2cf6033631b49085479b94c025aa776a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2cf6033631b49085479b94c025aa776a_JaffaCakes118
Size

431KB
MD5

2cf6033631b49085479b94c025aa776a
SHA1

f912916a6b65ec548cd5edb53d573beff872ffdf
SHA256

e329e791684cecbe569e26b19d983ec3f3297951bc7ca669614d8506bcc848b3
SHA512

dfa0dbd4b302dd3c24141b88ca2ea86a74074b4eb20f72ad3c682435c14c33ade9453073240a1b1fab3d415dcf5462df846ac68bc575d9c0c753dc827d037b10
SSDEEP

12288:AomAiZglsjKLuMxRiQxiZDw8pZhIxKrCYv2ndG9w2:Aom5OujKLug9xvYOevKdG2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2cf6033631b49085479b94c025aa776a_JaffaCakes118

Files

2cf6033631b49085479b94c025aa776a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7df1c65d61e6e353f160c070c9be5c15

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

FrameRect
FindWindowW
DlgDirListComboBoxW
GetDC
DdeQueryNextServer
DdeInitializeW
GetCaretBlinkTime
GetCursor
BlockInput
CharToOemBuffA
GetAsyncKeyState
DrawStateA
DlgDirSelectExW
GetDlgItemTextW
DdeGetLastError
EnumWindowStationsW
CopyIcon
BroadcastSystemMessageW
CreateMDIWindowW
DragObject
EnumDesktopsA
CountClipboardFormats
DestroyCaret
GetCaretPos

ole32

StringFromIID
OleGetClipboard
ProgIDFromCLSID
OpenOrCreateStream
MonikerCommonPrefixWith
CoCreateInstance
CoTaskMemFree

kernel32

SetLocaleInfoW
FoldStringA
VirtualFree
ExpungeConsoleCommandHistoryW
VerLanguageNameA
GetModuleHandleA
FillConsoleOutputCharacterW
GetConsoleOutputCP
Sleep
ShowConsoleCursor
VirtualAlloc
OpenProfileUserMapping
FindFirstChangeNotificationW
QueryInformationJobObject
GetFileType
VirtualFreeEx
lstrlenA
SetCommMask
SetCommTimeouts
lstrcatA
SetLocaleInfoA
GetVersionExW
CreateFileMappingA
GetSystemTime
GetCurrencyFormatA
SetMailslotInfo
_lclose
FindResourceExA
IsBadHugeWritePtr
VerifyConsoleIoHandle
SetConsoleDisplayMode
HeapSummary
ExitProcess
TlsAlloc
EnumSystemCodePagesA
WriteConsoleOutputW
ReadFileScatter
SetProcessPriorityBoost
EnterCriticalSection
FileTimeToDosDateTime
GetCurrentDirectoryW
lstrcmpW
GetStringTypeA
SearchPathW
WaitForMultipleObjectsEx
GetStartupInfoA

msvcrt

isspace
wcsncmp
_locking
_spawnv
strtod
_callnewh
_wasctime
_dup
_memccpy
putc
__pxcptinfoptrs
_heapadd
_execvp
_ismbcalnum
_findfirsti64
wcsstr
_adj_fdiv_r
_atoldbl
system
_CIlog10
_wmakepath
putwc
memcmp
rename
_mbctombb
_timezone
_except_handler2
_XcptFilter
__argv
wcschr
isgraph
_get_osfhandle
_beginthread
ungetc
atol
abs
log10
wctomb
wcstoul

gdi32

SetEnhMetaFileBits
LPtoDP
GetNearestColor
GetWorldTransform
CopyMetaFileA
CreateCompatibleDC
FillPath
BeginPath
CopyMetaFileW
GetFontData
GetTextAlign
CreateEnhMetaFileA
CreateCompatibleBitmap
SetBkMode
SetICMProfileA
SetRectRgn
Ellipse
PlayMetaFile
SelectPalette
DrawEscape

comdlg32

GetSaveFileNameA
dwOKSubclass
GetOpenFileNameW

Sections

.text
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.lpg
Size: 212KB - Virtual size: 318KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.oad
Size: 211KB - Virtual size: 670KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7df1c65d61e6e353f160c070c9be5c15

Headers

File Characteristics

Imports

user32

ole32

kernel32

msvcrt

gdi32

comdlg32

Sections

.text Size: 6KB - Virtual size: 6KB

.lpg Size: 212KB - Virtual size: 318KB

.oad Size: 211KB - Virtual size: 670KB

.reloc Size: 1024B - Virtual size: 1KB

.text
Size: 6KB - Virtual size: 6KB

.lpg
Size: 212KB - Virtual size: 318KB

.oad
Size: 211KB - Virtual size: 670KB

.reloc
Size: 1024B - Virtual size: 1KB