2cbb7a3b7f971a69d4111e4f0fe827e3_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2cbb7a3b7f971a69d4111e4f0fe827e3_JaffaCakes118
Size

336KB
MD5

2cbb7a3b7f971a69d4111e4f0fe827e3
SHA1

78f2898455b7519c6b3569f37f659a5f07c9acee
SHA256

ef01c963d0c124d636e5fd5889dee6bcf860e42c6686985350e714baa9618fef
SHA512

2e3b3f21638add60de975258e7a761364a2b6f853760f1d19faa17ab07169a99f9da32d03898e948b716165649e269caf867cd1457c1d2c0222e9cad4708bfbe
SSDEEP

6144:m2gzJ0XLIiqy2x2p1920g6RDHwyFhofoOABt2QemJN:c2XLIvIT9Vg6RMe4o7BErm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2cbb7a3b7f971a69d4111e4f0fe827e3_JaffaCakes118

Files

2cbb7a3b7f971a69d4111e4f0fe827e3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7ab4374c3999a83acb4222b7272e8ea2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

DeleteCriticalSection
GetConsoleCP
LoadLibraryW
FindResourceA
ReadFileScatter
GetSystemInfo
CallNamedPipeA
UnlockFileEx
lstrcmpiW
GetConsoleTitleW
lstrcmpiA
GlobalReAlloc
LoadLibraryExA
lstrlenW
LocalAlloc
GetProfileIntW
GetSystemDirectoryW
InitializeCriticalSection
SetTapePosition
WaitForSingleObjectEx
GetPrivateProfileIntA
GetThreadPriority
SetVolumeLabelW
WritePrivateProfileStructA
GetStdHandle
GetEnvironmentVariableW
RemoveDirectoryW
FindResourceExW
HeapFree
DeleteFileA
PrepareTape
CreateWaitableTimerA
ConvertThreadToFiber
SwitchToFiber
CompareFileTime
GetVolumeInformationW
OutputDebugStringW
FreeEnvironmentStringsA
GetSystemDirectoryA
GetThreadLocale
GetPrivateProfileSectionW
WritePrivateProfileStringW
ExitThread
WriteConsoleW
GlobalFindAtomA
VirtualAllocEx
FindClose
GlobalFindAtomW
CompareStringW
MulDiv
SystemTimeToFileTime
HeapDestroy
OutputDebugStringA
CreateSemaphoreA
MoveFileW
LeaveCriticalSection
GetSystemDefaultLCID
OpenEventW
CreateWaitableTimerW
TlsFree
SetStdHandle
FindFirstFileA
SetEnvironmentVariableA
_lread
OpenFileMappingW
WriteFileEx
OpenMutexW
GetProfileStringA
SetCommTimeouts
GetLongPathNameW
GetAtomNameA
SetCommState
WritePrivateProfileSectionW
GetComputerNameA
GetThreadSelectorEntry
EnumResourceLanguagesA
QueryPerformanceFrequency
SetProcessWorkingSetSize
LoadLibraryExW
_lwrite
GlobalUnlock
CreateDirectoryExA
CreateNamedPipeW
IsDBCSLeadByteEx
GetOverlappedResult
VirtualProtect
GetVersionExA
QueryPerformanceCounter
HeapReAlloc
SetCurrentDirectoryA
IsBadWritePtr
WriteTapemark
AddAtomW
ClearCommError
FlushFileBuffers
SetProcessShutdownParameters
OpenSemaphoreW
SetWaitableTimer
MoveFileExA
GetPrivateProfileSectionNamesA
lstrcmpA
GetTapeParameters
GetExitCodeProcess
InterlockedExchange
CreateNamedPipeA
GetProcessTimes
IsBadReadPtr
GetCommandLineA
VirtualAlloc
ExitProcess

user32

ShowOwnedPopups
ExcludeUpdateRgn
ScrollDC
BroadcastSystemMessageA
ValidateRgn
SetKeyboardState
GetDlgItemInt
TileWindows
TrackPopupMenuEx
ValidateRect
GetWindow
WaitForInputIdle
IsDlgButtonChecked
AdjustWindowRectEx
RemoveMenu
MessageBoxExA
SendNotifyMessageA
CallWindowProcA
EndDialog
SendMessageA
GetWindowInfo
IsWindowUnicode
CreateWindowStationW
GetMonitorInfoA
GetMessageA
UnhookWinEvent
SwapMouseButton
GetFocus
ChangeDisplaySettingsA
InternalGetWindowText
ReleaseDC
SetParent
GetScrollRange
UnregisterClassA
GetProcessWindowStation
DefMDIChildProcA
OpenDesktopW
SystemParametersInfoA
ToUnicode
EnableMenuItem
RegisterClassExA
DialogBoxParamA
GetKeyboardLayoutNameW
SetDlgItemTextA
LoadMenuW
GetClassLongA
EnumChildWindows
WindowFromDC

gdi32

Pie
EndPath
LineTo
GetTextFaceW

advapi32

InitializeAcl
AbortSystemShutdownW
SetTokenInformation
AddAce
GetExplicitEntriesFromAclW
ObjectCloseAuditAlarmA
EnumDependentServicesA
GetSecurityInfo
LookupAccountSidW
LookupPrivilegeValueA
AccessCheckAndAuditAlarmW
LookupAccountSidA
GetTokenInformation
RegNotifyChangeKeyValue
NotifyBootConfigStatus

shell32

SHGetSpecialFolderPathA
SHGetMalloc
SHLoadInProc

ole32

CoUninitialize
StgIsStorageFile
CoSuspendClassObjects
CoFileTimeNow

oleaut32

SafeArrayCreateVector
LoadTypeLibEx
SafeArrayGetUBound
SysStringLen
SafeArrayCreate
SysAllocStringLen
VariantChangeTypeEx
RegisterTypeLi
GetActiveObject
SafeArrayPtrOfIndex

comctl32

ImageList_SetBkColor

shlwapi

PathAppendA
PathIsDirectoryW
PathFindFileNameW
PathStripPathA
PathRemoveBlanksW
PathFileExistsW
SHGetValueW

setupapi

SetupDiGetClassDescriptionW
SetupIterateCabinetA
SetupDefaultQueueCallbackA
SetupFindFirstLineW
SetupDiSetSelectedDevice
SetupInstallServicesFromInfSectionA
SetupDiDestroyDriverInfoList
SetupDiCreateDeviceInfoList

Sections

.text
Size: 300KB - Virtual size: 298KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7ab4374c3999a83acb4222b7272e8ea2

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

setupapi

Sections

.text Size: 300KB - Virtual size: 298KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 24KB - Virtual size: 20KB

.text
Size: 300KB - Virtual size: 298KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 24KB - Virtual size: 20KB