2c0c06c22dd230389a0c28fabf4a7cf2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2c0c06c22dd230389a0c28fabf4a7cf2_JaffaCakes118
Size

924KB
MD5

2c0c06c22dd230389a0c28fabf4a7cf2
SHA1

bdd2e5ae35cff56a48d3e451df82d7f2fd09327b
SHA256

6c41c34e0e692525d363c44a362f54fc1c587cad9f5bd08f81c7ecdc7c53d2b2
SHA512

05dd85b01bfebdf09be76fc2c78cde1d497bdc2239ace521dc57ed41e0a704126d6b42c0c2d62546750f3cfe12370acec39965a169c02dc68c533f9739ebc3e9
SSDEEP

12288:WT0UeUMMunfbksz8rvuQbp12KnUkuZKJ79muboxdSu87a7o5FhuZo6x6j78nU8:W4OMM+XQF1JnURKJP0dZb7opaoVj7oU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c0c06c22dd230389a0c28fabf4a7cf2_JaffaCakes118

Files

2c0c06c22dd230389a0c28fabf4a7cf2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2fb99a06f8a4d1404b6a9994bc23b21c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegSaveKeyA
RegQueryInfoKeyW
CryptDeriveKey
RegSetValueA
RegDeleteKeyW
CreateServiceA
RegQueryInfoKeyA
LookupPrivilegeNameA
RegDeleteValueA
RegOpenKeyExA
RegEnumKeyA
RegLoadKeyA
RegQueryValueW
LogonUserW

kernel32

GetModuleFileNameW
CompareStringW
HeapDestroy
SetLastError
LeaveCriticalSection
CreateMutexA
TlsAlloc
TlsSetValue
TerminateProcess
lstrcmpiW
VirtualAlloc
SetFilePointer
SetConsoleOutputCP
SetStdHandle
GetCurrentProcessId
IsValidCodePage
GetStartupInfoW
GlobalCompact
GetCommandLineA
GetModuleFileNameA
IsBadReadPtr
WriteFile
LCMapStringA
HeapAlloc
InterlockedDecrement
GetProcAddress
SetEnvironmentVariableA
InterlockedIncrement
HeapCreate
OpenFileMappingW
GetStringTypeW
GetCurrentThread
MultiByteToWideChar
GetSystemTime
FreeEnvironmentStringsA
WideCharToMultiByte
GetEnvironmentStrings
FreeLibraryAndExitThread
CloseHandle
ExitProcess
FileTimeToLocalFileTime
FindResourceW
InitializeCriticalSection
TlsGetValue
HeapReAlloc
TlsFree
VirtualQuery
LoadLibraryA
GetCommandLineW
EnumTimeFormatsA
FlushFileBuffers
GetStdHandle
GetCPInfo
GetStringTypeA
GetFileType
FreeEnvironmentStringsW
UnhandledExceptionFilter
GetEnvironmentStringsW
ReadFile
GetCurrentThreadId
EnterCriticalSection
MoveFileExW
GetTickCount
GetLocalTime
CompareStringA
GetModuleHandleA
GetStartupInfoA
QueryPerformanceCounter
GetConsoleOutputCP
FindResourceExW
GetLastError
HeapFree
OpenMutexA
SetHandleCount
GetSystemTimeAsFileTime
DeleteCriticalSection
LCMapStringW
InterlockedExchange
GlobalFindAtomA
GetTimeZoneInformation
VirtualFree
LoadResource
GetVersion
WriteProfileSectionA
RtlUnwind
EnumResourceLanguagesW
GetCurrentProcess
IsBadWritePtr

user32

EndMenu
GetClipboardData
RegisterClassA
SetWindowWord
RegisterClassExA
IsCharUpperW
LoadBitmapW
SetWindowsHookExW

comdlg32

GetOpenFileNameW
ChooseFontW
GetFileTitleA

wininet

SetUrlCacheConfigInfoW
FindFirstUrlCacheGroup
InternetTimeFromSystemTimeW
FtpFindFirstFileW

shell32

RealShellExecuteA
ShellExecuteEx
ExtractAssociatedIconW

comctl32

InitCommonControlsEx
ImageList_Remove
ImageList_Write
ImageList_AddIcon
ImageList_SetIconSize
ImageList_EndDrag
ImageList_Replace
DrawStatusTextW
ImageList_GetFlags
ImageList_GetBkColor
ImageList_GetImageInfo
ImageList_SetFlags
ImageList_LoadImage
CreateToolbarEx
ImageList_GetIconSize
ImageList_ReplaceIcon
MakeDragList
ImageList_GetIcon
InitMUILanguage
ImageList_DragEnter
_TrackMouseEvent
ImageList_Add

Sections

.text
Size: 120KB - Virtual size: 119KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 246KB - Virtual size: 266KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 487KB - Virtual size: 484KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 69KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2fb99a06f8a4d1404b6a9994bc23b21c

Headers

File Characteristics

Imports

advapi32

kernel32

user32

comdlg32

wininet

shell32

comctl32

Sections

.text Size: 120KB - Virtual size: 119KB

.rdata Size: 246KB - Virtual size: 266KB

.data Size: 487KB - Virtual size: 484KB

.rsrc Size: 69KB - Virtual size: 68KB

.text
Size: 120KB - Virtual size: 119KB

.rdata
Size: 246KB - Virtual size: 266KB

.data
Size: 487KB - Virtual size: 484KB

.rsrc
Size: 69KB - Virtual size: 68KB