2d47fd1b97fe18a0cd77b6cdb8e5f025_JaffaCakes118

General

Target

2d47fd1b97fe18a0cd77b6cdb8e5f025_JaffaCakes118
Size

204KB
MD5

2d47fd1b97fe18a0cd77b6cdb8e5f025
SHA1

3bd5fa835ab5b494c79a36c6b127064fac57a5dc
SHA256

c6d6e54b54d18ccdd68dcd3edf01fe183461ff13169383b9ee72cccc8098c33f
SHA512

fb596f6b66e714bb4f761ed3890f0e359abc29c8f74bf3e22d5e71aa5e7e66afc59e052e47742a27327c6f60e8f422d09e3f81c6b1aa48ca80d73d30f5cde803
SSDEEP

48:nnCxCoBnkY6AnkY62h266am+8lv6zXM+u3z3PIoVF60P9IUuHM7glDt8sNzLApz6:CfBk+kk8qju8uEY9InH8sZX7AwBAe1n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d47fd1b97fe18a0cd77b6cdb8e5f025_JaffaCakes118

Files

2d47fd1b97fe18a0cd77b6cdb8e5f025_JaffaCakes118
.exe windows:0 windows x86 arch:x86

fbf0c00d15a539c4d773be65e213a743

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

AddLocalAlternateComputerNameW
AllocConsole
AreFileApisANSI
AssignProcessToJobObject
BaseCheckAppcompatCache
BaseCleanupAppcompatCacheSupport
BaseDumpAppcompatCache
BaseUpdateAppcompatCache
Beep
CancelDeviceWakeupRequest
CheckRemoteDebuggerPresent
CompareStringA
CreateActCtxA
CreateDirectoryExA
CreateFiber
CreateFileA
CreateFileMappingA
CreateJobObjectW
CreateMailslotW
CreateNlsSecurityDescriptor
CreateProcessInternalW
CreateProcessInternalWSecure
CreateThread
DeleteTimerQueueTimer
DnsHostnameToComputerNameA
DosPathToSessionPathA
EncodePointer
EnumLanguageGroupLocalesA
EnumResourceLanguagesA
EnumResourceNamesW
EnumSystemCodePagesW
EnumSystemGeoID
EnumSystemLanguageGroupsA
ExpandEnvironmentStringsA
ExpungeConsoleCommandHistoryW
FatalAppExitA
FindActCtxSectionStringW
FindAtomA
FindFirstVolumeMountPointW
FindNextChangeNotification
FindNextFileW
FindNextVolumeMountPointW
FlushInstructionCache
FormatMessageA
FreeConsole
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeResource
GetCalendarInfoW
GetComPlusPackageInstallStatus
GetConsoleAliasExesA
GetConsoleAliasesLengthA
GetConsoleCommandHistoryLengthW
GetConsoleFontInfo
GetConsoleInputExeNameW
GetConsoleNlsMode
GetConsoleProcessList
GetCurrentDirectoryA
GetCurrentThread
GetDefaultCommConfigW
GetDllDirectoryA
GetFileAttributesExA
GetLocaleInfoA
GetLocaleInfoW
GetLogicalDriveStringsW
GetLongPathNameW
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetNumberFormatW
GetOEMCP
GetProcAddress
GetProcessAffinityMask
GetProcessHandleCount
GetProcessId
GetProcessIoCounters
GetProcessPriorityBoost
GetProfileStringA
GetShortPathNameA
GetStartupInfoA
GetStringTypeW
GetSystemDefaultLangID
GetThreadPriorityBoost
GetVolumeInformationA
GetVolumePathNameA
GlobalAlloc
GlobalReAlloc
GlobalUnWire
GlobalWire
Heap32ListNext
InterlockedCompareExchange
IsBadHugeWritePtr
IsValidUILanguage
IsWow64Process
LZCopy
LZDone
LoadLibraryA
LoadModule
LocalAlloc
LocalFree
LocalShrink
LocalUnlock
OpenEventW
OpenJobObjectA
OpenSemaphoreW
OutputDebugStringA
Process32Next
QueryDepthSList
ReadConsoleOutputCharacterA
ReadDirectoryChangesW
ReadFile
RegisterWaitForSingleObject
RequestWakeupLatency
RtlCaptureStackBackTrace
SetCommBreak
SetCommConfig
SetComputerNameW
SetConsoleCursorInfo
SetConsoleMaximumWindowSize
SetConsoleOS2OemFormat
SetFileShortNameW
SetFirmwareEnvironmentVariableA
SetNamedPipeHandleState
SetSystemTime
SetThreadPriority
SetVolumeMountPointA
SetVolumeMountPointW
ShowConsoleCursor
Sleep
Thread32First
TlsSetValue
TransmitCommChar
UpdateResourceW
VerifyVersionInfoA
WriteConsoleOutputCharacterA
WritePrivateProfileSectionA
lstrcmpi
lstrcmpiA
lstrcpyn

Sections

.text
Size: 132KB - Virtual size: 131KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fbf0c00d15a539c4d773be65e213a743

Headers

File Characteristics

Imports

kernel32

Sections

.text Size: 132KB - Virtual size: 131KB

.text
Size: 132KB - Virtual size: 131KB