2d2a7332c6e680156a124afb09cd07b5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2d2a7332c6e680156a124afb09cd07b5_JaffaCakes118
Size

349KB
MD5

2d2a7332c6e680156a124afb09cd07b5
SHA1

1e79071f323ae7450d973d6f8d29a6470777a26b
SHA256

6f1753e15b549b565000aa4fa2aeb3ec17228f462bb783c17351340381c7762c
SHA512

961c14a0c55796007a1998003fac2fa41d8257f3ce9104e6948b2b25072a0344f4cb62a61a08a2040291846d5270378f62af856cb57cf147bb0634f9e1091853
SSDEEP

6144:mlR2GFauPDDbMouOtLY2m9R82l7EPySsQueSzGRoQCPBxaXUxJ0:mlkw/PnbgOtebpEnQeSzkCPBxaXUxJ0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d2a7332c6e680156a124afb09cd07b5_JaffaCakes118

Files

2d2a7332c6e680156a124afb09cd07b5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b59920d9e615bbe65e1670c30d99153c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateDirectoryA
SetConsoleActiveScreenBuffer
SetThreadAffinityMask
GetTimeFormatA
FreeResource
GetThreadTimes
GetComputerNameW
AreFileApisANSI
IsBadStringPtrW
GetMailslotInfo
GetOEMCP
WaitNamedPipeW
SetThreadLocale
WaitForSingleObjectEx
RequestDeviceWakeup
CommConfigDialogW
IsDBCSLeadByte
FlushConsoleInputBuffer
EnumSystemLocalesW
CreateProcessA
GetFileType
GetDefaultCommConfigW
GlobalDeleteAtom
ExpandEnvironmentStringsW
IsProcessorFeaturePresent
SwitchToThread
GetTempPathW
GetLogicalDrives
FoldStringA
FreeConsole
GetVersionExA
GetCommandLineW
TransactNamedPipe
BuildCommDCBA
BuildCommDCBAndTimeoutsA
QueryDosDeviceW
ExpandEnvironmentStringsA
GetOverlappedResult
GetLogicalDriveStringsW
GetSystemDirectoryW
WriteConsoleOutputAttribute
WritePrivateProfileSectionW
GetModuleHandleA
ResumeThread
FlushViewOfFile
ReadFile
GlobalHandle
OpenEventA
Heap32ListFirst
SetCommMask
CreateDirectoryW
GetLongPathNameW
GetCurrencyFormatW
GetStartupInfoA
GetCurrentDirectoryW
FreeLibraryAndExitThread
WaitForSingleObject
VirtualProtectEx
LCMapStringW
OpenSemaphoreA
GlobalGetAtomNameW
GetPrivateProfileSectionW
GetBinaryTypeA
GetModuleHandleW
BackupRead
GetEnvironmentStrings
FileTimeToDosDateTime
GetCurrencyFormatA

user32

TranslateMDISysAccel
GetClassInfoExA
HiliteMenuItem
DrawFocusRect
CreatePopupMenu
ToUnicodeEx
KillTimer
DestroyCaret
CharUpperBuffA
IsIconic
SetSystemCursor
DrawTextA
CreateMDIWindowA
EnumWindowStationsA
CountClipboardFormats
GetPropW
CloseClipboard
GetWindowThreadProcessId
GetScrollPos
ChangeDisplaySettingsExW
GetWindowContextHelpId
SendMessageTimeoutW
WaitForInputIdle
GetIconInfo
FlashWindow
SetCaretBlinkTime
IsCharAlphaW
wsprintfW
SetCursorPos
PostQuitMessage
EnumWindows
GrayStringA
EnumPropsW
GetMenu
GetUpdateRgn
SetKeyboardState
MapVirtualKeyExA
SetMenu
CharLowerBuffW
SetWindowWord
CheckMenuRadioItem
LoadKeyboardLayoutA
GetSystemMetrics
AdjustWindowRect
SetSysColors
GetClassInfoExW
DrawTextW
ActivateKeyboardLayout
CharToOemA
GetWindowRgn
WinHelpA
InvalidateRect
wvsprintfA
GetClassLongA
HideCaret
UnregisterHotKey
SetWindowLongW
SetWindowsHookA
SetUserObjectInformationA
ShowWindow
CharNextA
GetKeyNameTextA
GetSysColorBrush
SetMenuItemInfoW
DefFrameProcW
keybd_event
SendMessageCallbackA
CreateWindowStationW
CreateDesktopW

gdi32

Polyline
GetClipRgn
SetPaletteEntries
SetROP2
SetICMProfileA
FrameRgn
SetViewportOrgEx
GdiComment
SetMetaRgn
ExtCreateRegion
GetCharWidth32W
ColorMatchToTarget
AngleArc
EnumObjects
MoveToEx
GetSystemPaletteEntries
PathToRegion
FillPath
SetDIBitsToDevice
SetWorldTransform
ScaleWindowExtEx
GetEnhMetaFilePaletteEntries
GetFontData
SwapBuffers
GetTextColor
RoundRect
CreateBitmapIndirect
GetGlyphOutlineW
SelectObject
SetMapperFlags
SetPixelV
GetViewportExtEx
PolyTextOutW
GetPixel
SetPixel
CreateICA
GetTextExtentExPointW
GetBkMode
GetArcDirection

advapi32

SetServiceStatus
GetSecurityInfo
ControlService
ObjectDeleteAuditAlarmW
RegEnumValueA
SetPrivateObjectSecurity
GetMultipleTrusteeW
RegDeleteKeyW
GetTrusteeTypeW
RegNotifyChangeKeyValue
AreAllAccessesGranted
OpenEventLogW
RegSaveKeyA
RegOpenKeyExA
ObjectDeleteAuditAlarmA
QueryServiceLockStatusW
SetNamedSecurityInfoW
BuildImpersonateTrusteeA
GetEffectiveRightsFromAclA
LookupPrivilegeDisplayNameW
BackupEventLogW
QueryServiceObjectSecurity
IsTextUnicode
CreateServiceA
EnumDependentServicesW
CryptSetHashParam
CryptHashSessionKey
OpenBackupEventLogA
AbortSystemShutdownA
CryptDeriveKey
SetNamedSecurityInfoA
OpenBackupEventLogW
ObjectPrivilegeAuditAlarmW
GetAuditedPermissionsFromAclA
UnlockServiceDatabase

shell32

ExtractIconExW
SHGetSettings
Shell_NotifyIconW
DragQueryFileA
SHGetSpecialFolderPathW
ShellExecuteW
SHGetDataFromIDListW

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
exit
_XcptFilter
_exit

Sections

.text
Size: 288KB - Virtual size: 292KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

vluxu9nq
Size: 45KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

8tjmcbi1
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b59920d9e615bbe65e1670c30d99153c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

msvcrt

Sections

.text Size: 288KB - Virtual size: 292KB

.rdata Size: 6KB - Virtual size: 8KB

.data Size: 3KB - Virtual size: 4KB

vluxu9nq Size: 45KB - Virtual size: 48KB

8tjmcbi1 Size: 4KB - Virtual size: 4KB

.text
Size: 288KB - Virtual size: 292KB

.rdata
Size: 6KB - Virtual size: 8KB

.data
Size: 3KB - Virtual size: 4KB

vluxu9nq
Size: 45KB - Virtual size: 48KB

8tjmcbi1
Size: 4KB - Virtual size: 4KB