2c159a3d0e2b85e0d5de9265c11d24e8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2c159a3d0e2b85e0d5de9265c11d24e8_JaffaCakes118
Size

1.9MB
MD5

2c159a3d0e2b85e0d5de9265c11d24e8
SHA1

3e854f97e9a6cad25eb53cfb3c23f7fb0ccb452f
SHA256

daeee497896655f040e667e6048484f1d7c786d9d274283d57e5217565d73756
SHA512

e258aeda1c344ce369716d635d3dad03c2df2dd6d5e67eec40dceeedd89e50b0e010c8796c773a5c22e7f9f8fd086335e5b45696bb09e0f5c5eca179a483b409
SSDEEP

49152:u60jO+jDZjtYUWNPJbuYA7W+KPO5hxAI3LjyCmRPAPYq:u60FxtmNpr6vxAojytPi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c159a3d0e2b85e0d5de9265c11d24e8_JaffaCakes118

Files

2c159a3d0e2b85e0d5de9265c11d24e8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e9a99aefc6d320f0a74c18d53438390e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

h:\qugummowe\btt.pdb

Imports

user32

IsMenu
CreateCaret
ReuseDDElParam
GetWindowWord
EndTask
GetDC
RegisterClassA
EnumClipboardFormats
CallMsgFilterA
SetClipboardData
DialogBoxIndirectParamA
GetMenuItemID
DefFrameProcA
SetDeskWallpaper
IsWindowVisible
MapVirtualKeyExW
GetDlgItemTextW
EnumDesktopWindows
ScrollWindowEx
RegisterClassExA
GetMenuStringW
SetScrollPos
InsertMenuItemA
EnumDisplaySettingsExW
OemToCharBuffA

comctl32

_TrackMouseEvent
ImageList_SetOverlayImage
CreateToolbarEx
CreateToolbar
ImageList_EndDrag
InitCommonControlsEx
ImageList_DragShowNolock
ImageList_LoadImageW
ImageList_Read
CreateStatusWindowW
ImageList_SetFlags
ImageList_Create
ImageList_GetIconSize
ImageList_BeginDrag
DrawInsert
InitMUILanguage
DestroyPropertySheetPage

wininet

InternetDialA
FindFirstUrlCacheContainerA
HttpSendRequestExA

comdlg32

GetSaveFileNameA
LoadAlterBitmap
ChooseFontA
GetOpenFileNameW

kernel32

GetCPInfo
LCMapStringW
GetProcAddress
GetVersionExA
CreateFileA
GetFileAttributesExA
AddAtomA
QueryPerformanceCounter
GetCurrentProcess
GetCommandLineA
GetConsoleMode
GetStringTypeW
HeapAlloc
SetConsoleCtrlHandler
ContinueDebugEvent
GetModuleHandleA
VirtualQuery
FreeEnvironmentStringsW
GetCurrentThreadId
GetUserDefaultLCID
IsValidCodePage
InterlockedExchange
InitializeCriticalSection
GetModuleFileNameA
GetEnvironmentStringsW
TlsFree
ExitProcess
CloseHandle
GetPrivateProfileStructA
GetLastError
GetTickCount
EnterCriticalSection
CreateMutexA
HeapCreate
GetLocaleInfoW
InterlockedIncrement
SetEnvironmentVariableA
TlsAlloc
UnhandledExceptionFilter
EnumSystemLocalesA
GetAtomNameW
ReadFile
TlsSetValue
LoadLibraryW
GetCompressedFileSizeW
SetLastError
LoadLibraryA
SetHandleCount
GetStdHandle
OpenMutexA
SetStdHandle
GetFileTime
LCMapStringA
RtlUnwind
CompareStringW
GetEnvironmentStrings
GetTimeZoneInformation
LeaveCriticalSection
ReadConsoleW
InterlockedDecrement
GetConsoleCP
CreateWaitableTimerW
GetCurrentThread
WriteFile
DeleteCriticalSection
GetDateFormatA
HeapFree
TerminateProcess
GetThreadPriority
GetCurrentProcessId
GetACP
GetConsoleOutputCP
MultiByteToWideChar
WriteConsoleA
GetWindowsDirectoryA
IsDebuggerPresent
VirtualAlloc
Sleep
IsValidLocale
GetProcessHeap
GlobalHandle
SetUnhandledExceptionFilter
CompareStringA
GetFileType
FlushFileBuffers
GetStartupInfoA
GetLocaleInfoA
WideCharToMultiByte
HeapDestroy
GetSystemTimeAdjustment
GetStringTypeA
FreeEnvironmentStringsA
GetTimeFormatA
GetSystemTimeAsFileTime
lstrcpyn
TlsGetValue
GetOEMCP
HeapSize
HeapReAlloc
FreeLibrary
WriteConsoleW
SetFilePointer
VirtualFree

Sections

.text
Size: 594KB - Virtual size: 594KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e9a99aefc6d320f0a74c18d53438390e

Headers

File Characteristics

PDB Paths

Imports

user32

comctl32

wininet

comdlg32

kernel32

Sections

.text Size: 594KB - Virtual size: 594KB

.rdata Size: 44KB - Virtual size: 61KB

.data Size: 1.2MB - Virtual size: 1.2MB

.rsrc Size: 56KB - Virtual size: 56KB

.text
Size: 594KB - Virtual size: 594KB

.rdata
Size: 44KB - Virtual size: 61KB

.data
Size: 1.2MB - Virtual size: 1.2MB

.rsrc
Size: 56KB - Virtual size: 56KB