2cbc85b51234691f0023b98c752401f2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2cbc85b51234691f0023b98c752401f2_JaffaCakes118
Size

668KB
MD5

2cbc85b51234691f0023b98c752401f2
SHA1

0acb940307739a960c0c94a560e249766d105857
SHA256

cc08408fa14be84706dea8618aecee8cbf43b5f599f22633098617d13b6cd764
SHA512

00fa3ef8cbd0319d9fe1675aa2ad7e1e8294d10532e3d7b0cbdcabd8dbbb9e5f2a60388dad2a9a8871bf6f31906b89d5795add6a07710fc3e430f48b21a2774d
SSDEEP

12288:sMN40f21MkkZ4JldP5RMsNIt5qvJmqn6BiWTLj01YgvVv:sMNNfN4z95RM6weQ+6oM01BvVv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2cbc85b51234691f0023b98c752401f2_JaffaCakes118

Files

2cbc85b51234691f0023b98c752401f2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e8a3e14505877cfb1aac3249d67c8565

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_Add
ImageList_Create

comdlg32

GetOpenFileNameA

kernel32

QueryPerformanceCounter
QueryPerformanceFrequency
GetCurrentProcess
GetCurrentThread
SetFileTime
GetFileTime
WriteFile
ReadFile
SetVolumeLabelA
_lwrite
_llseek
_lread
DeleteCriticalSection
FreeLibrary
LeaveCriticalSection
EnterCriticalSection
GetProcAddress
LoadLibraryA
GetModuleHandleA
GetTickCount
GetStartupInfoA
GetProcessWorkingSetSize
GetProcessTimes
GetThreadTimes
GlobalMemoryStatus
GetProcessHeap
GetCurrentThreadId
InitializeCriticalSection
HeapValidate
IsBadReadPtr
InterlockedIncrement
InterlockedDecrement
ExitProcess
GetFileAttributesA
GetSystemTimeAsFileTime
ResumeThread
CreateThread
ExitThread
GetCommandLineA
HeapFree
HeapAlloc
FatalAppExitA
GetModuleFileNameW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetFilePointerEx
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
GetACP
GetOEMCP
GetCPInfo
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetHandleCount
GetStdHandle
GetFileType
RtlUnwind
LCMapStringA
LCMapStringW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
DebugBreak
OutputDebugStringA
WriteConsoleW
OutputDebugStringW
LoadLibraryW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetStdHandle
FlushFileBuffers
GetConsoleCP
GetConsoleMode
SetFilePointer
WriteConsoleA
GetConsoleOutputCP
RaiseException
SetEndOfFile
CreateFileA
CloseHandle
FindFirstFileA
FindClose
QueryDosDeviceA
SetLastError
GetVersionExA
CreateMutexA
MultiByteToWideChar
WideCharToMultiByte
GetLastError
FormatMessageA
LocalFree
GetCurrentProcessId
DefineDosDeviceA
VirtualUnlock
VirtualLock
CopyFileA
Sleep
FileTimeToSystemTime
GetDateFormatA
GetTimeFormatA
GetLocalTime
SystemTimeToFileTime
DeviceIoControl
GetLogicalDrives
GetCurrentDirectoryA
GetModuleFileNameA
GetSystemDirectoryA
CreateDirectoryA
HeapReAlloc

user32

EnumWindows
GetKeyState
SendMessageTimeoutA
UnregisterClassA
AppendMenuA
GetSystemMenu
UnhookWindowsHookEx
CallNextHookEx
GetCaretPos
GetQueueStatus
GetProcessWindowStation
GetOpenClipboardWindow
GetMessageTime
GetMessagePos
GetInputState
GetFocus
GetDesktopWindow
GetClipboardViewer
GetClipboardOwner
GetCapture
GetActiveWindow
SetWindowsHookExA
LoadStringA
LoadIconA
GetClassNameA
ShowWindow
GetAsyncKeyState
PostMessageA
GetSubMenu
SetMenuDefaultItem
GetCursorPos
SetForegroundWindow
TrackPopupMenu
GetMenuItemID
MessageBeep
LoadBitmapA
GetWindowTextLengthA
GetMenu
EnableMenuItem
SetDlgItemTextA
GetDlgItemTextA
SendDlgItemMessageA
SetFocus
DialogBoxParamA
SetWindowTextA
EndDialog
GetParent
GetWindowTextA
EnableWindow
SendMessageA
GetDlgItem
MessageBoxA
FindWindowExA
SystemParametersInfoA
EnumChildWindows
GetClassInfoA
RegisterClassA
FindWindowA
LoadCursorA
SetCursor
DefDlgProcA
LoadMenuA
GetDC

gdi32

CreateFontIndirectA
GetDeviceCaps
DeleteObject

advapi32

CreateServiceA
CryptAcquireContextA
RegOpenKeyExA
RegCreateKeyExA
RegQueryValueExA
RegCloseKey
CryptGenRandom
CryptReleaseContext
DeleteService
StartServiceA
CloseServiceHandle
RegSetValueExA
OpenSCManagerA
ControlService
QueryServiceStatus
OpenServiceA

shell32

SHBrowseForFolderA
SHGetPathFromIDListA
Shell_NotifyIconA
DragAcceptFiles
DragQueryFileA
DragFinish
ShellExecuteA
SHGetFileInfoA
SHChangeNotify
SHGetMalloc

Sections

.text
Size: 284KB - Virtual size: 283KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 68KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 292KB - Virtual size: 332KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e8a3e14505877cfb1aac3249d67c8565

Headers

File Characteristics

Imports

comctl32

comdlg32

kernel32

user32

gdi32

advapi32

shell32

Sections

.text Size: 284KB - Virtual size: 283KB

.rdata Size: 68KB - Virtual size: 67KB

.data Size: 20KB - Virtual size: 46KB

.rsrc Size: 292KB - Virtual size: 332KB

.text
Size: 284KB - Virtual size: 283KB

.rdata
Size: 68KB - Virtual size: 67KB

.data
Size: 20KB - Virtual size: 46KB

.rsrc
Size: 292KB - Virtual size: 332KB