2c9b957fdb61ad374e218b4c5e921fcb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2c9b957fdb61ad374e218b4c5e921fcb_JaffaCakes118
Size

572KB
MD5

2c9b957fdb61ad374e218b4c5e921fcb
SHA1

0d3ed1d3350f13cdcbe56a07df058006af7b2f97
SHA256

abb7664084144a2619908233676af17ec2251c1fd8d4e4de234840a608c03771
SHA512

fbe756f7d1c814f0517383e3322f61b18385d5b3aa7cbdb2c76a8b600cb07b1c6647ff9fb78842bc7509d656cbf650fdca6891be3b4ac97809ec2f52a67bdc0b
SSDEEP

12288:y2325A1Xy7AfFWmUdiJHvQ6XUMog22ZboZPfRz6S8gSHG0CEoiuD:y2m5A1Xy7AfFWZgJHNBdS6S8gL4e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c9b957fdb61ad374e218b4c5e921fcb_JaffaCakes118

Files

2c9b957fdb61ad374e218b4c5e921fcb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c34735508f050e440da42ce7f28e7cea

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

n:\vog\ktnxstr.pdb

Imports

user32

DestroyWindow
LoadCursorW
GetWindowLongA
SetMenuContextHelpId
WinHelpA
DrawStateA
DefDlgProcA
GetClassLongA
CreateWindowExA
DdeGetData
GetDesktopWindow
ShowScrollBar
GetClassWord
DefWindowProcA
LoadKeyboardLayoutW
SetCaretPos
CreatePopupMenu
SendIMEMessageExA
RegisterClassExA
RegisterClassA
GetWindowRgn
MessageBoxW
DefWindowProcW
EnumDisplaySettingsA
ShowWindow
EndPaint
GetDlgItemTextW
IsCharLowerW
EnumClipboardFormats
SetSystemCursor

kernel32

InterlockedDecrement
GetOEMCP
GetFileType
CreateFileW
EnterCriticalSection
GetLastError
FlushFileBuffers
GlobalGetAtomNameA
SetEnvironmentVariableA
InterlockedExchange
ReadFile
VirtualQuery
lstrcmpA
lstrcpynW
SetLastError
HeapCreate
GetTimeFormatW
UnhandledExceptionFilter
LoadLibraryA
LocalFileTimeToFileTime
GetConsoleMode
GetProcessHeaps
GetTickCount
FoldStringA
RtlUnwind
GlobalUnfix
GetPriorityClass
OpenMutexW
GetThreadContext
GetStartupInfoA
MapViewOfFile
GetVolumeInformationW
GetCPInfo
GetExitCodeThread
InitializeCriticalSection
CloseHandle
GetConsoleTitleA
LCMapStringW
GetFileAttributesW
GetStringTypeA
GetModuleHandleA
EnumTimeFormatsA
WideCharToMultiByte
VirtualLock
TerminateProcess
CompareStringW
OutputDebugStringW
CreateMutexA
ReadConsoleOutputAttribute
LockResource
GetEnvironmentStringsW
TerminateThread
GetThreadSelectorEntry
SetFilePointer
LeaveCriticalSection
VirtualAlloc
GetSystemDefaultLangID
FlushInstructionCache
TlsSetValue
GetEnvironmentStrings
DeleteCriticalSection
InterlockedIncrement
FindClose
GetStartupInfoW
HeapReAlloc
QueryPerformanceCounter
SetEvent
GetModuleFileNameA
GetProcAddress
MultiByteToWideChar
GetCurrentProcessId
GetSystemTimeAsFileTime
GetLocalTime
FreeEnvironmentStringsW
WriteFile
FileTimeToLocalFileTime
GetVersion
IsBadWritePtr
DeleteAtom
WritePrivateProfileSectionW
VirtualFree
SetStdHandle
GetCurrentDirectoryW
GetThreadLocale
GetCurrentThread
VirtualQueryEx
GetConsoleCursorInfo
SleepEx
LCMapStringA
SetHandleCount
SetVolumeLabelW
GetDateFormatA
IsValidCodePage
GetConsoleTitleW
lstrcat
CreateEventA
GetStdHandle
CompareStringA
LocalHandle
SetFileTime
GetTimeZoneInformation
CreateMailslotA
GetStringTypeW
GetSystemTime
GetCommandLineA
GlobalHandle
SetConsoleCP
RemoveDirectoryW
OpenMutexA
GetThreadTimes
TlsAlloc
GetCurrentThreadId
IsValidLocale
GlobalCompact
FillConsoleOutputCharacterW
InterlockedExchangeAdd
WriteConsoleInputA
SystemTimeToFileTime
TlsFree
HeapDestroy
HeapAlloc
HeapFree
GetLocaleInfoA
GetACP
GetEnvironmentVariableW
TlsGetValue
WritePrivateProfileStringA
GetCurrentProcess
ExitProcess
FreeEnvironmentStringsA
EnumResourceTypesA

comctl32

ImageList_Draw
InitCommonControlsEx
ImageList_Merge

Sections

.text
Size: 168KB - Virtual size: 167KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 248KB - Virtual size: 247KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 130KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c34735508f050e440da42ce7f28e7cea

Headers

File Characteristics

PDB Paths

Imports

user32

kernel32

comctl32

Sections

.text Size: 168KB - Virtual size: 167KB

.rdata Size: 248KB - Virtual size: 247KB

.data Size: 116KB - Virtual size: 130KB

.rsrc Size: 36KB - Virtual size: 33KB

.text
Size: 168KB - Virtual size: 167KB

.rdata
Size: 248KB - Virtual size: 247KB

.data
Size: 116KB - Virtual size: 130KB

.rsrc
Size: 36KB - Virtual size: 33KB