2c4dea346c7a28fbb4a81d298c810694_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2c4dea346c7a28fbb4a81d298c810694_JaffaCakes118
Size

324KB
MD5

2c4dea346c7a28fbb4a81d298c810694
SHA1

6f0fa76fc631d81c1dc254273bde9c71e9d6935f
SHA256

dae95637854403e0ce2ebcb4516d6c3b1b52f168832c38a28bcc8592e62e7411
SHA512

eef1a0c1b7d911efc0d866f3c8a67a60546af57e5dfcad3537105c120336d7003ef03594a743967c05892e7cd2c40111d86dbbfd1c57c44c67f8df803edcd8c9
SSDEEP

6144:5Sjz0UAzNe1fVIp//hATFecoalpCwUqPdHRMCWWhqF2CnpCG/:oz05e1CRYeor16QhqF2q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c4dea346c7a28fbb4a81d298c810694_JaffaCakes118

Files

2c4dea346c7a28fbb4a81d298c810694_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ae7b7fdf04a38589704224f2fce8da94

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

PageSetupDlgW
LoadAlterBitmap
FindTextW
GetOpenFileNameW

advapi32

CryptDuplicateKey
RegFlushKey
AbortSystemShutdownA
CryptSetProvParam
RegOpenKeyW
RegCreateKeyExW
RegSaveKeyW
CryptGenKey
CryptReleaseContext
CryptGetDefaultProviderW
RegDeleteKeyW
CryptGetProvParam

gdi32

GetObjectA
GetLogColorSpaceA
CreateEllipticRgnIndirect
LPtoDP
GetRandomRgn
SaveDC
GdiGetBatchLimit
CreateDCA
DeleteObject
DeleteDC
SelectClipRgn
GetTextExtentPointW
AnimatePalette
PolyTextOutA
EnumFontFamiliesExA
CreateColorSpaceW
GetCharacterPlacementW
FloodFill
GetClipBox
FillPath
GetDeviceCaps
EnumObjects
DeviceCapabilitiesExA

comctl32

ImageList_GetBkColor
ImageList_LoadImageW
CreateMappedBitmap
CreateStatusWindowA
ImageList_SetDragCursorImage
ImageList_DrawIndirect
ImageList_AddIcon
ImageList_ReplaceIcon
ImageList_Replace
ImageList_Copy
ImageList_GetIcon
InitCommonControlsEx
ImageList_GetImageRect
ImageList_GetFlags
CreatePropertySheetPageW
ImageList_DrawEx
ImageList_SetFilter
GetEffectiveClientRect
_TrackMouseEvent
ImageList_BeginDrag

user32

CreateWindowExA
SetParent
DefWindowProcW
GetClipboardViewer
SwapMouseButton
DestroyWindow
GetClassInfoExW
MessageBoxA
GetWindowTextA
RegisterClassExA
RegisterClassA
CharToOemBuffW
ShowWindow
SetDoubleClickTime
SetClassLongA

kernel32

GetSystemTime
GetDriveTypeA
GetEnvironmentStrings
GetStringTypeA
GetDriveTypeW
CompareStringA
TlsAlloc
HeapAlloc
MapViewOfFile
TlsFree
GetStdHandle
InterlockedDecrement
GetStringTypeW
GetTickCount
GetCommandLineW
GetModuleHandleA
GetStartupInfoA
FlushFileBuffers
LeaveCriticalSection
LoadLibraryA
GetVersion
LCMapStringA
GetModuleFileNameA
GetUserDefaultLangID
OpenMutexA
GetStartupInfoW
GetLocalTime
GetFileType
IsBadWritePtr
RtlUnwind
SetConsoleScreenBufferSize
SetEnvironmentVariableA
LCMapStringW
InterlockedExchangeAdd
InterlockedIncrement
OpenEventA
GetThreadPriority
HeapFree
GetSystemTimeAsFileTime
GetLogicalDrives
WaitForMultipleObjectsEx
HeapCreate
InitializeCriticalSection
SetConsoleActiveScreenBuffer
TlsGetValue
HeapReAlloc
GetCurrentProcessId
SetStdHandle
GetCurrencyFormatA
WideCharToMultiByte
TerminateProcess
lstrcatW
GetCommandLineA
GetComputerNameW
GetUserDefaultLCID
UnhandledExceptionFilter
DeleteCriticalSection
WriteFile
GetCurrentProcess
SetFileAttributesW
SetHandleCount
VirtualAlloc
SetLastError
GetTimeZoneInformation
CloseHandle
CreateDirectoryExW
FreeEnvironmentStringsA
GetCurrentThread
AddAtomW
GetModuleFileNameW
GetCurrentThreadId
ExitProcess
GetProcAddress
ReadFile
CreateSemaphoreA
CreateMutexA
GetProcAddress
VirtualQuery
GetEnvironmentStringsW
QueryPerformanceCounter
InterlockedExchange
EnterCriticalSection
CompareStringW
SetFilePointer
FreeEnvironmentStringsW
HeapDestroy
lstrcat
VirtualFree
GetLastError
MultiByteToWideChar
TlsSetValue
DeleteFileW
EnumSystemCodePagesA
GetCPInfo

Sections

.text
Size: 113KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 73KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 95KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ae7b7fdf04a38589704224f2fce8da94

Headers

File Characteristics

Imports

comdlg32

advapi32

gdi32

comctl32

user32

kernel32

Sections

.text Size: 113KB - Virtual size: 112KB

.rdata Size: 73KB - Virtual size: 103KB

.data Size: 95KB - Virtual size: 94KB

.rsrc Size: 41KB - Virtual size: 41KB

.text
Size: 113KB - Virtual size: 112KB

.rdata
Size: 73KB - Virtual size: 103KB

.data
Size: 95KB - Virtual size: 94KB

.rsrc
Size: 41KB - Virtual size: 41KB