2d03359875d5aa0f738ef84f58f69ae3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2d03359875d5aa0f738ef84f58f69ae3_JaffaCakes118
Size

336KB
MD5

2d03359875d5aa0f738ef84f58f69ae3
SHA1

e0a1b497fecc57eb2f742003adaf7c258d473492
SHA256

f4a52ca42fd1ffca514888a6b0e2abf7a4eacd0576d9455b1b318e48643d33b0
SHA512

d3566be71d8554a4db9a52e2fc537feedf11df69564060815fa0de1ee9ebe1249695aa7ba1ca6b8bf3a4a759ec325a5d673118cf8d3d1a4f299e4abc5c4538c2
SSDEEP

6144:njWz7yJt6d2noDasEWvmmtUG5LkiaIwmCd8WNxG:OQt68oDasEWvNtUSLPaItCY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d03359875d5aa0f738ef84f58f69ae3_JaffaCakes118

Files

2d03359875d5aa0f738ef84f58f69ae3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

44ebf1b5d0b24d77d80148eda0287631

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineA
GetVersionExA
VirtualProtect
QueryDosDeviceA
ExitProcess

user32

IsWindowEnabled
RemovePropW
CharUpperA
SetMenuItemInfoW
EnumDesktopsA
CharNextW
FindWindowExA
LoadAcceleratorsA
LoadIconW
IsDialogMessageW
DrawStateA

gdi32

SetDIBitsToDevice
GetNearestColor
OffsetWindowOrgEx
GetBitmapBits
GetPixel
ScaleViewportExtEx
CopyEnhMetaFileW
SetTextColor
CreateDCA
CopyMetaFileW
LPtoDP
GetBkMode
ExtCreatePen
SetWorldTransform
Escape
GetDIBits

comdlg32

PrintDlgA
PageSetupDlgW

advapi32

ImpersonateLoggedOnUser
GetServiceDisplayNameA
GetSecurityInfo
EnumServicesStatusW
StartServiceCtrlDispatcherA
QueryServiceConfigA
OpenServiceA
SetSecurityDescriptorGroup
RegSetValueA
SetFileSecurityW
CryptImportKey
RegisterServiceCtrlHandlerW
RegQueryValueA
RegisterEventSourceW
AccessCheckAndAuditAlarmW
AdjustTokenPrivileges
RegSetValueExA
OpenSCManagerW
DestroyPrivateObjectSecurity
LogonUserA
QueryServiceConfigW
RegOpenKeyExW
AccessCheck
QueryServiceLockStatusW
RegSaveKeyA

shell32

SHGetPathFromIDListA
DragAcceptFiles
SHFileOperationA

oleaut32

VariantChangeType
VariantCopy
SysAllocStringLen
SafeArrayCreate
SafeArrayGetLBound
SetErrorInfo
LoadTypeLi

shlwapi

SHRegGetBoolUSValueA
StrTrimA
PathIsDirectoryA
StrToIntExW
PathCanonicalizeW
SHGetValueW
PathGetCharTypeA
PathQuoteSpacesW
SHStrDupW
StrFormatByteSizeW
PathGetDriveNumberW
PathUndecorateW

setupapi

SetupFindFirstLineW
SetupDiOpenDeviceInfoW
SetupOpenAppendInfFileW
SetupIterateCabinetW
SetupDiGetClassDevsW
SetupCloseFileQueue

Sections

.text
Size: 296KB - Virtual size: 292KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

44ebf1b5d0b24d77d80148eda0287631

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

oleaut32

shlwapi

setupapi

Sections

.text Size: 296KB - Virtual size: 292KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 32KB - Virtual size: 28KB

.text
Size: 296KB - Virtual size: 292KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 32KB - Virtual size: 28KB