2c6614accf17b4d813e02a8bae6b2aac_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2c6614accf17b4d813e02a8bae6b2aac_JaffaCakes118
Size

181KB
MD5

2c6614accf17b4d813e02a8bae6b2aac
SHA1

299ea33ac8a12a563e4416dc1a50165852b8c21d
SHA256

cfe4199ba379a5c47058a532b71bd9afa4f793779a05cd86b68ad73acae59774
SHA512

bdac2cbc86d2041cb570b22ede739d7f2010d556fde867910c07540fd420962932d792a5eaf6279e529a3ae8656e9ccc12b538ad9cd2434d6a7c1095623ca6e9
SSDEEP

3072:VlKCikml5x4bWtchVydJO41Gf6yeBotydjjEjU17q3Fr:Lk15+6cn6yeBotWjEjUNEZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c6614accf17b4d813e02a8bae6b2aac_JaffaCakes118

Files

2c6614accf17b4d813e02a8bae6b2aac_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6e10ffa6b2fbc93db3438b30ca1a5cf6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathFindFileNameW
PathAppendW
PathFileExistsW
PathFindExtensionW

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

gdi32

OffsetViewportOrgEx
PtVisible
SetMapMode
CreateBitmap
DeleteDC
SetWindowExtEx
SetTextColor
DeleteObject
SelectObject
SetBkColor
RectVisible
RestoreDC
ScaleViewportExtEx
SetViewportExtEx
Escape
GetClipBox
TextOutW
ExtTextOutW
SaveDC
SetViewportOrgEx
ScaleWindowExtEx
GetDeviceCaps
GetStockObject

user32

CheckMenuItem
GetWindowTextW
MessageBoxW
EnableMenuItem
ModifyMenuW
GetSysColor
GetSystemMetrics
GetLastActivePopup
GetWindowLongW
GetMenuCheckMarkDimensions
LoadBitmapW
ReleaseDC
LoadCursorW
GetParent
GetDC
EnableWindow
IsWindowEnabled
GetSysColorBrush

ole32

CoUninitialize
CoCreateInstance
CoInitialize

kernel32

GetOEMCP
GetStringTypeW
QueryPerformanceCounter
WriteFile
RtlUnwind
IsBadWritePtr
HeapDestroy
GetShortPathNameA
GetModuleFileNameA
HeapSize
IsBadCodePtr
GetStringTypeA
TerminateProcess
VirtualFree
GetEnvironmentStringsW
GetProcessAffinityMask
LCMapStringW
LCMapStringA
GetEnvironmentStrings
GetSystemInfo
GetStartupInfoA
GetFileType
GetCurrentProcess
EnumResourceTypesW
SetUnhandledExceptionFilter
VirtualProtect
GetCurrentProcessId
UnhandledExceptionFilter
SetStdHandle
HeapCreate
SetFilePointer
HeapFree
HeapReAlloc
GetFileAttributesA
FlushFileBuffers
GetStdHandle
FreeEnvironmentStringsW
VirtualQuery
GetSystemTimeAsFileTime
SetHandleCount
GetCPInfo
HeapAlloc
GetCommandLineA
IsBadReadPtr
VirtualAlloc
GetTickCount
ExitProcess

shell32

SHGetSpecialFolderPathW

advapi32

RegOpenKeyExW
RegQueryValueExW
RegCloseKey

Sections

.text
Size: 100KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 124KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6e10ffa6b2fbc93db3438b30ca1a5cf6

Headers

File Characteristics

Imports

shlwapi

winspool.drv

gdi32

user32

ole32

kernel32

shell32

advapi32

Sections

.text Size: 100KB - Virtual size: 100KB

.rdata Size: 3KB - Virtual size: 2KB

.bss Size: 76KB - Virtual size: 75KB

.tls Size: 1024B - Virtual size: 124KB

.text
Size: 100KB - Virtual size: 100KB

.rdata
Size: 3KB - Virtual size: 2KB

.bss
Size: 76KB - Virtual size: 75KB

.tls
Size: 1024B - Virtual size: 124KB