2d18d8bf83e5d271239e7e26710bf2a6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2d18d8bf83e5d271239e7e26710bf2a6_JaffaCakes118
Size

332KB
MD5

2d18d8bf83e5d271239e7e26710bf2a6
SHA1

1a5ecf1ecd2a9132b043df7125760aa69f2631a8
SHA256

2358c4625cd49967b99548c5e9fead25b109cdde78f3cea8f45071bf07d671ad
SHA512

d9ed6d81a9c6969279be08a9159452d95db39ee96a420206bdd4b6c4ed1966f0759eb1220ad60496de4bf7e8e228f74f7ffeb7fc97376497b69a0b30ebe8a771
SSDEEP

6144:+H2wcRbflkxAfbqglagSuDmd50PCo8G0RNGAfO85211:EAflkxKbqgljqd5HoJ0TGiObH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d18d8bf83e5d271239e7e26710bf2a6_JaffaCakes118

Files

2d18d8bf83e5d271239e7e26710bf2a6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

46cd1622b572f2483ea67f3b1543087c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InitializeCriticalSectionAndSpinCount
InterlockedDecrement
ExitProcess
EnterCriticalSection
GetVersionExA
GetCommandLineA
VirtualProtect

user32

EqualRect
WindowFromDC
UnionRect
SwitchDesktop
GetWindowTextLengthA
IsWindowVisible
SetPropA
FindWindowA
GetClipboardFormatNameA
LoadMenuW
EnumDisplayDevicesA
DrawIcon
DestroyMenu
CallWindowProcA
DrawAnimatedRects
EnumDisplayMonitors
SetWindowPos
VkKeyScanW
DefMDIChildProcA
GetScrollRange
IsRectEmpty
SetWindowTextA
GetMenuItemInfoA
CreateWindowStationW
GetKeyboardLayoutList
CascadeWindows
GetClipboardData
RegisterHotKey
FillRect
CreateDialogIndirectParamA
ChangeDisplaySettingsA
AppendMenuW
ShowWindowAsync
CreateDialogParamW
SetMenuItemBitmaps
LoadImageW
WaitForInputIdle
InsertMenuItemA
SetClassLongW
CheckDlgButton
OemKeyScan
GetScrollPos
UnregisterDeviceNotification
GetIconInfo
SetCapture
GetKeyNameTextA

gdi32

CloseEnhMetaFile
CloseMetaFile
GetStretchBltMode
CreateCompatibleDC
RoundRect

comdlg32

GetFileTitleW
GetFileTitleA
ChooseColorA
ReplaceTextW

advapi32

CryptAcquireContextA
SetPrivateObjectSecurity
RegSetValueW
CryptGetKeyParam
CreatePrivateObjectSecurity
AccessCheckAndAuditAlarmA
GetExplicitEntriesFromAclW
RegRestoreKeyA
SetFileSecurityW
CloseServiceHandle

shell32

ShellExecuteExA
SHGetPathFromIDListA
ExtractIconExA
FindExecutableA
ExtractIconExW
SHAddToRecentDocs

ole32

CoGetMalloc
CoTreatAsClass
CreateFileMoniker
OleIsRunning
OleDestroyMenuDescriptor
OleCreateFromFile

oleaut32

SafeArrayPutElement
SysAllocString
SafeArrayGetElement

shlwapi

PathStripPathW
PathQuoteSpacesW
SHGetValueW
PathIsUNCServerW
SHCreateStreamOnFileW
SHDeleteValueW
StrCmpW
PathStripPathA
PathParseIconLocationW
UrlCreateFromPathW
PathIsDirectoryW
StrFormatByteSizeW
PathCompactPathExW
StrChrW
StrRetToStrW
PathIsNetworkPathW
wnsprintfW

setupapi

SetupDiGetDeviceRegistryPropertyW
SetupDiGetClassDescriptionExA
SetupCloseFileQueue
SetupDiSetDeviceRegistryPropertyA
SetupDiOpenDeviceInfoW
SetupFindFirstLineW
SetupScanFileQueueA
SetupDiGetClassDevsExA
SetupDiSetSelectedDriverA

Sections

.text
Size: 308KB - Virtual size: 307KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

46cd1622b572f2483ea67f3b1543087c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

setupapi

Sections

.text Size: 308KB - Virtual size: 307KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 16KB - Virtual size: 15KB

.text
Size: 308KB - Virtual size: 307KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 16KB - Virtual size: 15KB