2d61f3a1945d00e306d362c01c10a2d5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2d61f3a1945d00e306d362c01c10a2d5_JaffaCakes118
Size

128KB
MD5

2d61f3a1945d00e306d362c01c10a2d5
SHA1

20679d14d7b4eacd4dc0fc5426439a44c8e40a4c
SHA256

6093e99dcaa1be52b8d3d7503cef70234e25549d75b32c80be06dcaf39f2298a
SHA512

6dd3ff5ad49ce68967883e7c13dc4511d326df4a46e8858b846ec513a8a0aec4a8ae6d7692be6936a3a1264d233034b84a521eb8371db6d2c56c0833e19302e4
SSDEEP

3072:h4hpnYamGriQ02hk1Qyw7XjHho7DCiCy:h4hpnYSriT8kqbDy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d61f3a1945d00e306d362c01c10a2d5_JaffaCakes118

Files

2d61f3a1945d00e306d362c01c10a2d5_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ed7a1cddcf6cbed6b753b7c36c14eeb0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

LocalReAlloc
TlsGetValue
GetCurrentThreadId
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
FreeLibrary
GetProcessVersion
GlobalFlags
GetCPInfo
GetOEMCP
RtlUnwind
GetCommandLineA
ExitProcess
GetTimeZoneInformation
GetSystemTime
GetACP
SetStdHandle
GetFileType
HeapAlloc
HeapFree
TlsSetValue
HeapSize
HeapReAlloc
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetStartupInfoA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadWritePtr
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
GlobalAlloc
GlobalReAlloc
GlobalLock
GlobalHandle
GlobalUnlock
GlobalFree
TlsAlloc
LocalAlloc
GetVersion
GetFileTime
GetFileAttributesA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
LoadLibraryA
GetProcAddress
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
GetCurrentProcess
DuplicateHandle
lstrcmpiA
SetLastError
FileTimeToLocalFileTime
FileTimeToSystemTime
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
FormatMessageA
LocalFree
CreateEventA
CreateThread
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
SetErrorMode
SetUnhandledExceptionFilter
lstrcmpA
OpenEventA
SetEvent
GetModuleFileNameA
GetTickCount
SleepEx
TerminateProcess
Sleep
DeleteFileA
GetWindowsDirectoryA
lstrcpynA
lstrcpyA
GetFileSize
VirtualAlloc
ReadFile
VirtualFree
GetTempFileNameA
CopyFileA
Module32First
Module32Next
CreateToolhelp32Snapshot
Process32First
Process32Next
OpenProcess
CreateProcessA
WaitForSingleObject
GetExitCodeProcess
GetLastError
lstrcatA
GetLocalTime
GetTempPathA
CreateFileA
SetFilePointer
WriteFile
lstrlenA
CloseHandle
GetModuleHandleA
LoadLibraryExA
RaiseException

user32

PostMessageA
LoadIconA
SetWindowTextA
LoadCursorA
GetSysColorBrush
ReleaseDC
GetDC
GetClassNameA
PtInRect
ClientToScreen
PostQuitMessage
DestroyMenu
TabbedTextOutA
DrawTextA
GrayStringA
SetFocus
AdjustWindowRectEx
GetClientRect
CopyRect
MapWindowPoints
GetTopWindow
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgItem
GetWindowTextA
GetDlgCtrlID
DestroyWindow
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
DefWindowProcA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
DispatchMessageA
GetKeyState
GetSysColor
CallNextHookEx
PeekMessageA
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
SendMessageA
MessageBoxA
EnableWindow
UnhookWindowsHookEx
GetSystemMetrics
CharUpperA
LoadStringA
wsprintfA
LoadBitmapA

gdi32

ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
SetViewportExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SetViewportOrgEx
OffsetViewportOrgEx
SetMapMode
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
DeleteObject
GetDeviceCaps
GetObjectA
SetBkColor
SetTextColor
GetClipBox
CreateBitmap

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

SetServiceStatus
RegisterServiceCtrlHandlerA
ControlService
DeleteService
StartServiceA
OpenSCManagerA
OpenServiceA
CreateServiceA
CloseServiceHandle
GetUserNameA
StartServiceCtrlDispatcherA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegSetValueExA

comctl32

ord17

wininet

InternetReadFile
InternetCloseHandle
InternetOpenA
InternetOpenUrlA

Sections

.text
Size: 88KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ed7a1cddcf6cbed6b753b7c36c14eeb0

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

wininet

Sections

.text Size: 88KB - Virtual size: 87KB

.rdata Size: 20KB - Virtual size: 17KB

.data Size: 16KB - Virtual size: 30KB

.text
Size: 88KB - Virtual size: 87KB

.rdata
Size: 20KB - Virtual size: 17KB

.data
Size: 16KB - Virtual size: 30KB