2c2a49c3c35a092d812d971771d25e1f_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2c2a49c3c35a092d812d971771d25e1f_JaffaCakes118
Size

336KB
MD5

2c2a49c3c35a092d812d971771d25e1f
SHA1

6124ad73d3153a5372cb2ec7d9ed12b4e183abeb
SHA256

b0aafae6913e61355b0891439bdaa622ac9eb2d069c5cad0bc60a9c3f7840b3d
SHA512

7e7c95167f6c9c0998a9f767edb119cf0d1f324fa0b5657c4822d6d64507563b0f3c711963ea02152339e7a512af3b4afe0314edee598a9c8071a9c5b9206d53
SSDEEP

6144:j5+q3iXl1ZejOe6FAgzJ4n13It5hKa5Ezm6OwG8GIpk28dbP2aNXKF:X3iXl1ZmeAyJ4OIl7RMIpkFsV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c2a49c3c35a092d812d971771d25e1f_JaffaCakes118

Files

2c2a49c3c35a092d812d971771d25e1f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

23a91ea9ea5d6e7d9213d38f80b47780

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetThreadPriorityBoost
OpenFileMappingW
LoadResource
FlushFileBuffers
AddAtomW
WaitNamedPipeA
IsDBCSLeadByteEx
GetSystemDefaultLangID
DosDateTimeToFileTime
GetProcessHeap
EndUpdateResourceA
GlobalSize
GetLocaleInfoW
ReadDirectoryChangesW
FillConsoleOutputCharacterA
WaitNamedPipeW
EscapeCommFunction
GetConsoleMode
MoveFileA
GlobalFindAtomW
GetProcessVersion
CreateMutexW
EnumDateFormatsW
GlobalUnlock
WriteConsoleInputW
GetModuleHandleW
CreateProcessW
OpenSemaphoreW
SetHandleCount
WriteProcessMemory
FileTimeToLocalFileTime
ReadConsoleOutputA
TlsAlloc
GetCommandLineA
FreeResource
GetStartupInfoA
FreeEnvironmentStringsA
SetFilePointer
UnlockFileEx
RemoveDirectoryA
ConvertDefaultLocale
SetCurrentDirectoryA
FindResourceExA
ClearCommError
GetProfileStringW
GetPrivateProfileSectionNamesA
GetCommState
GlobalAlloc
GetThreadLocale
SetTapeParameters
LockFile
GetDriveTypeA
HeapAlloc
GetWindowsDirectoryA
RemoveDirectoryW
GetThreadTimes
GetFileAttributesExW
GetNumberFormatW
MapViewOfFileEx
CreateThread
WritePrivateProfileStringA
CopyFileExW
InitializeCriticalSectionAndSpinCount
ReadConsoleOutputW
GetOverlappedResult
DeleteFileA
VirtualUnlock
SetLocalTime
FormatMessageA
CreateEventA
OpenMutexA
FindFirstChangeNotificationW
LockResource
CloseHandle
GetProfileIntA
GetSystemTime
FoldStringW
GetBinaryTypeW
GetLargestConsoleWindowSize
GetFileTime
BackupWrite
EnumCalendarInfoW
WideCharToMultiByte
GetHandleInformation
GetLongPathNameA
SleepEx
WritePrivateProfileSectionW
GetSystemInfo
InitializeCriticalSection
GetDateFormatW
GlobalDeleteAtom
lstrcpynA
WaitForMultipleObjects
ExitThread
ConnectNamedPipe
SetCommTimeouts
GetComputerNameW
MoveFileExA
SetConsoleTextAttribute
GetStringTypeExA
FindFirstFileW
SetLastError
OutputDebugStringA
Sleep
GetVersionExA
lstrlenA
VirtualProtect
GetComputerNameA
ExitProcess

user32

EqualRect
GetQueueStatus
MessageBoxA
MonitorFromWindow
RegisterClassW
GetMenu
DispatchMessageW
GetKeyboardLayoutNameA
RemovePropA
GetClipCursor
DialogBoxIndirectParamW
CharPrevA
SetWindowsHookExA
MessageBeep
GetDlgItemTextW
PeekMessageW
GetWindowContextHelpId
GetWindowWord

gdi32

StartDocA
Arc
CreateDIBPatternBrushPt
ExtCreateRegion
SetBrushOrgEx
SetPaletteEntries
MoveToEx
PolyDraw
GetCharWidth32A
SetPixelV
ExtTextOutW
GetGlyphOutlineW
Ellipse
BitBlt
CreateSolidBrush
CopyMetaFileA
SetViewportExtEx
GetTextExtentPointA
CopyEnhMetaFileA
CreateDCW
UnrealizeObject

comdlg32

ChooseFontW
PageSetupDlgW
ChooseColorA

advapi32

IsValidSecurityDescriptor
SetSecurityDescriptorSacl
RegSetKeySecurity
CryptGetProvParam
RevertToSelf
StartServiceCtrlDispatcherA
CreateProcessAsUserW
AccessCheckAndAuditAlarmA
RegSetValueA
EqualSid
AbortSystemShutdownA
PrivilegeCheck
QueryServiceConfigA
CryptGetKeyParam
InitiateSystemShutdownA
RegReplaceKeyW
ObjectCloseAuditAlarmA
RegEnumValueA
GetFileSecurityW
ObjectDeleteAuditAlarmW
OpenServiceA
GetSidLengthRequired
MakeSelfRelativeSD
SetEntriesInAclW
RegLoadKeyA
SetSecurityDescriptorOwner
RegUnLoadKeyA
CryptDeriveKey
StartServiceCtrlDispatcherW
RegGetKeySecurity
OpenEventLogW
LogonUserW
RegFlushKey
LogonUserA
ChangeServiceConfigA

shell32

ShellAboutW
ShellExecuteW
DuplicateIcon
Shell_NotifyIconA
DoEnvironmentSubstW

oleaut32

SysAllocStringLen
SetErrorInfo
DispGetIDsOfNames
SysFreeString
GetActiveObject
SafeArrayPutElement
SysStringLen
VariantCopy

comctl32

ImageList_SetBkColor
ImageList_AddMasked
ImageList_SetImageCount

shlwapi

UrlIsW
PathSkipRootW
wnsprintfW
SHDeleteValueW
SHDeleteKeyA
PathIsFileSpecW
PathStripToRootW
PathFindNextComponentW
StrChrIW

setupapi

SetupDiEnumDeviceInfo

Sections

.text
Size: 312KB - Virtual size: 311KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

23a91ea9ea5d6e7d9213d38f80b47780

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

oleaut32

comctl32

shlwapi

setupapi

Sections

.text Size: 312KB - Virtual size: 311KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 12KB - Virtual size: 9KB

.text
Size: 312KB - Virtual size: 311KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 12KB - Virtual size: 9KB