2cb66aaa3588c2b916c9dfa09640feea_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2cb66aaa3588c2b916c9dfa09640feea_JaffaCakes118
Size

524KB
MD5

2cb66aaa3588c2b916c9dfa09640feea
SHA1

840b629d94eedac0f656d1dd9b5baf0c06b24eb3
SHA256

027c2eb45f4e2f2f92e1b7982b6bd52b98232ce6559f021c15566839b84e2bb9
SHA512

2380868fb3a3e21c503aea74018aaa755a7f284cf3415b0db092986153dc424846ab5b1f0ae43975308f938e0a55dc7fb268c091351112fd3dfe8c62a5c3b4a3
SSDEEP

12288:asP8kygytWEQ+B1C5OXb+toF54n2CHsR6YUef+jky/uoYMMnMMMMMT:aYyg3svXak53qs0YUeBy/iMMnMMMMMT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2cb66aaa3588c2b916c9dfa09640feea_JaffaCakes118

Files

2cb66aaa3588c2b916c9dfa09640feea_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8cde56263f61b6faf6fe31e3db415ca2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegOpenKeyExW
RegQueryValueExW
RegDeleteKeyW
RegCloseKey
RegCreateKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegEnumKeyExW

gdi32

GetPaletteEntries
CreateSolidBrush
SelectObject
SetPixel
GetPixel
DeleteDC
GetObjectW
DeleteObject
CreateCompatibleBitmap
BitBlt
GetDeviceCaps
StretchBlt
CreateCompatibleDC
SetStretchBltMode
SetTextColor
CreateDIBSection
SetBkColor

ntdll

NtQuerySystemEnvironmentValueEx
RtlAdjustPrivilege
RtlAddAccessAllowedObjectAce
NtQuerySemaphore

ddraw

DirectDrawCreate

rtutils

TraceDumpExA

user32

FillRect
IsCharAlphaNumericW
RegisterClassW
MsgWaitForMultipleObjects
CopyRect
CreateWindowExW
IsCharAlphaW
DispatchMessageW
LoadStringW
GetDC
DefWindowProcW
PeekMessageW
SystemParametersInfoW
ReleaseDC
CharUpperW
LoadImageW
EqualRect
RegisterClassExW
GetWindowLongW
KillTimer
SetWindowLongW
IntersectRect
ReleaseCapture
TranslateMessage
SetRect
PostMessageW
SetRectEmpty
SetTimer
GetSystemMetrics
DestroyWindow
MapWindowPoints

kernel32

SetFilePointer
HeapReAlloc
GetSystemInfo
GetModuleFileNameW
WaitForSingleObjectEx
GlobalFree
SetEvent
GetSystemTimeAsFileTime
GlobalSize
GetProcessHeap
HeapAlloc
GetVersionExW
FreeLibrary
QueryPerformanceCounter
CloseHandle
InterlockedExchange
WaitForMultipleObjectsEx
GetProcAddress
InterlockedDecrement
GetCurrentProcessId
lstrlenA
GetTickCount
WriteFile
RtlUnwind
GetCurrentProcess
SetUnhandledExceptionFilter
InitializeCriticalSection
GetSystemTime
GlobalLock
GetLocalTime
TerminateProcess
CompareStringW
GlobalHandle
VirtualAlloc
GetUserDefaultLCID
GetTimeZoneInformation
GetModuleHandleW
MultiByteToWideChar
CreateThread
InterlockedIncrement
InterlockedCompareExchange
GlobalAlloc
UnhandledExceptionFilter
CreateFileW
Sleep
LoadLibraryW
HeapFree
FreeLibraryAndExitThread
GetLastError
lstrcmpiW
VirtualProtect
GetModuleHandleExW
VirtualQuery
GetFileSize
HeapDestroy
ReadFile
DeleteCriticalSection
GlobalReAlloc
GetCurrentThreadId
EnterCriticalSection
lstrlenW
DisableThreadLibraryCalls
GetVersion
LeaveCriticalSection
SystemTimeToFileTime
CreateEventW
GlobalUnlock

ole32

CoInitializeEx
CoGetInterfaceAndReleaseStream
CoTaskMemFree
OleRun
CoMarshalInterThreadInterfaceInStream
CoUninitialize
StringFromGUID2
CoCreateInstance
StringFromCLSID
CoTaskMemAlloc
CLSIDFromString

Sections

.text
Size: 476KB - Virtual size: 475KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8cde56263f61b6faf6fe31e3db415ca2

Headers

File Characteristics

Imports

advapi32

gdi32

ntdll

ddraw

rtutils

user32

kernel32

ole32

Sections

.text Size: 476KB - Virtual size: 475KB

.data Size: 5KB - Virtual size: 1.9MB

.rsrc Size: 33KB - Virtual size: 33KB

.rdata Size: 5KB - Virtual size: 4KB

.idata Size: 4KB - Virtual size: 3KB

.text
Size: 476KB - Virtual size: 475KB

.data
Size: 5KB - Virtual size: 1.9MB

.rsrc
Size: 33KB - Virtual size: 33KB

.rdata
Size: 5KB - Virtual size: 4KB

.idata
Size: 4KB - Virtual size: 3KB