2c40e3c79661ec2e15f11cfeea540910_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2c40e3c79661ec2e15f11cfeea540910_JaffaCakes118
Size

536KB
MD5

2c40e3c79661ec2e15f11cfeea540910
SHA1

eca37dbd9f52264098ef3ba5d892331b7b27c39e
SHA256

8e3ff01dcdb330363b5aa37835552657e8011b0c76b0d31d5e1cbf026946b571
SHA512

de3aab1b9eec4f5c277b6e3eb812467662ac7e5dbd0b93e7cba8c99a93be961a606024eec56c579b10c33d6ad2ee1b60f55830c86f0fa4330c792c9c9f4a93ce
SSDEEP

12288:K+SYSxuZ5q9YmWSUzeAiieZMDfoT0K7tPffPjZsaH:dhSzZMfoT0M3HjGaH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c40e3c79661ec2e15f11cfeea540910_JaffaCakes118

Files

2c40e3c79661ec2e15f11cfeea540910_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9fdf4f5e8e81a30d4266710bbb8ca2a3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceExW
WritePrivateProfileStructA
RaiseException
LCMapStringA
VirtualQueryEx
_llseek
FreeLibraryAndExitThread
IsBadWritePtr
_hread
DeleteFiber
GlobalFindAtomW
GetSystemInfo
GetShortPathNameW
VirtualQuery
SetTimeZoneInformation
GetProfileIntA
FlushFileBuffers
GetSystemDefaultLangID
CreateIoCompletionPort
CreateMutexW
WriteProcessMemory
SetNamedPipeHandleState
InitializeCriticalSection
EnumSystemCodePagesA
GlobalReAlloc
CreateEventA
CompareStringA
GetUserDefaultLangID
GetAtomNameA
LocalAlloc
CreateProcessA
SetConsoleOutputCP
ReadDirectoryChangesW
SetStdHandle
IsProcessorFeaturePresent
GlobalGetAtomNameW
GetModuleFileNameW
GetStartupInfoA
LeaveCriticalSection
GetCommandLineW
OpenMutexA
FindResourceExA
WritePrivateProfileSectionA
WritePrivateProfileSectionW
RemoveDirectoryA
EnumDateFormatsW
SetSystemTime
SetCommTimeouts
FreeLibrary
LocalReAlloc
SetConsoleWindowInfo
GetDriveTypeA
GetPrivateProfileStringW
GetSystemTime
ConnectNamedPipe
CreateMutexA
GetACP
LocalSize
FatalAppExitA
FreeResource
GlobalUnlock
SetHandleCount
DuplicateHandle
_lopen
GetCompressedFileSizeW
lstrcpynA
WriteFile
CreatePipe
GetProcessHeap
lstrcatW
GetFileInformationByHandle
SetMailslotInfo
GetThreadPriority
SetEvent
GetNumberFormatW
SetConsoleMode
IsBadReadPtr
ExitProcess

user32

DrawFocusRect
EnumDesktopsA
GetForegroundWindow

gdi32

SetMetaFileBitsEx
GetCurrentObject
PolyDraw
CopyMetaFileW
OffsetViewportOrgEx
CreateDCW
GetGlyphOutlineW

advapi32

GetServiceKeyNameW
SetSecurityDescriptorGroup
CryptAcquireContextA
EnumServicesStatusW
RegSaveKeyW
LockServiceDatabase
RevertToSelf
LogonUserA
NotifyChangeEventLog
CryptDestroyKey
RegQueryInfoKeyA
MakeAbsoluteSD
CryptGetHashParam
RegQueryValueExW
EnumDependentServicesA
DuplicateToken
GetSidSubAuthorityCount
BuildTrusteeWithNameW
DeregisterEventSource
OpenSCManagerA
QueryServiceConfigW
SetEntriesInAclA
RegEnumKeyExW
AllocateLocallyUniqueId
QueryServiceConfigA
CryptAcquireContextW

shell32

SHLoadInProc
FindExecutableW
Shell_NotifyIconA
FindExecutableA
ExtractIconExW

ole32

OleSetMenuDescriptor
OleBuildVersion
CoGetInterfaceAndReleaseStream
CoTreatAsClass
OleRegGetMiscStatus
WriteClassStg
CoFreeUnusedLibraries
ReadClassStg
OleCreateMenuDescriptor
OleConvertIStorageToOLESTREAM

oleaut32

LoadTypeLibEx
VariantChangeType

comctl32

CreatePropertySheetPageW
ImageList_SetIconSize

shlwapi

PathIsDirectoryA
PathRemoveFileSpecW
PathIsRelativeA
PathAppendW
UrlCombineW
StrDupW
StrRetToStrW
PathFileExistsW

Sections

.text
Size: 10KB - Virtual size: 220KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 256KB - Virtual size: 255KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9fdf4f5e8e81a30d4266710bbb8ca2a3

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

Sections

.text Size: 10KB - Virtual size: 220KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 256KB - Virtual size: 255KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 10KB - Virtual size: 220KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 256KB - Virtual size: 255KB

.rsrc
Size: 10KB - Virtual size: 10KB