2c71fb840796c2b6c928a98b8c97b58c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2c71fb840796c2b6c928a98b8c97b58c_JaffaCakes118
Size

312KB
MD5

2c71fb840796c2b6c928a98b8c97b58c
SHA1

ec410704cc5ea04e0ec97eff282a5538cf6cde94
SHA256

bda2000a33b49970181c0f8a77e7a152d9f0027d028eccfd02eaea0aa400232b
SHA512

e8ca04b5f2df8503d18b109ac94d929ee18cb48a8a3650bb6ef055123ca6a292a76eb6fbf3ca3fd1324b3a26b8e466e61ca24412d723cb3474929c5659de5861
SSDEEP

6144:UI2cMweC9Tdd+SICYfozt3kur+z0LJKcd1CA8pGkE5lx:UI2cMwe0H+SIXQzt3kw1VE9I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c71fb840796c2b6c928a98b8c97b58c_JaffaCakes118

Files

2c71fb840796c2b6c928a98b8c97b58c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0002a800dde28b055e87726f8bb8ddbc

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetHandleInformation
InterlockedExchangeAdd
CreateDirectoryExW
GetModuleHandleA
WriteFileGather
SystemTimeToFileTime
GetTapePosition
PulseEvent
EnterCriticalSection
GetProcessAffinityMask
FileTimeToDosDateTime
ResumeThread
CreateNamedPipeW
GetDriveTypeA
GetFileAttributesExW
_lclose
InterlockedCompareExchange
SetSystemTime
_lread
GetCommandLineA
GetPrivateProfileSectionA
GetCurrentThread
HeapDestroy
TlsSetValue
GetVersionExA
VirtualProtect
CreateWaitableTimerA
WaitForMultipleObjectsEx
GetTempFileNameA
GetEnvironmentStringsW
IsValidCodePage
FindFirstChangeNotificationW
VirtualQuery
ExitProcess

user32

CreateDialogIndirectParamA
PostMessageA
DispatchMessageA
SetWindowsHookW
CloseWindowStation
GetClassLongA
OpenDesktopA
SetLastErrorEx
SetWindowsHookExA
CharUpperBuffA
SetWindowContextHelpId
SetWindowTextW
BroadcastSystemMessageW
GetKeyState
GetSystemMetrics
WaitMessage
SendMessageTimeoutA
GetClassInfoW
GetProcessWindowStation
UnionRect
SendDlgItemMessageA
TranslateAcceleratorW
ChangeClipboardChain
GetIconInfo
UnhookWindowsHookEx
UnhookWindowsHook
GetScrollPos
ValidateRgn
InvalidateRgn
SetCaretBlinkTime
ReleaseCapture
OemToCharA
GetKeyboardState
SetMessageQueue
SetActiveWindow
BeginDeferWindowPos

gdi32

GetBrushOrgEx
PolylineTo
GetSystemPaletteUse
RealizePalette

comdlg32

GetOpenFileNameW
PrintDlgA
GetFileTitleA

advapi32

RegSetValueA
RegEnumValueW

shell32

SHAddToRecentDocs

ole32

OleRun

oleaut32

SafeArrayGetUBound
LoadTypeLi
GetErrorInfo
SysReAllocStringLen
SafeArrayPtrOfIndex
SafeArrayGetElement
VariantClear
SysStringLen

shlwapi

StrCmpIW
PathAddBackslashW
SHStrDupW
PathIsRootA
StrCmpNA
PathRemoveFileSpecA
PathRelativePathToW
SHEnumValueW
PathFindExtensionW
PathUndecorateW
PathSkipRootW
PathIsPrefixW
StrPBrkW

setupapi

SetupDiGetClassDevsExW
SetupDiRemoveDevice

Sections

.text
Size: 284KB - Virtual size: 283KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0002a800dde28b055e87726f8bb8ddbc

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

setupapi

Sections

.text Size: 284KB - Virtual size: 283KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 20KB - Virtual size: 17KB

.text
Size: 284KB - Virtual size: 283KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 20KB - Virtual size: 17KB