2cd8d589fc0b31824609127861be2247_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2cd8d589fc0b31824609127861be2247_JaffaCakes118
Size

252KB
MD5

2cd8d589fc0b31824609127861be2247
SHA1

09d87626c4ce75301930dc939ab3f37a8991682c
SHA256

e606b4a746bad747e7074dbec2c1cefc9a514c465e0f766c84cf43f50cf34eba
SHA512

c8284f310a3b4cb2ee946fc0c6697a9fc81ccc93efc15c52ece897bdf6fa36ccaa970d96c9b0eb7ea0c206e8cfc799501dd4f15b8e5b3b800bbd68d05ec85e23
SSDEEP

6144:ouyX3N0kYVoSqMIQL9BAz5s7FqfQF+TznrvMqeAlrr3K:o53N7YSroGW71QHrmer3K

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2cd8d589fc0b31824609127861be2247_JaffaCakes118

Files

2cd8d589fc0b31824609127861be2247_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7c4e73c281347b3f817e044ce909d19a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteFile
MoveFileW
GetDriveTypeA
GetVersion
VirtualQuery
ReadConsoleInputW
GetSystemTimeAdjustment
GlobalFree
CompareStringA
FindFirstFileA
GetOverlappedResult
GetTapeStatus
GetCommandLineA
GetPrivateProfileStringW
WriteConsoleOutputCharacterA
GetACP
EnumResourceLanguagesW
ExitProcess
ScrollConsoleScreenBufferA
CreatePipe
WritePrivateProfileStringW
CreateDirectoryA
OpenMutexA
GetThreadContext
GetShortPathNameA
CreateMutexW
InitializeCriticalSection
VirtualLock
IsValidLocale
GetUserDefaultLCID
FreeLibrary
FillConsoleOutputCharacterA
SetProcessAffinityMask
OpenFile
RemoveDirectoryW
SystemTimeToFileTime
GetProcessHeap
GetEnvironmentVariableW
GetBinaryTypeW
GetSystemDefaultLangID
GlobalGetAtomNameW
GetFileType
GetTickCount
SetVolumeLabelA
GetUserDefaultLangID
GetShortPathNameW
GetDiskFreeSpaceExA
LoadLibraryExW
GetCompressedFileSizeW
GetSystemInfo
FindNextChangeNotification
SetupComm
SetErrorMode
DosDateTimeToFileTime
lstrcpyA
PurgeComm
VirtualUnlock
PeekConsoleInputW
TryEnterCriticalSection
ReadFileScatter
ClearCommBreak
SetEnvironmentVariableW
GetTapeParameters
OutputDebugStringA
FreeLibraryAndExitThread
GetProfileStringA
GetSystemDirectoryW
CloseHandle
GetVersionExA
lstrlenA
VirtualAlloc
SetStdHandle

user32

MapVirtualKeyW
MessageBoxIndirectW
InsertMenuA
GetMessagePos
ExitWindowsEx
SetScrollInfo
LoadMenuW
GetWindowTextLengthA
EmptyClipboard
NotifyWinEvent
GetMessageTime
SetWindowLongA
SetPropA
GetCapture
LoadMenuA
ClipCursor
CheckMenuItem
GetKeyboardState
GetParent
keybd_event
GetScrollRange
MoveWindow
EnumDisplaySettingsA
SetActiveWindow
EnumDisplaySettingsExW
AdjustWindowRectEx
HideCaret
CheckDlgButton
GetClassLongW
SetClassLongA
ChangeDisplaySettingsA
CreateDesktopA
ReleaseDC
CharNextW
TrackMouseEvent
DrawEdge
EnumDisplayDevicesW
SendDlgItemMessageA
EnumWindows
GetGuiResources
SetSysColors
RegisterDeviceNotificationW
IsCharUpperA
SetUserObjectInformationW

gdi32

WidenPath
SetMetaFileBitsEx
StretchDIBits
GetTextCharacterExtra
CreateBitmap
CopyMetaFileW
SetEnhMetaFileBits
OffsetViewportOrgEx
MoveToEx
BeginPath
EnumFontFamiliesW
SetMapMode
CreateICW
GetPolyFillMode
GetDeviceCaps
GetCurrentPositionEx
CreateRoundRectRgn
GetNearestColor
GetPixelFormat
CreateCompatibleBitmap
DescribePixelFormat

advapi32

RegUnLoadKeyA
AccessCheckAndAuditAlarmA
CreateProcessAsUserW
SetFileSecurityA
DeleteAce
SetEntriesInAclW
GetSidSubAuthority
SetNamedSecurityInfoW
StartServiceW
RegSaveKeyW
GetUserNameA
AccessCheck
RegSetValueExW
GetUserNameW
ClearEventLogW
OpenEventLogW
CryptDecrypt
GetSecurityInfo
LookupPrivilegeValueA
SetKernelObjectSecurity
InitializeSecurityDescriptor
ObjectCloseAuditAlarmW
AllocateAndInitializeSid
SetTokenInformation
RegRestoreKeyA
RegCreateKeyA
CryptSetKeyParam
CryptDeriveKey
LookupPrivilegeNameA
QueryServiceStatus
RegRestoreKeyW

ole32

CoGetInterfaceAndReleaseStream

oleaut32

SysStringLen
SafeArrayCreate
SafeArrayGetElement
SafeArrayUnaccessData
QueryPathOfRegTypeLi
SafeArrayPutElement
SafeArrayRedim
SysFreeString

comctl32

ImageList_SetBkColor
ImageList_DragEnter
ImageList_Create
DestroyPropertySheetPage

shlwapi

StrCpyW
PathIsDirectoryA
StrCmpNW
PathCombineA
SHCreateStreamOnFileW
PathGetArgsW
AssocQueryStringW
StrToIntW
PathRenameExtensionW
HashData
StrFormatKBSizeW
UrlCreateFromPathW
PathIsNetworkPathW

Sections

.text
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 232KB - Virtual size: 229KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7c4e73c281347b3f817e044ce909d19a

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

comctl32

shlwapi

Sections

.text Size: 8KB - Virtual size: 5KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 232KB - Virtual size: 229KB

.text
Size: 8KB - Virtual size: 5KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 232KB - Virtual size: 229KB