2cb9a78f6cd7d587d63bfbe79a8da28a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2cb9a78f6cd7d587d63bfbe79a8da28a_JaffaCakes118
Size

1.0MB
MD5

2cb9a78f6cd7d587d63bfbe79a8da28a
SHA1

d1f7770d139afbc5e3e69e955efdde9e193d54d4
SHA256

3a49bb0dbafddbc6e11bb71e4d6fea62d83addbaa08153ad2034d97ce8e8e511
SHA512

449400cdd16f2ce0d5e7e9283f7a85e3ede8612b45192b1d4c5dd75b45aa01218ff0bcd5d8fac49dfe34ef81b77b26ff65c1caa84bdca1fc22665cf6e019fe83
SSDEEP

24576:eFenONlf91ZGWeZPjNZFlaGKA+P2hwpqgvJT/jvMbGw91w/T:6eOTxleZpZnLi2yJBT/jvMF91wr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2cb9a78f6cd7d587d63bfbe79a8da28a_JaffaCakes118

Files

2cb9a78f6cd7d587d63bfbe79a8da28a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

90563a6b5405786669953e1062e16010

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EnumDisplaySettingsW
RegisterClassA
CreateWindowExA
SwapMouseButton
CopyAcceleratorTableW
DefWindowProcW
DdeCmpStringHandles
DdeGetLastError
RegisterClassExA
MessageBoxA
DestroyWindow
ShowWindow

comctl32

ImageList_GetImageInfo
ImageList_GetDragImage
InitCommonControlsEx
CreateStatusWindowA
ImageList_LoadImageA
ImageList_SetImageCount
CreatePropertySheetPageA
ImageList_GetIconSize
CreateMappedBitmap
DrawStatusTextA

kernel32

FreeEnvironmentStringsW
TlsFree
RtlUnwind
LCMapStringA
GetFileType
CreateMutexA
InitializeCriticalSection
GetModuleFileNameW
SetFilePointer
GetEnvironmentStrings
DeleteCriticalSection
ResetEvent
FreeEnvironmentStringsA
HeapDestroy
LeaveCriticalSection
GetLastError
TlsSetValue
GetVersion
CopyFileA
GetStartupInfoA
GetCommandLineW
GetModuleFileNameA
CreateProcessW
SetStdHandle
VirtualFree
GetCPInfo
TlsAlloc
ReadFile
InterlockedExchange
LoadLibraryA
InterlockedDecrement
QueryPerformanceCounter
GetModuleHandleA
GetACP
TlsGetValue
TerminateProcess
ExitProcess
WritePrivateProfileSectionA
VirtualQuery
GetCurrentThreadId
GetTickCount
WriteFile
LCMapStringW
EnterCriticalSection
GetCurrentProcess
GetConsoleCP
IsBadWritePtr
GetProcAddress
WideCharToMultiByte
FindResourceA
FlushFileBuffers
GetVolumeInformationA
WriteProfileStringW
GetLocalTime
OpenMutexA
GlobalFix
GetCurrentThread
SetEnvironmentVariableA
WriteConsoleInputA
MultiByteToWideChar
lstrcmpiA
HeapFree
HeapReAlloc
GetCurrentProcessId
UnhandledExceptionFilter
InterlockedIncrement
CompareStringW
SetLastError
GetStringTypeW
GetStringTypeA
GetEnvironmentStringsW
GetSystemTime
CreateDirectoryW
CloseHandle
LocalSize
GetCommandLineA
CreateWaitableTimerW
SetCurrentDirectoryA
GetStdHandle
HeapAlloc
SetHandleCount
GetSystemTimeAsFileTime
VirtualAlloc
GetStartupInfoW
CompareStringA
EnumDateFormatsExA
VirtualQueryEx
GetTimeZoneInformation
HeapCreate

Sections

.text
Size: 125KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 242KB - Virtual size: 246KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 667KB - Virtual size: 663KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

90563a6b5405786669953e1062e16010

Headers

File Characteristics

Imports

user32

comctl32

kernel32

Sections

.text Size: 125KB - Virtual size: 125KB

.rdata Size: 242KB - Virtual size: 246KB

.data Size: 667KB - Virtual size: 663KB

.rsrc Size: 22KB - Virtual size: 22KB

.text
Size: 125KB - Virtual size: 125KB

.rdata
Size: 242KB - Virtual size: 246KB

.data
Size: 667KB - Virtual size: 663KB

.rsrc
Size: 22KB - Virtual size: 22KB