2ca6999f172aaca1f54ef9ce384a5bfa_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2ca6999f172aaca1f54ef9ce384a5bfa_JaffaCakes118
Size

172KB
MD5

2ca6999f172aaca1f54ef9ce384a5bfa
SHA1

43b4cea9019a5cefae4a3c75de85bb48cefe6fa8
SHA256

21d600c1cb0ebdf172be2cbddd9a976649a3e0703c807d25d19089f234cb15eb
SHA512

75c2eb7af746dd98dcc374b9c0398717019322bf4182400a6c7605a5e9e7c71a068d95726f1e3deeec2ec3a2ff441f3cd6c7c24fbc4bb8def392e257fdea6cf5
SSDEEP

3072:C/odMW8DU21UJq5PW4UKIBmFGqIEXsSid7kY4qXlr8UmmnlYNqsmVJwTI8OIpTnq:C+yDU25gQaXyU1SQYUhIpTnq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ca6999f172aaca1f54ef9ce384a5bfa_JaffaCakes118

Files

2ca6999f172aaca1f54ef9ce384a5bfa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c3c00328f445e2b8fa7862dc089bca24

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetVersionExA
SetFileAttributesA
MoveFileA
GetModuleFileNameA
Sleep
SetFilePointer
CreateDirectoryA
CreateMutexA
CreateProcessA
ReadFile
UnmapViewOfFile
GetTempPathA
GetTempFileNameA
WriteFile
LoadLibraryA
GetProcAddress
DeleteFileA
GetLastError
FormatMessageA
FlushFileBuffers
SetFileTime
FreeLibrary
SetCurrentDirectoryA
CreateFileMappingA
MapViewOfFile
GetStartupInfoA
GetModuleHandleA
GlobalAlloc
CloseHandle
GlobalLock
GlobalUnlock
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
TlsSetValue
HeapAlloc
TlsFree
HeapDestroy
TlsGetValue
HeapFree
HeapCreate
TlsAlloc
GetSystemDirectoryA
CreateFileA
GetSystemDefaultLangID
GetFileSize
GlobalSize
GetTickCount
WaitForSingleObject
GetEnvironmentVariableA
GetFileAttributesA
SetEnvironmentVariableA

user32

GetWindowRect
IsWindow
CopyRect
SetCursorPos
TranslateMessage
PeekMessageA
ShowWindow
PostMessageA
FindWindowA
MessageBoxA
DefWindowProcA
PostQuitMessage
UpdateWindow
CreateWindowExA
SystemParametersInfoA
RegisterClassA
LoadCursorA
SetWindowRgn
TrackPopupMenu
ClientToScreen
SetCapture
SetWindowPos
SetCursor
InvalidateRect
WindowFromPoint
GetCursorPos
SetActiveWindow
IsIconic
EndPaint
BeginPaint
ReleaseCapture
GetSubMenu
LoadMenuA
DestroyMenu
GetWindowLongA
PtInRect
LoadIconA
SetClipboardData
SetWindowLongA
EmptyClipboard
SendMessageTimeoutA
GetClientRect
SendMessageA
IsWindowVisible
GetKeyState
GetCaretBlinkTime
CloseClipboard
GetClipboardData
OpenClipboard
MsgWaitForMultipleObjects
DestroyWindow
DispatchMessageA
wsprintfA

gdi32

SetDIBitsToDevice
CombineRgn
GetStockObject
SetBkMode
GetPixel
SetPixel
TextOutA
SetTextColor
ExtTextOutA
DeleteObject
CreateFontIndirectA
CreateRectRgn
GetTextExtentPoint32A
RestoreDC
SetTextAlign
SelectObject
SaveDC
GetTextExtentPointA
SetTextCharacterExtra
OffsetRgn
PtInRegion
GetTextExtentExPointA

advapi32

RegSetValueExA
RegCloseKey
RegOpenKeyExA
RegCreateKeyExA

ole32

CoUninitialize
CoInitialize

ws2_32

shutdown
recv
WSAAsyncSelect
WSAGetLastError
inet_addr
connect
WSAAsyncGetHostByName
htons
setsockopt
socket
send
WSACleanup
WSAStartup
closesocket
getsockopt

imm32

ImmGetContext
ImmSetCompositionFontA
ImmSetCompositionWindow
ImmReleaseContext

ddraw

DirectDrawCreate

msvcrt

exit
_acmdln
_XcptFilter
_initterm
_purecall
_exit
__p__commode
__p__fmode
__set_app_type
_controlfp
calloc
rand
atoi
_except_handler3
__CxxFrameHandler
malloc
strncmp
__setusermatherr
free
_adjust_fdiv
__getmainargs

Sections

.text
Size: 132KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

WtoCopy
Size: 4KB - Virtual size: 216B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

CommSeg
Size: 4KB - Virtual size: 83B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c3c00328f445e2b8fa7862dc089bca24

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

ws2_32

imm32

ddraw

msvcrt

Sections

.text Size: 132KB - Virtual size: 128KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 8KB - Virtual size: 10KB

WtoCopy Size: 4KB - Virtual size: 216B

CommSeg Size: 4KB - Virtual size: 83B

.rsrc Size: 8KB - Virtual size: 6KB

.text
Size: 132KB - Virtual size: 128KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 8KB - Virtual size: 10KB

WtoCopy
Size: 4KB - Virtual size: 216B

CommSeg
Size: 4KB - Virtual size: 83B

.rsrc
Size: 8KB - Virtual size: 6KB