2d0e5de8e0f59e774e72b4beec3c30ad_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2d0e5de8e0f59e774e72b4beec3c30ad_JaffaCakes118
Size

283KB
MD5

2d0e5de8e0f59e774e72b4beec3c30ad
SHA1

30752abd2267f1c7a05be4ba41ae1f55685bed4d
SHA256

e3398d9a03f0dc4d9435293fa932fc4f0f63b158cfda058626bc1ac2db645f46
SHA512

43e0c9c5a5dd434aa299551147f876a50a5fc5a517da3e8e52e8a4246845bb1598b179c5ea07d23cc6e31ca810ad3859833287f27846687e2b3cc1e8e36e999f
SSDEEP

6144:iEm75V7d6qt9RJRQtyPNNVogTBKGN8SZgIlZWiJljIU7Xg:E5VkcRHQtyP5oyrgISiJJBr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d0e5de8e0f59e774e72b4beec3c30ad_JaffaCakes118

Files

2d0e5de8e0f59e774e72b4beec3c30ad_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a54599febc02aeaa3aa0d26493174884

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCompressedFileSizeW
GetConsoleMode
PulseEvent
UnhandledExceptionFilter
ReadFileScatter
EnumSystemCodePagesA
FormatMessageW
IsDBCSLeadByteEx
GlobalFindAtomW
GetThreadPriority
CompareStringW
OutputDebugStringA
GetPrivateProfileStringA
SetFileTime
FindCloseChangeNotification
PeekConsoleInputW
PrepareTape
IsBadWritePtr
CreateEventA
LocalFileTimeToFileTime
GetNumberFormatW
ClearCommBreak
lstrcpyA
LocalAlloc
GlobalDeleteAtom
ConnectNamedPipe
IsBadStringPtrA
FlushConsoleInputBuffer
_lclose
MoveFileW
FlushFileBuffers
FindFirstFileA
GetDateFormatA
SetEndOfFile
SetErrorMode
OutputDebugStringW
SetFileAttributesA
CancelIo
ExpandEnvironmentStringsW
SetConsoleCursorPosition
GetCommandLineW
CreateDirectoryW
ScrollConsoleScreenBufferA
LCMapStringA
GetFileType
GetSystemTimeAsFileTime
CreateWaitableTimerA
CreateMutexW
MoveFileExA
LoadLibraryExW
SwitchToFiber
FindResourceExW
OpenMutexA
QueryDosDeviceA
EnumDateFormatsW
LocalLock
WriteFile
SetCommMask
SystemTimeToFileTime
GetSystemTimeAdjustment
GetThreadContext
EnumCalendarInfoA
GetCommConfig
FindFirstFileExW
GetEnvironmentStringsW
SetCurrentDirectoryA
GetBinaryTypeW
GetStartupInfoA
GetUserDefaultLCID
SetConsoleTitleA
SetProcessAffinityMask
TryEnterCriticalSection
SetEnvironmentVariableA
FillConsoleOutputCharacterA
EndUpdateResourceA
FindFirstFileW
SetupComm
WritePrivateProfileStringA
GetProfileIntA
GetPrivateProfileStringW
GetCPInfo
LeaveCriticalSection
GetSystemDirectoryW
GetCommandLineA
lstrlenA
VirtualAlloc
GetHandleInformation
ExitProcess

user32

ValidateRgn
CharNextA
CopyRect
DrawTextExW
CharUpperW
IsCharLowerW
IsDlgButtonChecked
LoadKeyboardLayoutW
FindWindowA
TranslateMDISysAccel
CharPrevA
IsWindowUnicode
PeekMessageA
GetClassNameW
UnregisterHotKey
RegisterClassExW
DispatchMessageA
GetSysColor
ScrollWindow
CreatePopupMenu
GetMessageW
keybd_event
SetWindowsHookW
GetDC

gdi32

CreatePen
GetObjectW
Ellipse
SetMapperFlags
GetTextColor
WidenPath
GetBkMode
SetDIBColorTable
GetCurrentObject
AddFontResourceA
SetTextJustification
ModifyWorldTransform
GetTextCharset
SelectClipRgn
SetPaletteEntries
CreatePalette
SetViewportExtEx
CloseFigure
CreateSolidBrush

advapi32

DeleteAce
RegConnectRegistryA
InitializeSid
RegSetValueA
GetSecurityDescriptorLength
GetPrivateObjectSecurity
CloseEventLog
RegSetValueW
ImpersonateNamedPipeClient
EqualSid
SetFileSecurityW
GetSecurityDescriptorSacl
ControlService
SetThreadToken
CryptSetProvParam

shell32

ExtractIconExW
SHGetSettings
SHChangeNotify

ole32

ReadClassStm
CoTreatAsClass

oleaut32

SysAllocStringLen
SafeArrayUnaccessData
SafeArrayPutElement
SafeArrayCreate

comctl32

ImageList_Remove

shlwapi

PathAppendA
UrlCombineW
StrCatBuffW
StrCmpNA
SHSetValueW
PathGetDriveNumberW
PathIsPrefixW
PathUndecorateW

Sections

iiqwag
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

muugu
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

skucsuo
Size: 243KB - Virtual size: 243KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

omcokea
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a54599febc02aeaa3aa0d26493174884

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

Sections

iiqwag Size: 4KB - Virtual size: 3KB

muugu Size: 5KB - Virtual size: 4KB

skucsuo Size: 243KB - Virtual size: 243KB

omcokea Size: 29KB - Virtual size: 29KB

iiqwag
Size: 4KB - Virtual size: 3KB

muugu
Size: 5KB - Virtual size: 4KB

skucsuo
Size: 243KB - Virtual size: 243KB

omcokea
Size: 29KB - Virtual size: 29KB