2ca1c75767675393c4c5c8fd281fcaa3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2ca1c75767675393c4c5c8fd281fcaa3_JaffaCakes118
Size

857KB
MD5

2ca1c75767675393c4c5c8fd281fcaa3
SHA1

be040999658982faef8f1f6d3da5a7721a0aa343
SHA256

4886c99c22f07c7239dd248bcfb0c8b0fafe26852df22bb94b80f712aa484c26
SHA512

3c3594d3071c770ac0f14501d9db7bbd502db89e42e3852cea52ec324fa081f5ba9648eb880501f0ad4d294adce913b37a906fbff9f63c5ce5b4553d88047e9c
SSDEEP

12288:hyV/7dYlTFlsdHOr1LDCgeKW1TV2scvj9XzZD33jlszX+mUUI4PqdiVAMU4:UVzdYK9O1tW1TAj9DpjlszXnHXqyFT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ca1c75767675393c4c5c8fd281fcaa3_JaffaCakes118

Files

2ca1c75767675393c4c5c8fd281fcaa3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

94261fdb12c226f36e9606f475caaec1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetPrivateProfileStringW
GetOverlappedResult
GetLogicalDriveStringsA
ExitProcess
LCMapStringA
IsBadWritePtr
CompareStringW
lstrcatW
SizeofResource
EndUpdateResourceA
GetDateFormatA
LocalAlloc

user32

InSendMessage
LoadKeyboardLayoutA
ShowCaret
SetScrollRange
CheckMenuItem
ValidateRect
SetWindowTextW
GetCaretPos
DestroyCaret
CreateWindowExA
SetUserObjectInformationW
UnhookWindowsHookEx
CharLowerW

advapi32

GetUserNameA
ImpersonateLoggedOnUser
RegLoadKeyW
LockServiceDatabase
OpenSCManagerW
RegOpenKeyExA
ReadEventLogW
RegOpenKeyW
ImpersonateSelf
RegUnLoadKeyW
RegOpenKeyA
RegDeleteKeyA
RegQueryValueExA
DestroyPrivateObjectSecurity
CreatePrivateObjectSecurity
BuildTrusteeWithNameW
RegCreateKeyExW
CryptExportKey
PrivilegeCheck
OpenServiceW
CryptSetKeyParam

shell32

FindExecutableA
FindExecutableW

comctl32

ImageList_Draw
ImageList_Merge
ImageList_Create
ImageList_DragMove

version

VerFindFileA

oleaut32

SysFreeString
SafeArrayPutElement

Sections

.text
Size: 2KB - Virtual size: 219KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 512B - Virtual size: 6B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 604KB - Virtual size: 603KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

94261fdb12c226f36e9606f475caaec1

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

comctl32

version

oleaut32

Sections

.text Size: 2KB - Virtual size: 219KB

.text Size: 512B - Virtual size: 6B

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 604KB - Virtual size: 603KB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 2KB - Virtual size: 219KB

.text
Size: 512B - Virtual size: 6B

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 604KB - Virtual size: 603KB

.rsrc
Size: 17KB - Virtual size: 16KB