2c16dfebf44c3cf66ae772837f19615a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2c16dfebf44c3cf66ae772837f19615a_JaffaCakes118
Size

344KB
MD5

2c16dfebf44c3cf66ae772837f19615a
SHA1

141b28664fd72056365700e8f1d00450b760b481
SHA256

792ecea2114a63c7b3bbd6818aed10e7f8f3a73d0cccede53e67a3c62ef2b368
SHA512

96405f421ffde9ded43da587778c9e82d78618c99f7c50d75b1edaec320b4283d8a5e4eb94c3144faf170db2ff82a0f8214e9eac4a27f6c262dc401b0d8519ac
SSDEEP

6144:gBJ54sK+xP3unK8ZniJnOECO8JEQflowiQePb73NNr1TKtS1xNgXLq:gBZK+xQ6CtowiQcb0tSzh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c16dfebf44c3cf66ae772837f19615a_JaffaCakes118

Files

2c16dfebf44c3cf66ae772837f19615a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7fc64b1459db9f91bb360c2b5e186356

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteAtom
GetCommModemStatus
GetModuleHandleA
VirtualProtect
SetCommMask
EnumResourceLanguagesA
RemoveDirectoryA
GetWindowsDirectoryW
GetDiskFreeSpaceExA
IsBadReadPtr
RemoveDirectoryW
LoadLibraryExW
FlushFileBuffers
WritePrivateProfileSectionW
FindResourceExA
GetConsoleScreenBufferInfo
AddAtomW
QueryDosDeviceW
EnumResourceNamesA
SetFileApisToOEM
InterlockedCompareExchange
GetPrivateProfileStringA
FillConsoleOutputAttribute
EnumSystemLocalesA
GetVersionExA
GetStartupInfoA

user32

DefWindowProcW
GetClassLongW
ModifyMenuA
AppendMenuW
PostQuitMessage
GetWindowTextW
MapWindowPoints
MessageBeep
IntersectRect
CreateWindowExW
ToUnicode
ScrollWindowEx
IsIconic
CopyAcceleratorTableW
RemovePropW
ChangeClipboardChain
InternalGetWindowText
ExitWindowsEx
FrameRect
GetClipboardData
WaitMessage
IsWindowEnabled

gdi32

ResizePalette
BitBlt
PolyBezierTo
GetROP2
CreatePen
SetSystemPaletteUse
PolylineTo
EnumObjects
DeleteObject
Ellipse
DeleteDC
StartDocW
GetViewportExtEx
SetTextJustification
GetObjectW
SetWorldTransform
GetCurrentPositionEx

comdlg32

ReplaceTextA

advapi32

StartServiceCtrlDispatcherA
GetFileSecurityW
AllocateLocallyUniqueId
CryptExportKey
GetSidSubAuthorityCount
GetFileSecurityA
RegisterServiceCtrlHandlerA
CreateProcessAsUserA
SetSecurityDescriptorOwner
GetAclInformation
OpenEventLogW
IsValidAcl
ImpersonateNamedPipeClient
RegQueryValueA
GetServiceKeyNameW
CryptSetHashParam
SetNamedSecurityInfoW
InitiateSystemShutdownA
ClearEventLogW
RegSetValueExA
CryptAcquireContextW
MakeAbsoluteSD
RegRestoreKeyW
StartServiceW
RegSetValueW
InitializeSid
RegEnumValueA

shell32

SHGetSpecialFolderPathA
SHAppBarMessage
DragQueryFileW
ExtractIconExW
SHBrowseForFolderA
SHAddToRecentDocs

ole32

StringFromGUID2
CoGetClassObject
OleDuplicateData
CoLoadLibrary
CoImpersonateClient
OleSaveToStream
WriteClassStm
CoSwitchCallContext
StgCreateDocfileOnILockBytes
StgCreateStorageEx

oleaut32

LoadTypeLibEx
GetErrorInfo
RegisterTypeLi
SysReAllocStringLen

comctl32

ImageList_Merge
ImageList_Create

shlwapi

PathFileExistsW
PathIsDirectoryW
StrRChrW
AssocQueryKeyW
UrlCanonicalizeW
SHDeleteKeyW
StrDupA
SHRegGetUSValueW

setupapi

SetupDiClassNameFromGuidExA
SetupDiSetSelectedDriverW
SetupGetLineCountW
SetupDiGetDriverInfoDetailW
SetupGetBinaryField
SetupDiEnumDriverInfoW
SetupDiGetClassDevsA
SetupGetInfFileListA
SetupDiClassGuidsFromNameExA

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit

Sections

.text
Size: 308KB - Virtual size: 304KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7fc64b1459db9f91bb360c2b5e186356

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

setupapi

msvcrt

Sections

.text Size: 308KB - Virtual size: 304KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 24KB - Virtual size: 21KB

.text
Size: 308KB - Virtual size: 304KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 24KB - Virtual size: 21KB