2d2abc4e77486597689d3f1a81f6f711_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2d2abc4e77486597689d3f1a81f6f711_JaffaCakes118
Size

458KB
MD5

2d2abc4e77486597689d3f1a81f6f711
SHA1

e5afedd1d573781e3340142ae7239121d41a74b1
SHA256

dd5fba602073479760aede8b8b1d1b6d73e522185b6592127465a756e7e60260
SHA512

83219abde0012ce594119b870e59e868459734109092a3f126ffc6b1734dc059da7d8acebd4d53fde2f9754330d9eb651e7ce2b626ab95626f7e46f99147df83
SSDEEP

12288:E5iMSERPs3m0bnpUPCi8xW3BSzb1llMFtMTVnjJ:E7KJn7xW3MzBllMFYjJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d2abc4e77486597689d3f1a81f6f711_JaffaCakes118

Files

2d2abc4e77486597689d3f1a81f6f711_JaffaCakes118
.exe windows:4 windows x86 arch:x86

41768ff70b0d0cdb2b7570aa9db8f000

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHGetFileInfo
SHGetFileInfoW
ShellExecuteA
SHGetPathFromIDList
DragQueryFileAorW
ExtractAssociatedIconExW
ExtractIconW
FreeIconList
ShellExecuteExW
ExtractIconExW
SHFileOperationA
SHBrowseForFolder
DoEnvironmentSubstW
SheSetCurDrive
SHBrowseForFolderA
InternalExtractIconListA
SHGetSettings
DragAcceptFiles
SHGetDiskFreeSpaceA
SHGetPathFromIDListW
SHInvokePrinterCommandW

advapi32

CryptGenKey
CryptSignHashW
LogonUserW
RegConnectRegistryA
GetUserNameA
LogonUserA
RegCreateKeyA
RegEnumValueA
CryptEnumProviderTypesW

gdi32

CreateFontIndirectA
GetPath
PathToRegion
ScaleWindowExtEx
CreateDIBPatternBrush
EnumObjects
GetWindowExtEx
ExcludeClipRect
SetDIBColorTable
SetPolyFillMode
PatBlt
RectInRegion

wininet

InternetConnectA
InternetQueryOptionW
FtpGetFileW
FtpCreateDirectoryW

kernel32

VirtualQuery
ExitProcess
FreeEnvironmentStringsW
InterlockedExchange
CompareStringW
DeleteCriticalSection
FreeEnvironmentStringsA
GetDateFormatA
ReadFile
MultiByteToWideChar
QueryPerformanceCounter
UnhandledExceptionFilter
GetModuleHandleW
WriteProfileSectionA
FreeLibrary
GetLocaleInfoA
LocalUnlock
SetCurrentDirectoryA
GetEnvironmentStringsW
WideCharToMultiByte
HeapCreate
HeapDestroy
IsDebuggerPresent
GetCommandLineA
LCMapStringA
HeapFree
InitializeCriticalSectionAndSpinCount
MapViewOfFile
GetLocaleInfoW
GetCPInfo
GetStringTypeW
GetCurrentProcessId
RtlUnwind
HeapAlloc
GetSystemTimeAsFileTime
GetConsoleCursorInfo
CompareStringA
WriteFile
GetStartupInfoA
GetFileType
SetLastError
SetConsoleCtrlHandler
GetTimeFormatA
TlsAlloc
EnumSystemLocalesA
lstrcmp
GetOEMCP
GetACP
CreateWaitableTimerA
SetUnhandledExceptionFilter
GetStdHandle
GetModuleFileNameA
GetCurrentThread
TlsFree
SetEnvironmentVariableA
GetEnvironmentStrings
IsValidCodePage
VirtualFree
GetTimeZoneInformation
Sleep
InterlockedIncrement
HeapReAlloc
IsValidLocale
SetHandleCount
GetUserDefaultLCID
GetTickCount
GetLastError
InterlockedDecrement
VirtualAlloc
TerminateProcess
GetProfileSectionW
LeaveCriticalSection
GetModuleHandleA
HeapSize
GetProcessShutdownParameters
GetCurrentProcess
LCMapStringW
EnterCriticalSection
GetCurrentThreadId
GetStringTypeA
GetProcAddress
TlsGetValue
TlsSetValue
SetConsoleTextAttribute
LoadLibraryA

comdlg32

LoadAlterBitmap
PageSetupDlgW
GetSaveFileNameW
PrintDlgW
FindTextA

Sections

.text
Size: 137KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 312KB - Virtual size: 316KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

41768ff70b0d0cdb2b7570aa9db8f000

Headers

File Characteristics

Imports

shell32

advapi32

gdi32

wininet

kernel32

comdlg32

Sections

.text Size: 137KB - Virtual size: 136KB

.data Size: 312KB - Virtual size: 316KB

.rsrc Size: 8KB - Virtual size: 8KB

.text
Size: 137KB - Virtual size: 136KB

.data
Size: 312KB - Virtual size: 316KB

.rsrc
Size: 8KB - Virtual size: 8KB