2d4a05cae85990ffd7609f60d21bd656_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2d4a05cae85990ffd7609f60d21bd656_JaffaCakes118
Size

336KB
MD5

2d4a05cae85990ffd7609f60d21bd656
SHA1

60ad6123345c0baf309146ad6d80f9cfab9483fb
SHA256

cc57751fd63742d8b387114d9da91ae37274978d6e8d4cce7db4f3645a449eb6
SHA512

7a54405221b6e73849edeb5e8590d2bfb52753c6d26e8aafa4ac5c2b5ecb8cdfc947f4c513157d0aef43195a8e4c9fa7d3956b803edeb623fa56adba7db22dce
SSDEEP

6144:F4T3eAVqDQ5tHP5NmazijHZpoKitkLvt2NvR4kc7VWpT5//nW84:Ff0qDQL5NpYboCvtQZOVG53W/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d4a05cae85990ffd7609f60d21bd656_JaffaCakes118

Files

2d4a05cae85990ffd7609f60d21bd656_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b5d1ad015c89cd8f13cb88174bc10b8c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpA
LocalSize
GetSystemTimeAsFileTime
SearchPathW
FillConsoleOutputCharacterA
VirtualAllocEx
FindFirstFileExW
GetVersion
ReadFile
UnhandledExceptionFilter
SetEvent
GlobalFlags
GenerateConsoleCtrlEvent
IsDBCSLeadByteEx
LocalAlloc
SetSystemTime
GetUserDefaultLangID
SetFileAttributesA
IsValidLocale
FreeLibrary
GetCommModemStatus
GetBinaryTypeW
IsBadWritePtr
EnumSystemCodePagesW
_hread
CompareStringA
SetConsoleWindowInfo
PrepareTape
SetThreadPriorityBoost
WriteConsoleOutputCharacterA
AreFileApisANSI
lstrcpyA
GetSystemDirectoryW
PeekConsoleInputW
EnumCalendarInfoW
GetStringTypeExW
SetEnvironmentVariableW
FreeResource
FormatMessageW
LoadResource
GlobalFree
SizeofResource
GetPrivateProfileStringA
LocalLock
GetBinaryTypeA
GetVolumeInformationW
CreateDirectoryA
VirtualProtect
GetVersionExA
GetCommandLineA
CompareStringW
ReadConsoleA
ExitProcess

user32

GetGuiResources
GetWindowRgn

comdlg32

FindTextA

advapi32

GetSecurityDescriptorDacl

shell32

SHFileOperationA

ole32

OleInitialize
CoDisconnectObject
WriteClassStg
CoImpersonateClient

oleaut32

SysStringLen
SysAllocStringLen
SafeArrayGetLBound
SafeArrayPutElement
LoadTypeLi
SafeArrayRedim
SafeArrayUnaccessData
SafeArrayGetElement

comctl32

ImageList_Destroy

shlwapi

StrRetToStrW
StrCmpNIW
StrChrW
PathIsRelativeW
StrRetToBufW
AssocQueryKeyW
PathIsUNCW
SHRegGetBoolUSValueW
PathQuoteSpacesW
StrCpyW

setupapi

SetupDiGetDeviceRegistryPropertyW

Sections

fyMjp
Size: 300KB - Virtual size: 299KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

UvpJaG
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

nCMbT
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

AVsIHKD
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b5d1ad015c89cd8f13cb88174bc10b8c

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

setupapi

Sections

fyMjp Size: 300KB - Virtual size: 299KB

UvpJaG Size: 4KB - Virtual size: 2KB

nCMbT Size: 20KB - Virtual size: 18KB

AVsIHKD Size: 8KB - Virtual size: 5KB

fyMjp
Size: 300KB - Virtual size: 299KB

UvpJaG
Size: 4KB - Virtual size: 2KB

nCMbT
Size: 20KB - Virtual size: 18KB

AVsIHKD
Size: 8KB - Virtual size: 5KB