2d64cd84199b91450800b6477d5804cf_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2d64cd84199b91450800b6477d5804cf_JaffaCakes118
Size

396KB
MD5

2d64cd84199b91450800b6477d5804cf
SHA1

45458206085ba9f617c1c2934858c10ed4469fd8
SHA256

44e06982fdeb76984ad23a960ffdd5666eb11047069a1c9fd4710e182a6e0cf5
SHA512

14b5094b8b773fbf109684e89ceb238a07b67b7949cb18ebcb99de46d37c381019fe2e93d62da70e1c1b9680551950974493366b770ae9d5999c89fad03f956e
SSDEEP

12288:AVK2dqVXrDUGf18KqkcUVnfrplkufZjLmn:KKRXvWdl8nIuB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d64cd84199b91450800b6477d5804cf_JaffaCakes118

Files

2d64cd84199b91450800b6477d5804cf_JaffaCakes118
.exe windows:5 windows x86 arch:x86

227c7ad5d5f075ad15bcbecbf6a93e98

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

SetLocaleInfoA
EnterCriticalSection
GetCurrentThreadId
MapViewOfFile
GetThreadPriorityBoost
GetSystemTimeAdjustment
CreateEventA
GetEnvironmentStringsA
ConnectNamedPipe
HeapAlloc
InterlockedExchange
SleepEx
HeapSetInformation
SetEvent
MapViewOfFileEx
TryEnterCriticalSection
lstrlenA
ReadFile
CreateFileMappingA
GetSystemTime
SetThreadUILanguage
GetTickCount
WriteFileGather
SetThreadLocale
PostQueuedCompletionStatus
OpenThread
CreateThread
IsBadStringPtrA
SwitchToThread
HeapCreate
GetSystemDefaultLCID
GetLocalTime
FileTimeToSystemTime
GetQueuedCompletionStatus
ConvertDefaultLocale
SetEnvironmentVariableA
HeapFree
FreeEnvironmentStringsA
InterlockedPushEntrySList
ReadFileScatter
SuspendThread
HeapDestroy
WaitForSingleObject
GetThreadTimes
GetStringTypeA
CreateIoCompletionPort
LeaveCriticalSection
TransactNamedPipe
GetSystemTimeAsFileTime
CreateFileA
HeapReAlloc
FlushViewOfFile
UnmapViewOfFile
SetFilePointerEx
CreateNamedPipeA
WaitForSingleObject
FileTimeToLocalFileTime
SetFilePointer
RtlFillMemory
GetLocaleInfoA
GetThreadContext
EnumSystemLanguageGroupsA
IsValidLocale
GetUserDefaultLCID
DisconnectNamedPipe
GetFileTime
ResumeThread
ExitThread
ReadFileEx
GetNamedPipeInfo
InterlockedPopEntrySList
GetSystemDefaultLangID
VirtualAllocEx
SetThreadPriority
ExpandEnvironmentStringsA
lstrcmpiA
lstrlenW
InitializeCriticalSection
lstrcmpA

advapi32

RegCloseKey
RegSetValueExW
RegCreateKeyW
RegQueryValueExA
RegDeleteValueW

msvcrt

srand
_adjust_fdiv
__setusermatherr
__p__fmode
__getmainargs
_exit

user32

SetWindowPos
GetDlgItemInt
SetCursor
GetWindowDC
LoadBitmapW
SendMessageW
SetDlgItemInt
TranslateMessage
GetMessageW
MessageBoxW
InvalidateRect
UpdateWindow
TranslateAcceleratorW
SystemParametersInfoW
EndDialog
ShowWindow
SetWindowTextW
MessageBeep
SetTimer

Sections

.text
Size: 243KB - Virtual size: 243KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 142KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 352KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

227c7ad5d5f075ad15bcbecbf6a93e98

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

msvcrt

user32

Sections

.text Size: 243KB - Virtual size: 243KB

.data Size: 142KB - Virtual size: 142KB

.rsrc Size: 9KB - Virtual size: 352KB

.text
Size: 243KB - Virtual size: 243KB

.data
Size: 142KB - Virtual size: 142KB

.rsrc
Size: 9KB - Virtual size: 352KB