2bf609bef1a81f51c54a3192d89ba3ea_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2bf609bef1a81f51c54a3192d89ba3ea_JaffaCakes118
Size

632KB
MD5

2bf609bef1a81f51c54a3192d89ba3ea
SHA1

cf76408ed74af68975ecfcff7f45c90d096dc912
SHA256

edbe36f9acea790010fd337d0469aada780efd53d061288198f84acfff6e8ef1
SHA512

3671bdc0fa28a06fafb494d289a34e951a19aefd5022a8f59106a800ef539fa2addf6e6108f21f4a739c90f8186dba6f62c47a1ecfac921a2a44ddb14d7492e3
SSDEEP

12288:8Af0wWd72VMtYAZhdMuiP83PWA23MIYypsZCacuI12PqU:8YC+uhaug4PWAC40uq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2bf609bef1a81f51c54a3192d89ba3ea_JaffaCakes118

Files

2bf609bef1a81f51c54a3192d89ba3ea_JaffaCakes118
.exe windows:4 windows x86 arch:x86

66783ad2c5e55af325520b1f21e8bf06

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\y

Imports

kernel32

SystemTimeToFileTime
CompareStringA
GetLocalTime
HeapCreate
InterlockedDecrement
GetSystemTime
GetStringTypeA
GetLastError
GetFileType
MultiByteToWideChar
GetCommandLineA
CloseHandle
GetCurrentProcess
VirtualQuery
SetThreadPriority
GetCurrentThread
FlushFileBuffers
EnumResourceNamesA
GetStdHandle
OpenMutexA
TlsAlloc
LCMapStringA
GetEnvironmentStrings
InterlockedIncrement
FreeEnvironmentStringsW
HeapFree
LCMapStringW
GetProcAddress
InitializeCriticalSection
TlsGetValue
GetOEMCP
TlsSetValue
GetProfileStringW
SetStdHandle
CompareStringW
VirtualAlloc
GetStringTypeW
HeapDestroy
GetStartupInfoA
ExitProcess
SetFilePointer
LoadLibraryA
HeapAlloc
GetCPInfo
WriteFile
SetEnvironmentVariableA
OpenFileMappingW
GetTickCount
GetCurrentProcessId
SetHandleCount
GetTimeZoneInformation
GetACP
LeaveCriticalSection
GetEnvironmentStringsW
IsBadWritePtr
UnhandledExceptionFilter
GetVersion
TlsFree
WideCharToMultiByte
DeleteCriticalSection
SetLastError
ReadFile
CreateEventA
TerminateProcess
EnterCriticalSection
VirtualFree
GetModuleFileNameA
GetCurrentThreadId
GetModuleHandleA
HeapReAlloc
RtlUnwind
CreateMutexA
InterlockedExchange
FreeEnvironmentStringsA
GetDateFormatA
GetSystemTimeAsFileTime
QueryPerformanceCounter

comctl32

ImageList_SetIconSize
ImageList_GetFlags
ImageList_EndDrag
ImageList_Write
CreatePropertySheetPageA
ImageList_Replace
ImageList_LoadImage
ImageList_SetOverlayImage
ImageList_GetImageRect
MakeDragList
ImageList_ReplaceIcon
DrawStatusTextW
InitCommonControlsEx
ImageList_Add
CreateToolbarEx
DestroyPropertySheetPage
ImageList_BeginDrag

gdi32

GetMiterLimit
GetSystemPaletteEntries
GetICMProfileW
DeleteObject
GetCharacterPlacementA
CreateBitmap
OffsetWindowOrgEx
Rectangle
SetBkColor
CombineRgn
UpdateICMRegKeyA
EnumFontsW
StartDocW
CopyEnhMetaFileW
SetWinMetaFileBits
DeleteDC

comdlg32

ChooseColorA
PageSetupDlgA
ChooseFontW

shell32

ShellHookProc
RealShellExecuteExW
SHEmptyRecycleBinW
SheChangeDirExW

advapi32

GetUserNameW
CryptEnumProviderTypesA
LookupSecurityDescriptorPartsA
RegDeleteValueW
RegOpenKeyW
LookupAccountNameA
AbortSystemShutdownW
GetUserNameA
CryptSetProvParam
CryptExportKey
RegOpenKeyA
ReportEventW
LookupPrivilegeValueW
CryptDestroyKey
RegQueryValueExA
RegQueryValueA

user32

CreatePopupMenu
ShowWindow
wsprintfA
DispatchMessageA
SetWindowsHookExA
CreateWindowExW
SetDebugErrorLevel
GetKeyboardState
SendIMEMessageExA
MessageBoxW
EndPaint
RegisterClassA
GetUpdateRgn
CharNextW
CopyAcceleratorTableW
DdeAccessData
RegisterClassExA
GetWindowInfo
GetWindowThreadProcessId
OpenDesktopW
SetWindowWord

Sections

.text
Size: 497KB - Virtual size: 497KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 17KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 110KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

66783ad2c5e55af325520b1f21e8bf06

Headers

File Characteristics

PDB Paths

Imports

kernel32

comctl32

gdi32

comdlg32

shell32

advapi32

user32

Sections

.text Size: 497KB - Virtual size: 497KB

.rdata Size: 17KB - Virtual size: 44KB

.data Size: 110KB - Virtual size: 109KB

.rsrc Size: 6KB - Virtual size: 6KB

.text
Size: 497KB - Virtual size: 497KB

.rdata
Size: 17KB - Virtual size: 44KB

.data
Size: 110KB - Virtual size: 109KB

.rsrc
Size: 6KB - Virtual size: 6KB