2cfc67017a5d7881053577461ca5a1a5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2cfc67017a5d7881053577461ca5a1a5_JaffaCakes118
Size

593KB
MD5

2cfc67017a5d7881053577461ca5a1a5
SHA1

c750d9b6430f95ef8d1c2510566393087e3648f1
SHA256

27ff12edb35e1c3f2dd8520802ef219a9f3b52c2a805778d16c5ff0754c324c9
SHA512

3f87c3ec506a0e55c14cab001376b528ebd55f2d80f458ab35e0eabb138e26aabb9e8fbfdaeae1a4832806cf13c31cf1eeec11c0ab8e30fca1bb86e4c922b2f1
SSDEEP

12288:5MzaEFDbUIK7G64/axD6JCm7BjOan5+/HxGd06n:5y/KFBmJrBdoHQn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2cfc67017a5d7881053577461ca5a1a5_JaffaCakes118

Files

2cfc67017a5d7881053577461ca5a1a5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

37fab0fff15106606a986e7f35f3e3a1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

CreateUpDownControl
CreateStatusWindowA
ImageList_SetOverlayImage
ImageList_Merge
ImageList_DragShowNolock
ImageList_SetImageCount
ImageList_Draw
ImageList_Replace
InitCommonControlsEx
ImageList_Write
CreateMappedBitmap
CreateToolbar

gdi32

SetPolyFillMode
RestoreDC
GetDeviceCaps
GetSystemPaletteEntries
GetAspectRatioFilterEx
GetBitmapDimensionEx
GetEnhMetaFilePaletteEntries
CreateDCW
GetCharWidthA
DescribePixelFormat
DeleteDC
GetBoundsRect
GetRandomRgn
GetBkMode
CreateBitmapIndirect

advapi32

RegEnumValueA
GetUserNameA
CreateServiceW
CryptSignHashA
ReportEventW
RevertToSelf
RegEnumKeyW
RegConnectRegistryA
RegConnectRegistryW
CryptSetHashParam
LookupPrivilegeDisplayNameA
DuplicateTokenEx
RegSetValueExW
CryptAcquireContextA
RegSetValueW
CryptDeriveKey
AbortSystemShutdownW
RegOpenKeyExW

user32

GetWindowWord
RegisterClassA
GetKeyState
DdeFreeStringHandle
RegisterClassExA

kernel32

GetSystemInfo
FlushFileBuffers
GetStringTypeA
CompareStringW
SetHandleCount
GetStartupInfoW
LeaveCriticalSection
HeapAlloc
InterlockedIncrement
GetFileType
GetProcAddress
GetOEMCP
HeapDestroy
VirtualAlloc
GetEnvironmentStringsW
GetComputerNameW
HeapCreate
GetACP
GetTimeFormatA
QueryPerformanceCounter
CloseHandle
MultiByteToWideChar
UnhandledExceptionFilter
EnterCriticalSection
EnumResourceNamesA
GetDateFormatA
GetVersionExA
GetCommandLineA
OpenMutexA
TlsAlloc
GetTickCount
HeapFree
ReadFile
InitializeCriticalSection
VirtualProtect
IsBadReadPtr
GetStringTypeW
GetLocaleInfoW
FreeEnvironmentStringsW
GetEnvironmentStrings
GetCommandLineW
GetTimeZoneInformation
LCMapStringA
VirtualQuery
GetStartupInfoA
HeapValidate
SetFilePointer
WideCharToMultiByte
GetCurrentThread
TerminateProcess
GetModuleFileNameA
GetCPInfo
TlsSetValue
GetUserDefaultLCID
AddAtomW
GetCurrentProcess
LoadLibraryA
HeapReAlloc
SetStdHandle
IsBadWritePtr
GetModuleHandleA
DeleteCriticalSection
SetLastError
LCMapStringW
SetConsoleCtrlHandler
GetLastError
CreateMutexA
VirtualFree
EnumSystemLocalesA
TlsGetValue
EnumCalendarInfoW
IsValidCodePage
GetCurrentThreadId
OutputDebugStringA
GetSystemTimeAsFileTime
GetWindowsDirectoryA
FreeEnvironmentStringsA
TlsFree
WriteFile
GetModuleFileNameW
RtlUnwind
SetEnvironmentVariableA
GetLocaleInfoA
GetStdHandle
CompareStringA
GetCurrentProcessId
InterlockedExchange
InterlockedDecrement
IsValidLocale
DebugBreak
ExitProcess

wininet

FtpPutFileW
HttpCheckDavCompliance
IsHostInProxyBypassList
FtpCreateDirectoryA
InternetTimeFromSystemTime
InternetSetDialState
FtpRemoveDirectoryA
InternetSetDialStateA
InternetOpenUrlA

Sections

.text
Size: 387KB - Virtual size: 386KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 163KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

37fab0fff15106606a986e7f35f3e3a1

Headers

File Characteristics

Imports

comctl32

gdi32

advapi32

user32

kernel32

wininet

Sections

.text Size: 387KB - Virtual size: 386KB

.rdata Size: 32KB - Virtual size: 38KB

.data Size: 163KB - Virtual size: 149KB

.rsrc Size: 10KB - Virtual size: 9KB

.text
Size: 387KB - Virtual size: 386KB

.rdata
Size: 32KB - Virtual size: 38KB

.data
Size: 163KB - Virtual size: 149KB

.rsrc
Size: 10KB - Virtual size: 9KB