2bcff963857f92cc805c3d15cc2d10b6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2bcff963857f92cc805c3d15cc2d10b6_JaffaCakes118
Size

388KB
MD5

2bcff963857f92cc805c3d15cc2d10b6
SHA1

cbfbce50aa9d5727e25762876b6902d71bffe719
SHA256

e970825cebf613c490564342efe91aba1c27b4eadfcddfff9b56c4c03df945fa
SHA512

56baefe1bcebee4d9ec5b52809ec3663dc6ccadf2d5b36997a6337d2ae512383f52143774886e423a4f0e73812a2c07240964571b6a7faa6f18f2b119fc8278e
SSDEEP

12288:kD9jj88bzoUXtVJpvt71tTaZo6TK/g6f7:0I8zbtrxjtTaCt46

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2bcff963857f92cc805c3d15cc2d10b6_JaffaCakes118

Files

2bcff963857f92cc805c3d15cc2d10b6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a388fcdd4da567ab4759d1a049e46e6f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

f:\eoepace

Imports

comdlg32

ChooseColorA
PageSetupDlgA
PrintDlgA

gdi32

DeleteObject
GetRegionData
CreateDCA
GetEnhMetaFileHeader
SetPaletteEntries
LineDDA
CreateDiscardableBitmap
SelectObject
GetObjectA
GetObjectType
DeleteDC
SetBitmapBits
EnumFontsA
GetDeviceCaps
Polygon
GetViewportOrgEx

kernel32

TerminateProcess
IsValidCodePage
GetSystemTimeAsFileTime
EnumSystemLocalesW
CreateSemaphoreW
VirtualFree
GetLocaleInfoW
GetEnvironmentStringsW
EnumSystemCodePagesW
GetTempPathW
CompareStringW
EnterCriticalSection
InterlockedExchange
TryEnterCriticalSection
IsBadReadPtr
CreateMutexA
GetVersion
LCMapStringW
GetDateFormatA
VirtualProtect
FlushFileBuffers
GetCurrentProcessId
LoadLibraryA
InterlockedDecrement
OutputDebugStringA
TlsSetValue
GetLastError
SleepEx
FreeEnvironmentStringsA
TlsFree
SetConsoleCtrlHandler
UnhandledExceptionFilter
VirtualUnlock
VirtualQuery
TlsAlloc
SetEnvironmentVariableA
LocalFileTimeToFileTime
SetTimeZoneInformation
GetLocaleInfoA
SetFilePointer
HeapDestroy
GetFileType
CloseHandle
GetTimeFormatA
HeapAlloc
DeleteCriticalSection
WriteProfileStringW
WritePrivateProfileStringW
GetComputerNameW
WriteConsoleInputA
GlobalReAlloc
GetDateFormatW
GetCurrentProcess
LCMapStringA
GetStringTypeW
GlobalSize
HeapValidate
GetProcAddress
HeapFree
SetStdHandle
GetVersionExA
GetThreadContext
InterlockedIncrement
GetTickCount
GetStartupInfoA
GetEnvironmentStrings
CreateMutexW
GetPrivateProfileIntA
SetHandleCount
VirtualAlloc
FreeEnvironmentStringsW
HeapCreate
GetDriveTypeW
InitializeCriticalSection
GetCurrentThread
WideCharToMultiByte
HeapReAlloc
GetStdHandle
SetLastError
GetTimeZoneInformation
GetUserDefaultLCID
LocalSize
IsValidLocale
RtlMoveMemory
ExitProcess
SuspendThread
GetCommandLineA
DebugBreak
RtlUnwind
IsDebuggerPresent
IsBadWritePtr
GetStringTypeA
CompareStringA
GetACP
SetThreadAffinityMask
ReadFile
GetPrivateProfileStructW
GetModuleFileNameA
GetEnvironmentStringsA
EnumSystemLocalesA
GetOEMCP
lstrcmpW
SetCurrentDirectoryA
GetThreadLocale
GetCurrentThreadId
GetAtomNameW
QueryPerformanceCounter
GetCurrencyFormatW
GetCPInfo
GetSystemInfo
GetModuleHandleA
WriteFile
LeaveCriticalSection
MultiByteToWideChar
TlsGetValue
OpenMutexA

wininet

FtpPutFileEx
FindCloseUrlCache
InternetSetOptionExA
InternetSetOptionW
ResumeSuspendedDownload
FindFirstUrlCacheEntryW
DeleteUrlCacheContainerW

user32

EndMenu
InsertMenuW
ChangeDisplaySettingsExW
SetClassLongW
wsprintfW
FindWindowA
MapVirtualKeyExA
OpenDesktopA
CreateCaret
GetMenuStringA
CreateCursor
DdeQueryConvInfo
SetWindowContextHelpId
DefMDIChildProcW
DialogBoxIndirectParamA
DefFrameProcW
GetComboBoxInfo
MapDialogRect
SetWindowRgn
SetDebugErrorLevel
ShowCaret
CreateDialogIndirectParamW
OpenClipboard
GetSystemMenu
RegisterClassA
OpenWindowStationW
SendNotifyMessageW
ClientToScreen
IsRectEmpty
SendMessageA
LoadStringW
WaitMessage
SetClipboardData
LoadCursorA
RegisterClassExA
DefWindowProcA
GetMenuContextHelpId
SetMenuInfo
ShowWindow
SetClassLongA
ShowOwnedPopups
CharNextW
LoadIconW
SetThreadDesktop
IsWindow
WindowFromDC
MessageBoxW
DestroyWindow
SetWindowPos
GetMenuItemID
CreateWindowExA
EnumDisplayDevicesA
PostThreadMessageA
SendMessageTimeoutA
GetKeyNameTextW
GetGUIThreadInfo
SetWindowsHookW
GetProcessDefaultLayout

shell32

ShellAboutA

comctl32

ImageList_ReplaceIcon
GetEffectiveClientRect
ImageList_LoadImageA
InitCommonControlsEx
ImageList_Replace

Sections

.text
Size: 196KB - Virtual size: 195KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a388fcdd4da567ab4759d1a049e46e6f

Headers

File Characteristics

PDB Paths

Imports

comdlg32

gdi32

kernel32

wininet

user32

shell32

comctl32

Sections

.text Size: 196KB - Virtual size: 195KB

.rdata Size: 72KB - Virtual size: 71KB

.data Size: 100KB - Virtual size: 115KB

.rsrc Size: 16KB - Virtual size: 14KB

.text
Size: 196KB - Virtual size: 195KB

.rdata
Size: 72KB - Virtual size: 71KB

.data
Size: 100KB - Virtual size: 115KB

.rsrc
Size: 16KB - Virtual size: 14KB