2c9f42bb9a0761f1d8f85a2263808201_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2c9f42bb9a0761f1d8f85a2263808201_JaffaCakes118
Size

6.5MB
MD5

2c9f42bb9a0761f1d8f85a2263808201
SHA1

3664755e37d41d500996e375892f381182e37049
SHA256

1e8b18eacd879fab6e63b68b379a962edf2fc52682c8bf1c52e6cd12f3ce3b2b
SHA512

593b07b3dbd1914800a00fa37916c2f9bbde2f8bf9f66ed5926fd7151cfe74601ea47b28a8f96f3f138858f4fd1c11a8354aea02512e6ae1004537ac7902d0c0
SSDEEP

98304:O46EhzKEEDdghsxO5PA48d8j/o+5b5WGK+chNl3n9sw7WIeTN3AaPAqw2y2:OrGKEm2sxO5PLASA+J5Wz37WhVYqxy2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c9f42bb9a0761f1d8f85a2263808201_JaffaCakes118

Files

2c9f42bb9a0761f1d8f85a2263808201_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ea59cbe3650605d330321f2128488763

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalFileTimeToFileTime
IsDBCSLeadByteEx
SetConsoleMode
FlushFileBuffers
AllocConsole
Beep
ExitProcess
WriteFile
GetCommState
VirtualProtect
SystemTimeToFileTime
GetTempFileNameA
SetTimeZoneInformation
ConnectNamedPipe
SetThreadAffinityMask
FindFirstFileA
SetThreadLocale
IsBadReadPtr
DeleteCriticalSection
TryEnterCriticalSection
CreateDirectoryExA
VirtualUnlock
GlobalAddAtomA
InitializeCriticalSection
WritePrivateProfileStringA
AreFileApisANSI
GetShortPathNameA

user32

TrackPopupMenuEx
ChangeMenuW
CreateAcceleratorTableW
LoadKeyboardLayoutW
SetUserObjectInformationW
EnumWindows
ShowCaret
GetParent
BeginDeferWindowPos
OpenDesktopA
SetMenuInfo
LoadMenuW
wvsprintfW
GetAncestor
CreateDialogIndirectParamW
ScrollWindow
AppendMenuA
CloseDesktop
DispatchMessageW
FillRect
mouse_event
CreateDialogParamA
GetAsyncKeyState
ArrangeIconicWindows
GetMessageW
GetWindowTextW
MenuItemFromPoint
AdjustWindowRect
DefMDIChildProcW
GetTopWindow
InvertRect
GetWindowRect
MessageBeep
InsertMenuItemW
CreateWindowExA

gdi32

SelectObject
CreateHatchBrush
PtVisible
GetCharacterPlacementW
EnumFontFamiliesA
ExcludeClipRect
WidenPath
GetStretchBltMode
SetRectRgn
CreatePolygonRgn
SetBitmapBits
EnumFontFamiliesExA
PolylineTo

comdlg32

PageSetupDlgA
GetFileTitleA

advapi32

RevertToSelf
RegSaveKeyA
CryptSignHashW
LogonUserW
SetFileSecurityW
AddAccessDeniedAce
QueryServiceStatus
RegUnLoadKeyW
CryptReleaseContext
NotifyBootConfigStatus
RegOpenKeyA
GetNamedSecurityInfoW
GetAce
BuildTrusteeWithSidW
FreeSid
CryptGenKey
QueryServiceConfigA
GetPrivateObjectSecurity
GetSecurityDescriptorDacl
AddAccessAllowedAce
RegCreateKeyExA
RegQueryInfoKeyA
LookupPrivilegeNameA
RegisterServiceCtrlHandlerW
AbortSystemShutdownW
GetServiceDisplayNameA
RegEnumKeyW
RegQueryValueA
CryptDestroyKey
CryptGetProvParam
CryptGetUserKey
PrivilegeCheck
SetNamedSecurityInfoA
RegQueryValueExW
IsValidAcl
OpenSCManagerW

shell32

Shell_NotifyIconW

ole32

CoCreateInstance
OleLockRunning
CLSIDFromString
CoTaskMemRealloc
CoFileTimeNow

oleaut32

SafeArrayUnaccessData

comctl32

ImageList_Duplicate
CreatePropertySheetPageA
ImageList_ReplaceIcon

shlwapi

SHRegOpenUSKeyW
PathIsRootW
PathAddExtensionW
StrChrW
PathCanonicalizeA
PathFileExistsW
StrCpyNW
PathRemoveBackslashA
PathFindFileNameA
PathSkipRootW
AssocQueryStringW
SHRegGetUSValueW
SHSetValueW
PathStripPathA
UrlIsW
StrCmpNA
PathCombineW
PathIsRelativeA

msvcrt

isleadbyte
_mbsicmp
_splitpath
getchar
vprintf
_wctime
atol
_ltoa
localtime
fclose
_finite
_fcvt
isspace
putc
mktime
strtol
remove
iswspace
_dup2
_c_exit
_wopen
bsearch
abort
ceil
wcsspn

Sections

.text
Size: 8KB - Virtual size: 6.4MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6.4MB - Virtual size: 6.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ea59cbe3650605d330321f2128488763

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

msvcrt

Sections

.text Size: 8KB - Virtual size: 6.4MB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 6.4MB - Virtual size: 6.4MB

.rsrc Size: 68KB - Virtual size: 66KB

.text
Size: 8KB - Virtual size: 6.4MB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 6.4MB - Virtual size: 6.4MB

.rsrc
Size: 68KB - Virtual size: 66KB