnvironmentStringsW
GetVersion
ExitThread
WriteFile
GetCurrentProcess
GetStartupInfoW
SetConsoleTitleW
GetLongPathNameA
TlsAlloc
EnumResourceNamesA
HeapFree
GetModuleHandleA
GetCommandLineW
TlsSetValue
GetCurrentThread
GlobalFree
TlsFree
CompareStringW
GetSystemTime
GetEnvironmentStrings
SetFilePointer
HeapAlloc
lstrcpy
SetConsoleOutputCP
HeapReAlloc
SetHandleCount
DosDateTimeToFileTime
GetStringTypeExW
GetCPInfo
FindResourceExA
OpenMutexA
OutputDebugStringW
HeapDestroy
VirtualAlloc
InterlockedExchange
InitializeCriticalSection
GetThreadContext
HeapCreate
TerminateProcess
VirtualQuery
LoadLibraryA
FlushFileBuffers
InterlockedDecrement
LocalAlloc
MultiByteToWideChar
EnumDateFormatsA
LCMapStringA
VirtualProtect
CreateMutexA
CompareStringA
GetTickCount
GetEnvironmentStringsW
QueryPerformanceCounter
VirtualFree
LoadLibraryExA
CreateRemoteThread
GetProcAddress
GetLastError
SetCurrentDirectoryW
GetModuleFileNameW

Sections

.text
Size: 72KB - Virtual size: 70KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 452KB - Virtual size: 450KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 132KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 132KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b7eacfbf55dcb6fe13ac317ea486df4f

Headers

File Characteristics

PDB Paths

Imports

comctl32

user32

kernel32

Sections

.text Size: 72KB - Virtual size: 70KB

.rdata Size: 452KB - Virtual size: 450KB

.data Size: 132KB - Virtual size: 128KB

.rsrc Size: 132KB - Virtual size: 129KB

.text
Size: 72KB - Virtual size: 70KB

.rdata
Size: 452KB - Virtual size: 450KB

.data
Size: 132KB - Virtual size: 128KB

.rsrc
Size: 132KB - Virtual size: 129KB