2bcc25253ea7c01a958d98cacf7799c4_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2bcc25253ea7c01a958d98cacf7799c4_JaffaCakes118
Size

376KB
MD5

2bcc25253ea7c01a958d98cacf7799c4
SHA1

7d25dad30f70db3082dec6a0367189ed6033c2ff
SHA256

0fd5efd9be7fa39c685657f32624e335e83ffabad49d2fd2e3358bf6d6e360b5
SHA512

c46383f0c009bb7834f1f5dd8c1e03c42c8ce1f44b0a3c6415d890f60a1dfbd9397e88a61af249c3759cfa5ba3c9c95465319e6d67860c19f048d2e440208c5e
SSDEEP

6144:f9fZJLrDxd4oVajHroBYAREVa9evHv1QGPecU6zZFdLHyInwM09C69CP4MQqB:VfZJLrD/4oVaz8BWoGhxLzP1yx9NYn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2bcc25253ea7c01a958d98cacf7799c4_JaffaCakes118

Files

2bcc25253ea7c01a958d98cacf7799c4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

45975df15ffb91bfb2b272accf787553

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OpenFile
GetSystemTimeAdjustment
QueryDosDeviceA
WriteConsoleOutputW
GlobalFindAtomW
GetTempFileNameA
FormatMessageW
VirtualAlloc
CreateIoCompletionPort
PulseEvent
LoadResource
GetTempPathW
VirtualProtect
GetCommandLineA
GetVersionExA
ExitProcess

gdi32

CreateBitmapIndirect
PtInRegion
SetBitmapBits
OffsetViewportOrgEx
UnrealizeObject
GetBrushOrgEx
CreatePen
CreateMetaFileW
GetMapMode
ExtTextOutA
RemoveFontResourceA
Chord
SaveDC
CreateRectRgnIndirect
GetCharWidthA
SwapBuffers
StretchBlt
DeleteMetaFile
GetEnhMetaFileHeader
StartDocW

comdlg32

ChooseColorW
GetSaveFileNameW

advapi32

CryptSetHashParam
LogonUserW
AccessCheck
AddAccessDeniedAce
CryptDestroyHash
RegCreateKeyExA
GetLengthSid
CryptImportKey
GetSecurityInfo
CryptGenKey
DuplicateToken
RegQueryValueA
RegEnumValueA
RegRestoreKeyW
AccessCheckAndAuditAlarmW
CreateProcessAsUserA
GetUserNameW
RegNotifyChangeKeyValue
LookupPrivilegeDisplayNameA
RegConnectRegistryW
PrivilegeCheck
GetNamedSecurityInfoA
GetSidSubAuthorityCount
LookupAccountNameA
CryptGetProvParam
AllocateAndInitializeSid
GetSecurityDescriptorControl
EnumDependentServicesA

ole32

OleInitialize
CoRegisterMallocSpy
CoLockObjectExternal
GetClassFile
OleSaveToStream
CoGetObject
StgSetTimes
ReadClassStm
CoFreeUnusedLibraries

oleaut32

SafeArrayGetLBound
SysAllocStringLen
SetErrorInfo
SafeArrayCreate
SysFreeString
LoadTypeLibEx
SafeArrayGetElement

comctl32

ImageList_SetOverlayImage
ImageList_Replace
ImageList_DrawIndirect

shlwapi

SHRegGetUSValueW
StrStrA
PathParseIconLocationW
SHQueryValueExW
HashData
PathCommonPrefixW
wvnsprintfW
SHRegCreateUSKeyW
PathIsUNCServerW
PathGetCharTypeW
SHSetValueA
wnsprintfA

Sections

.text
Size: 332KB - Virtual size: 330KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

45975df15ffb91bfb2b272accf787553

Headers

File Characteristics

Imports

kernel32

gdi32

comdlg32

advapi32

ole32

oleaut32

comctl32

shlwapi

Sections

.text Size: 332KB - Virtual size: 330KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 36KB - Virtual size: 34KB

.text
Size: 332KB - Virtual size: 330KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 36KB - Virtual size: 34KB