2cec44ee80aefab29be48c9cb81dfe33_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2cec44ee80aefab29be48c9cb81dfe33_JaffaCakes118
Size

111KB
MD5

2cec44ee80aefab29be48c9cb81dfe33
SHA1

68182c548c41869539e74e8db3cb05d83b9635e4
SHA256

48e73253c7f9a1b7b7420909b4888e84fbaa17d02718eccc0681f7b0a50f06ce
SHA512

bc47bfe18c63534d0a0ca54dbe04f14d94f00aaee37762f5110441868cd41d1dbaf5986fb17851253b918728b2ba6ee746946a8234442030e9c8d9ccb93b50b9
SSDEEP

1536:sBTutZMHe4H2MRNg1yjZm5REZaoSFhmyVePY/tCGOy:0AZMHe4H2Cc4g5m0jhXYPktCG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2cec44ee80aefab29be48c9cb81dfe33_JaffaCakes118

Files

2cec44ee80aefab29be48c9cb81dfe33_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f1e8eda5c702f43bb579566476e547b5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathIsNetworkPathA
PathIsRelativeW
StrCmpLogicalW

user32

SetFocus
GetWindowDC
GetWindowInfo
IsRectEmpty

oleaut32

VariantClear
VariantCopyInd
SysStringLen
SysAllocStringLen

kernel32

GetFullPathNameW
CreateMutexW
GetCurrentThreadId
FormatMessageW
GetTimeFormatW
lstrlenW
SetCurrentDirectoryW
FindClose
CloseHandle
GetDateFormatW
IsValidLocale
GetStartupInfoA
lstrcmpiW
GetVolumeInformationW
ReadFile
GetTempPathW
InterlockedExchange
HeapAlloc
GetCommandLineW
MultiByteToWideChar
SuspendThread
GetModuleHandleA
WideCharToMultiByte
GetCurrentThreadId
GetTickCount
HeapFree
InterlockedIncrement
GetExitCodeProcess
SetCommConfig
GetPrivateProfileStringW
GetVersionExA
GetFileAttributesW
FreeLibrary
GetModuleFileNameW
InterlockedDecrement
lstrcmpW
GetPrivateProfileSectionW
GetPrivateProfileIntW
CreateJobObjectA
CreateDirectoryW
QueryDosDeviceW
LocalAlloc
OpenEventW
ReleaseMutex
SetUnhandledExceptionFilter
GetSystemDirectoryW
GlobalFree
CreateProcessW
UnhandledExceptionFilter
LocalFree
LocalReAlloc
TerminateProcess
LoadLibraryW
SetLastError
RaiseException
GetCurrentProcessId
FindFirstFileW
FindNextFileW
LoadLibraryA
GetDiskFreeSpaceExW
lstrlenA
DeleteFileW
GlobalAlloc
CreateFileW
GetProcessHeap
QueryPerformanceCounter
GetCurrentProcess
GetDriveTypeW
Sleep
GetProcAddress
DeviceIoControl
GetCurrentDirectoryW
WriteFile
GetWindowsDirectoryW
GetLogicalDriveStringsW
ExpandEnvironmentStringsW
VirtualQuery
SetFilePointer
WaitForSingleObject
CopyFileW
GetSystemTimeAsFileTime

shell32

ShellExecuteA
SHBrowseForFolderA
SHGetPathFromIDListA

comctl32

PropertySheetA

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.nqevyd
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 92KB - Virtual size: 244KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f1e8eda5c702f43bb579566476e547b5

Headers

File Characteristics

Imports

shlwapi

user32

oleaut32

kernel32

shell32

comctl32

Sections

.text Size: 10KB - Virtual size: 9KB

.data Size: 4KB - Virtual size: 9KB

.nqevyd Size: 3KB - Virtual size: 3KB

.edata Size: 92KB - Virtual size: 244KB

.text
Size: 10KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 9KB

.nqevyd
Size: 3KB - Virtual size: 3KB

.edata
Size: 92KB - Virtual size: 244KB