2c1470684d38a8e0496e3e888b344915_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2c1470684d38a8e0496e3e888b344915_JaffaCakes118
Size

356KB
MD5

2c1470684d38a8e0496e3e888b344915
SHA1

59ba697330f774e7b1b70664f44e3c3bcb6923a7
SHA256

78490afe77238e734b75ac3993198f30dfa5c1dd559a2717f36edfa701f952e2
SHA512

d0a3dd1a0481bb2e261c9fe5578724a31560fb98f5a578429f5c08c4b88c784ee9a0a94e5cb1c1b2c4c7c3f57a67466917bdd6a01e876d09c17e76818ad4d4ee
SSDEEP

6144:nSbpYufvQpn5yPHRPHsyZW015z6xpscTKaKVkkTGaxdtohQBVuccQn3:nSbWufvm5ytMy/bE2cTKaKVhuuVucc23

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c1470684d38a8e0496e3e888b344915_JaffaCakes118

Files

2c1470684d38a8e0496e3e888b344915_JaffaCakes118
.exe windows:4 windows x86 arch:x86

abcb2d7c428ce7e37710e98e5a8d6601

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LeaveCriticalSection
PrepareTape
QueryDosDeviceA
GetDriveTypeA
GetSystemTimeAsFileTime
GetNumberFormatW
FindCloseChangeNotification
GetTempFileNameA
_llseek
ReleaseSemaphore
IsProcessorFeaturePresent
CreateIoCompletionPort
lstrcmpiA
GetProcessHeap
FillConsoleOutputCharacterA
FindFirstFileExW
GetSystemDirectoryW
GetModuleHandleA
WritePrivateProfileStructA
LoadLibraryExW
EnumTimeFormatsW
_lclose
GetSystemTime
ClearCommBreak
EndUpdateResourceA
SetConsoleMode
WriteConsoleOutputW
EnumDateFormatsW
SearchPathW
SetupComm
SetTimeZoneInformation
WriteFile
ReadConsoleA
WritePrivateProfileSectionA
SetThreadLocale
CreateEventA
SetProcessAffinityMask
lstrcpyA
SetConsoleWindowInfo
GetPrivateProfileSectionW
AreFileApisANSI
GlobalFindAtomW
FindResourceExA
CreateFileW
AllocConsole
LoadResource
GetConsoleMode
SystemTimeToFileTime
ReleaseMutex
GetCurrentDirectoryW
LCMapStringA
IsBadStringPtrA
DeleteCriticalSection
GetSystemDefaultLangID
OpenFile
CopyFileExW
CreateWaitableTimerA
SetErrorMode
SetFileAttributesA
IsBadWritePtr
GetVolumeInformationW
EnumResourceNamesA
GetTapeParameters
FindFirstFileW
GetStringTypeExW
GetTickCount
VirtualUnlock
EnumResourceNamesW
VirtualProtect
GetBinaryTypeW
LocalAlloc
Beep
SizeofResource
GlobalFlags
GetUserDefaultLCID
SetEndOfFile
SetNamedPipeHandleState
FreeEnvironmentStringsA
MoveFileW
GetVersion
CreateDirectoryA
VirtualQuery
PeekConsoleInputW
VirtualAllocEx
ReadFile
GetCommandLineA
GetVersionExA
SetMailslotInfo
SwitchToFiber
GetShortPathNameA
SetEnvironmentVariableA
GetFileInformationByHandle
ExitProcess

user32

GetSysColor
SetMenuInfo
CharLowerBuffW
GetMenuItemID
UnhookWinEvent
ToAscii
IsCharUpperA
SetCursor
CharLowerA
GetKeyNameTextW
CreateCursor
FrameRect
RemovePropA
SendNotifyMessageA
RegisterHotKey
GetClassInfoW
DrawFrameControl

gdi32

SetMapperFlags
DPtoLP
CreatePalette

comdlg32

GetOpenFileNameW
ChooseColorW

advapi32

SetKernelObjectSecurity
CryptSignHashW
SetSecurityDescriptorDacl
GetAclInformation
SetNamedSecurityInfoA
ObjectCloseAuditAlarmW
ImpersonateNamedPipeClient
GetSecurityInfo
BuildTrusteeWithSidW
InitiateSystemShutdownW
SetNamedSecurityInfoW
IsValidSecurityDescriptor
BuildSecurityDescriptorW
IsTextUnicode
QueryServiceConfigA
UnlockServiceDatabase
ObjectDeleteAuditAlarmW

shell32

Shell_NotifyIconA
SHLoadInProc
DragAcceptFiles

ole32

CoDisconnectObject

oleaut32

SysAllocStringLen
SysStringLen
SafeArrayUnaccessData
LoadTypeLi
QueryPathOfRegTypeLi
SafeArrayPutElement
SetErrorInfo
SafeArrayCreate

comctl32

PropertySheetW

shlwapi

StrChrIW
StrRStrIW
SHRegCloseUSKey
AssocQueryStringW
PathAddBackslashA

setupapi

SetupDiSetClassInstallParamsA
SetupDiSetDeviceInstallParamsA
SetupPromptReboot
SetupDiSetDeviceRegistryPropertyA
SetupInstallFromInfSectionW
SetupGetTargetPathW
SetupDiGetDeviceInstallParamsA
SetupDiGetClassDevsExA
SetupDiSetSelectedDevice
SetupGetBinaryField
SetupDiCallClassInstaller

Sections

.text
Size: 300KB - Virtual size: 298KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

abcb2d7c428ce7e37710e98e5a8d6601

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

setupapi

Sections

.text Size: 300KB - Virtual size: 298KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 44KB - Virtual size: 43KB

.text
Size: 300KB - Virtual size: 298KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 44KB - Virtual size: 43KB