2cfee4696e866e8a22c3eb5e37b16b4f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2cfee4696e866e8a22c3eb5e37b16b4f_JaffaCakes118
Size

33KB
MD5

2cfee4696e866e8a22c3eb5e37b16b4f
SHA1

464f4d187b2940062251b1fd7cbbcdf823c7630b
SHA256

38bc45a045d1c475c876547c0c2d8bf6462a4293e2e435bd8dbb4ff4e913db2e
SHA512

235f5fc0e12419f741617f9cfd17ae8f27a656e987766cb428c852ca86d6cad1c51531b8da89a508ff51e05598a0a0051aeee984fe2a92a196521bf19b506fed
SSDEEP

768:I9Fi/eecjbT93TuGd3KlBJVVu+HiYvWlkV:IK/eecj3NKU+Cy9V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2cfee4696e866e8a22c3eb5e37b16b4f_JaffaCakes118

Files

2cfee4696e866e8a22c3eb5e37b16b4f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d94e59da15d3e0d277d5ae15c39e7aaa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcAddress
GetLocalTime
LoadLibraryA
OpenEventA
GetModuleFileNameA
GetModuleHandleA
CloseHandle
GetTempPathA
DeleteFileA
ExitThread
lstrcatA
FileTimeToSystemTime
GetFileAttributesA
TerminateThread
WriteFile
GetTickCount
GetModuleHandleW
SetEvent
WaitForMultipleObjects
lstrcmpA
CreateToolhelp32Snapshot
Process32First
CompareStringA
FindResourceA
LoadResource
lstrcpyA
CreateThread
WaitForSingleObject
CreateFileA
ResetEvent
PulseEvent
MultiByteToWideChar
Sleep
GetProcessHeap
FreeLibrary
lstrlenA
GetLastError
CreateEventA
OpenProcess
TerminateProcess
GetCommandLineA
ExitProcess
HeapFree
HeapAlloc
RtlUnwind

user32

SetWindowTextA
GetForegroundWindow
ShowWindow
DestroyWindow
PostQuitMessage
MsgWaitForMultipleObjects
LoadIconA
wsprintfA
wsprintfW
TranslateMessage
MessageBoxA
PeekMessageA
DefWindowProcA
CreateWindowExW
CreateWindowExA
CharToOemA
DispatchMessageA
FindWindowA
RegisterClassA
EndPaint
BeginPaint
AnyPopup

advapi32

RegOpenKeyExA
RegSetValueExW
RegCloseKey
RegEnumKeyA
RegOpenKeyA
RegDeleteValueA
RegCreateKeyA
RegDeleteKeyA
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
RegNotifyChangeKeyValue

shell32

ShellExecuteA
SHGetFolderPathA
Shell_NotifyIconA

ole32

CoInitialize
CoUninitialize
CoCreateInstance

oleaut32

SysFreeString
SysAllocString

wininet

InternetGetConnectedState
HttpQueryInfoA

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d94e59da15d3e0d277d5ae15c39e7aaa

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

wininet

Sections

.text Size: 16KB - Virtual size: 15KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 512B - Virtual size: 9KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 16KB - Virtual size: 15KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 512B - Virtual size: 9KB

.rsrc
Size: 8KB - Virtual size: 8KB