2c4b26bba650adb4bc19704fd97ba9eb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2c4b26bba650adb4bc19704fd97ba9eb_JaffaCakes118
Size

336KB
MD5

2c4b26bba650adb4bc19704fd97ba9eb
SHA1

1c0eaa8d884b3a7908a774458f0ce2f8ed8cf5ce
SHA256

a50055a5502fa318acad237e0a87324ffa95231abbb5c2ba2e56888bb1c6ed37
SHA512

bc518b4f7fb080c455ff595e7a9123f8356819676dd73c781a95d20311a343bfb38fb0aef803d30cdf084c56e4fbf4068b7c13724d25e8140773449bc81e345b
SSDEEP

6144:4928NValPlWI6RtvEdOSnS3pJtkbR5oC+twskkFn5:48EValSt8lnSa5oC+2YF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c4b26bba650adb4bc19704fd97ba9eb_JaffaCakes118

Files

2c4b26bba650adb4bc19704fd97ba9eb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

59922db85eb3c0790e043d83c1a28a56

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

VirtualProtect
GlobalFree
GetSystemInfo
GetThreadPriority
VirtualAlloc
UnhandledExceptionFilter
GetPrivateProfileStringW
GetConsoleMode
SetEndOfFile
GlobalDeleteAtom
SetErrorMode
VirtualQuery
GetCommConfig
SetThreadAffinityMask
GetTimeZoneInformation
ExitProcess
GetFileType
GetCommandLineW
GetThreadContext
GetCommandLineA
GetVersionExA

user32

SetCaretPos
GetDlgItemInt

gdi32

RectVisible
CreateCompatibleDC
GetOutlineTextMetricsW
StretchDIBits
GetTextExtentPoint32A
SetSystemPaletteUse
GetTextCharsetInfo
SetViewportOrgEx
CreateMetaFileW
ModifyWorldTransform
CreatePolygonRgn
SetMapperFlags
ArcTo
ExtTextOutW
SetWindowOrgEx
ExtFloodFill
GetCharWidth32W
EndPage
ChoosePixelFormat
GetSystemPaletteEntries
CreateRectRgnIndirect

advapi32

GetUserNameA
RegSaveKeyA

shell32

FindExecutableW

ole32

CoFileTimeNow
CoQueryProxyBlanket
CreateOleAdviseHolder

oleaut32

SafeArrayRedim
VariantChangeType
SafeArrayGetLBound
SetErrorInfo
SafeArrayCreate
QueryPathOfRegTypeLi
LoadTypeLi

comctl32

InitCommonControlsEx
ImageList_EndDrag
ImageList_GetDragImage

shlwapi

SHQueryValueExW
StrCmpIW
PathIsPrefixW
PathRemoveArgsW
StrCmpNA
PathIsDirectoryA
PathFindFileNameA
PathSkipRootW
PathCompactPathExW
UrlIsW
PathGetArgsW
PathAddBackslashA
PathRemoveFileSpecW
PathIsDirectoryW
PathFindExtensionW

setupapi

SetupDiCreateDeviceInfoList
SetupIterateCabinetW
SetupOpenAppendInfFileW

Sections

.text
Size: 316KB - Virtual size: 314KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

59922db85eb3c0790e043d83c1a28a56

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

setupapi

Sections

.text Size: 316KB - Virtual size: 314KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 12KB - Virtual size: 11KB

.text
Size: 316KB - Virtual size: 314KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 12KB - Virtual size: 11KB