2c8a857e043d93516481d059d1a045e1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2c8a857e043d93516481d059d1a045e1_JaffaCakes118
Size

328KB
MD5

2c8a857e043d93516481d059d1a045e1
SHA1

ef099095eb2e9e86885e54d4bfb22283385f396f
SHA256

8993b52f687160265ec761bf8f293d806df4e19b9245576871b348b077bda7ef
SHA512

3665530090463a69e8d8f69b0aa85de771ba1cfb8f91d46722d5d9ac076b4d271ad6cf8c1e281d098ed64f89a4b14ff35171191a52c1c27dcc33019f09ecc958
SSDEEP

6144:MQW+aSRJH9oYGeWkUC5vSAoFgqfdViMjb0cEmfbhTxQTn7wmBCAs2EYz:M5+Tdr4kpSNfriMPDEmNNk7whcz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c8a857e043d93516481d059d1a045e1_JaffaCakes118

Files

2c8a857e043d93516481d059d1a045e1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6642ef9e365ffb58f37a201ae1d979c9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileAttributesW
SetThreadAffinityMask
WaitNamedPipeW
SetConsoleCtrlHandler
CreateDirectoryExW
WriteConsoleW
GetSystemInfo
IsProcessorFeaturePresent
GetVolumeInformationW
GetCurrentProcessId
GetOverlappedResult
QueryPerformanceCounter
WritePrivateProfileSectionW
IsValidCodePage
OpenFile
TryEnterCriticalSection
lstrcatW
FreeLibraryAndExitThread
IsBadStringPtrW
InterlockedCompareExchange
GetProcessVersion
LocalFree
InterlockedExchange
GetStartupInfoW
WritePrivateProfileSectionA
EscapeCommFunction
UnlockFile
EnumSystemCodePagesW
FindNextFileW
SetConsoleCursorPosition
CreateDirectoryA
GetUserDefaultLCID
SetProcessWorkingSetSize
GetLocaleInfoA
ClearCommBreak
AllocConsole
SetCurrentDirectoryA
PeekConsoleInputW
SystemTimeToFileTime
SetEndOfFile
GetCommModemStatus
GetPrivateProfileSectionA
GlobalAddAtomA
ReadConsoleOutputA
GetStringTypeExW
OpenSemaphoreA
WriteConsoleInputW
QueryPerformanceFrequency
IsDebuggerPresent
GetCPInfo
VirtualFree
EnumResourceNamesA
WriteConsoleOutputW
ConnectNamedPipe
FindFirstChangeNotificationA
CopyFileW
SetThreadLocale
GetConsoleCP
GetQueuedCompletionStatus
GetStringTypeExA
GetConsoleCursorInfo
GetProfileIntW
CreateMutexA
GetDiskFreeSpaceA
GetComputerNameW
GetVersionExA
GetNamedPipeInfo
FileTimeToSystemTime
TlsAlloc
_lopen
EnumResourceLanguagesW
GetThreadPriority
WaitForMultipleObjectsEx
HeapSize
GetComputerNameA
GetHandleInformation
GetBinaryTypeW
GetCommandLineA
SetConsoleMode
EnumResourceLanguagesA
CreateDirectoryW
SetTapePosition
LocalUnlock
FindFirstChangeNotificationW
ReadConsoleW
GetThreadLocale
SetConsoleTitleA
LocalFileTimeToFileTime
FillConsoleOutputCharacterW
ResetEvent
GetPrivateProfileStringA
GetProfileIntA
MoveFileExW
GlobalSize
EndUpdateResourceA
SetCommBreak
EnumResourceTypesA
LoadLibraryW
ReadProcessMemory
VirtualProtect
GetEnvironmentVariableA
ExitProcess

user32

EndPaint
EnumDesktopsA
CreateMenu
DefFrameProcA
LoadCursorA
EnumThreadWindows
BroadcastSystemMessageA
TabbedTextOutW
ShowWindowAsync
CreateWindowStationW
ShowWindow
LoadMenuIndirectW
InternalGetWindowText
ShowCursor
WindowFromPoint
MapDialogRect
DefWindowProcW
MessageBoxExA
GetClipboardFormatNameA
PeekMessageA
DrawCaption
DrawStateA
OemToCharBuffW
DeferWindowPos
ValidateRect
FindWindowW
CreateIcon
GetInputState
IsIconic
SetFocus
SetSysColors
SetRectEmpty
InvertRect
GetMenu
GetClipboardFormatNameW
GetClientRect
MapWindowPoints
IsDialogMessageW
BeginDeferWindowPos
IsWindow
GetTopWindow
IsChild
LoadBitmapA
OemToCharBuffA
SendMessageTimeoutW
GetWindowWord
NotifyWinEvent
RegisterClassExA
IsClipboardFormatAvailable
SetActiveWindow
DispatchMessageA
SetWindowLongW
SetKeyboardState
CopyAcceleratorTableA
DefWindowProcA
CheckRadioButton
GetClassLongW
AttachThreadInput
RegisterClassW
SetCursor
SetDlgItemInt

gdi32

CreateBitmapIndirect
GetBitmapBits
TranslateCharsetInfo
GetTextExtentPointW
GetObjectW
SetColorAdjustment
SaveDC
PolyPolyline
SetLayout
GetWindowExtEx
PatBlt
BitBlt
UpdateColors
DeleteDC
GetOutlineTextMetricsA
GetNearestColor
ScaleViewportExtEx
GetSystemPaletteUse
SetWindowExtEx

comdlg32

GetOpenFileNameW
FindTextW
ChooseColorA

advapi32

UnlockServiceDatabase
CryptGetProvParam
CreateServiceW
BuildSecurityDescriptorW
CryptImportKey
QueryServiceObjectSecurity
RegGetKeySecurity
DestroyPrivateObjectSecurity
RegQueryValueA
GetFileSecurityA
InitiateSystemShutdownW
MakeSelfRelativeSD

shell32

SHLoadInProc
ExtractAssociatedIconA

ole32

OleTranslateAccelerator
FreePropVariantArray
OleLoad
GetHGlobalFromStream
OleCreateLink
BindMoniker

oleaut32

SysStringLen
SysReAllocStringLen
GetActiveObject
VariantCopy
DispGetIDsOfNames

comctl32

DestroyPropertySheetPage
CreateToolbarEx

shlwapi

PathCompactPathExW
PathQuoteSpacesA
UrlGetPartW
PathStripToRootW

setupapi

SetupDiGetClassDevsExW
SetupDiDestroyDeviceInfoList
SetupDiOpenDeviceInterfaceW
SetupLogErrorA
SetupDiGetINFClassA
SetupCommitFileQueueA
SetupGetStringFieldA
SetupCloseFileQueue
SetupOpenInfFileW
SetupScanFileQueueA
SetupLogErrorW

Sections

.text
Size: 312KB - Virtual size: 309KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6642ef9e365ffb58f37a201ae1d979c9

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

setupapi

Sections

.text Size: 312KB - Virtual size: 309KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 4KB - Virtual size: 3KB

.text
Size: 312KB - Virtual size: 309KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 4KB - Virtual size: 3KB