2c3435f5afbc2876717e3044f899a0b6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2c3435f5afbc2876717e3044f899a0b6_JaffaCakes118
Size

605KB
MD5

2c3435f5afbc2876717e3044f899a0b6
SHA1

c36c03c6313996db987fadf733653243058bb3ea
SHA256

4f13162945c1ec4d2de8c87dfe5acbc8191aed24ad3dc3a63f469f1c8495385b
SHA512

e838dee94ff46f76b6f96929cced6b5351d215d8cffeb122c143e360c751432dd5ef845a847f0bcf906800474983045c5dc164de2e62125749661099072f33c3
SSDEEP

12288:SSQRpxmOW0D8cfrnk+e2b20qYD9PWVPORr3UNucedvnuU:fQRXmJsfkj2My9PWAlB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c3435f5afbc2876717e3044f899a0b6_JaffaCakes118

Files

2c3435f5afbc2876717e3044f899a0b6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ccd51f470ff8eb85438b10216bea2906

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_EndDrag
DestroyPropertySheetPage
ImageList_DrawIndirect
CreateToolbarEx
CreateToolbar
ImageList_SetFilter
InitCommonControlsEx
ImageList_SetBkColor
ImageList_GetDragImage

user32

DefDlgProcW
CreateWindowExW
GetSubMenu
RegisterClassA
ClientToScreen
MapVirtualKeyW
LoadMenuIndirectW
ShowWindow
GetDlgItem
MessageBoxW
DrawMenuBar
SendMessageW
RemovePropA
SetWindowPlacement
RegisterClassExA
GetClientRect
RegisterClassExW

advapi32

RegSaveKeyW
RegQueryValueExA
LookupAccountNameW
LookupAccountNameA
CryptEnumProvidersW
RevertToSelf
CryptGetKeyParam
RegSetKeySecurity
CryptDestroyKey
CryptSignHashA
CryptHashData
RegCreateKeyExW
RegLoadKeyA
CryptGetDefaultProviderW

comdlg32

ChooseColorW

kernel32

LCMapStringA
TlsGetValue
WideCharToMultiByte
HeapAlloc
GetTickCount
InitializeCriticalSection
GetModuleFileNameW
EnumSystemLocalesA
GetStringTypeA
InterlockedExchange
MultiByteToWideChar
GetSystemInfo
IsValidLocale
TlsAlloc
GetCurrentProcess
ReadFile
DeleteCriticalSection
LCMapStringW
VirtualFree
GetEnvironmentStringsW
GetUserDefaultLCID
FreeEnvironmentStringsA
CompareStringW
CompareStringA
GetStringTypeW
HeapSize
GetCPInfo
GetEnvironmentStrings
VirtualQuery
VirtualProtect
GetLocaleInfoA
GetDateFormatA
GetStdHandle
RtlUnwind
GetCommandLineW
GetLastError
GetACP
GetLocaleInfoW
OpenMutexA
SetFilePointer
VirtualAlloc
FlushFileBuffers
SetEnvironmentVariableA
lstrcatA
CreateMutexA
SetLastError
GetCurrentThreadId
IsValidCodePage
GetModuleHandleA
SetStdHandle
GetStartupInfoA
GetSystemTimeAsFileTime
TlsFree
HeapFree
GetPrivateProfileSectionNamesA
GetModuleFileNameA
SetHandleCount
LeaveCriticalSection
CloseHandle
WriteFile
HeapDestroy
GetCurrentProcessId
HeapCreate
GetProcAddress
LoadLibraryA
FileTimeToDosDateTime
GetStartupInfoW
HeapReAlloc
TlsSetValue
EnterCriticalSection
GetCommandLineA
IsBadWritePtr
GetFileType
TerminateProcess
GetOEMCP
GetVersionExA
UnhandledExceptionFilter
GetTimeZoneInformation
FreeEnvironmentStringsW
ExitProcess
GetCurrentThread
GetTimeFormatA
QueryPerformanceCounter
WaitForSingleObjectEx
FindResourceA

wininet

UnlockUrlCacheEntryFileA

Sections

.text
Size: 355KB - Virtual size: 355KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 46KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ccd51f470ff8eb85438b10216bea2906

Headers

File Characteristics

Imports

comctl32

user32

advapi32

comdlg32

kernel32

wininet

Sections

.text Size: 355KB - Virtual size: 355KB

.rdata Size: 46KB - Virtual size: 74KB

.data Size: 116KB - Virtual size: 109KB

.rsrc Size: 86KB - Virtual size: 86KB

.text
Size: 355KB - Virtual size: 355KB

.rdata
Size: 46KB - Virtual size: 74KB

.data
Size: 116KB - Virtual size: 109KB

.rsrc
Size: 86KB - Virtual size: 86KB