2c731d7f58e8560c36f2cfcf9062c7ad_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2c731d7f58e8560c36f2cfcf9062c7ad_JaffaCakes118
Size

316KB
MD5

2c731d7f58e8560c36f2cfcf9062c7ad
SHA1

78a12a053e7060de5c6370229e49a6cb3bbcfa35
SHA256

82b36c51a7894cf2abac167447f1e4c0834f81d1084d35290215aedcee3d469c
SHA512

fc5433aa9c613375133bfaa8acdc1742bed183bc6977fcfd4d59f2fe6a4a53f13e06b516b294934f6ef4ea0f63e0123758aa50ace85c2806c249df3cada463c0
SSDEEP

6144:g9QdhFNCvUyYJBmy1g6mVX3laEEG4ztKhtjJ5DWMn:g9Qdz2McOPmVX3la64tKP/W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c731d7f58e8560c36f2cfcf9062c7ad_JaffaCakes118

Files

2c731d7f58e8560c36f2cfcf9062c7ad_JaffaCakes118
.exe windows:4 windows x86 arch:x86

39c5df965369d9a320360ed241f6eab6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTapePosition
CreateFileMappingW
GlobalFindAtomW
UnhandledExceptionFilter
ClearCommError
SetFileAttributesA
InterlockedIncrement
SetThreadExecutionState
WriteConsoleOutputW
lstrcpyA
OpenEventA
CancelIo
FillConsoleOutputCharacterA
GetSystemDefaultLangID
UpdateResourceA
GetFileType
GetLogicalDriveStringsA
GetTapeParameters
ExpandEnvironmentStringsW
FillConsoleOutputAttribute
GetConsoleTitleA
SetCurrentDirectoryW
HeapAlloc
WriteConsoleInputA
GlobalReAlloc
BackupSeek
VirtualUnlock
GetSystemTimeAdjustment
DefineDosDeviceA
IsDebuggerPresent
HeapValidate
WriteProcessMemory
SetCommState
WaitCommEvent
InterlockedExchangeAdd
GetProcessAffinityMask
lstrlenW
SetConsoleTextAttribute
GetVersionExA
SetEndOfFile
IsDBCSLeadByte
GetEnvironmentStringsW
SuspendThread
SetCurrentDirectoryA
EnterCriticalSection
GlobalMemoryStatus
ExpandEnvironmentStringsA
LeaveCriticalSection
LocalAlloc
GetCommandLineA
lstrlenA
VirtualProtect
GlobalFlags
ExitProcess

user32

SetWindowContextHelpId
PtInRect
GetWindowContextHelpId
GetClassLongA
UnionRect
SetRect
GetMenuItemInfoW
LoadStringW
GetTopWindow
EnumWindowStationsW
SetMenuItemInfoW
SetWindowPos
CreateIconIndirect
GetSubMenu
CheckRadioButton
InvertRect
CharPrevW
DrawCaption
SetWindowLongA
GetDesktopWindow
OpenClipboard
DrawIcon
AppendMenuA
MapVirtualKeyExW
GetMenuItemID
TrackPopupMenu
CreateIcon
DefMDIChildProcW
EnumDesktopsA
SetSysColors
ShowCaret
AdjustWindowRect
DestroyMenu

gdi32

AddFontResourceW
CopyEnhMetaFileA

comdlg32

ReplaceTextA
ChooseColorW
GetFileTitleW

advapi32

AddAccessDeniedAce
GetServiceDisplayNameA
CryptGetKeyParam
ControlService
CryptExportKey
RegDeleteKeyA
GetSecurityDescriptorGroup
MapGenericMask
SetServiceObjectSecurity

shell32

SHGetPathFromIDListA
DragQueryFileW
SHFileOperationA
FindExecutableA
ExtractIconExA
ShellExecuteExA

ole32

CoSwitchCallContext
ReleaseStgMedium
OleDestroyMenuDescriptor
WriteClassStm
CoGetObject
CoResumeClassObjects
CoAddRefServerProcess
CoReleaseMarshalData
CoRevokeClassObject

oleaut32

SafeArrayGetLBound
VariantCopyInd

comctl32

ImageList_Duplicate

shlwapi

StrCatBuffW
PathStripPathW

setupapi

SetupFindFirstLineW
SetupPromptReboot

Sections

.text
Size: 296KB - Virtual size: 294KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

39c5df965369d9a320360ed241f6eab6

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

setupapi

Sections

.text Size: 296KB - Virtual size: 294KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 8KB

.text
Size: 296KB - Virtual size: 294KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 8KB