2d87ea530cfcf852ed6f193b97afe9ba_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2d87ea530cfcf852ed6f193b97afe9ba_JaffaCakes118
Size

316KB
MD5

2d87ea530cfcf852ed6f193b97afe9ba
SHA1

57deedb88e59e72abbcc444992df82a6a58e1650
SHA256

e1db252048ed0c95beff631a253f5f8afbf807bf6ac2aab36a482eb3e12e0e2b
SHA512

8b53169288155d6267ced7faeed61804322a20110692dfacc944c0a2fecc08f38609ec59749fb0dba6ab9b06c158382b20914c792c4b3227ec2551b61267d3da
SSDEEP

6144:GCQIcRAMh26CetG07D4eNuRaYwQ5zVRJAGiw:l2Q6BIiD4e0Ra3Q5zVRJdi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d87ea530cfcf852ed6f193b97afe9ba_JaffaCakes118

Files

2d87ea530cfcf852ed6f193b97afe9ba_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5781853a948305307cd66120d3192628

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceExW
GetCurrentProcessId
SetWaitableTimer
FindNextFileA
SetPriorityClass
MapViewOfFile
SetFileTime
MapViewOfFileEx
TerminateProcess
lstrcpynW
ExitThread
SetCurrentDirectoryA
lstrcpyW
HeapSize
RemoveDirectoryW
GetStartupInfoA
GetThreadLocale
VirtualQueryEx
EscapeCommFunction
EnumSystemCodePagesA
SizeofResource
BeginUpdateResourceA
CreateDirectoryA
ExpandEnvironmentStringsA
WinExec
SystemTimeToFileTime
GetVolumeInformationA
GetFileType
GetFileAttributesA
SetProcessWorkingSetSize
CancelWaitableTimer
IsDBCSLeadByte
OpenFileMappingA
GetDiskFreeSpaceExA
InterlockedCompareExchange
EnumSystemLocalesA
InterlockedIncrement
GetDateFormatA
ConnectNamedPipe
TryEnterCriticalSection
FindFirstFileExW
WriteFileGather
SearchPathA
LockResource
GetPrivateProfileStructA
MoveFileW
CloseHandle
SetThreadPriorityBoost
GetCurrentDirectoryW
OutputDebugStringW
lstrcatA
EnumCalendarInfoA
InitializeCriticalSectionAndSpinCount
WaitForMultipleObjectsEx
lstrcmpiW
GetStringTypeW
GetSystemDefaultLCID
GetCurrentProcess
GlobalUnlock
QueryPerformanceFrequency
CreateWaitableTimerW
GetPriorityClass
HeapCreate
WriteProfileStringW
DeleteFileA
PulseEvent
ScrollConsoleScreenBufferW
GetDriveTypeW
AreFileApisANSI
FreeLibraryAndExitThread
FlushViewOfFile
GetTapeStatus
CreateEventA
SetCommBreak
VirtualProtect
GlobalAlloc
GetComputerNameA
GetAtomNameW
GetFileAttributesExW
SetCommTimeouts
IsValidCodePage
EraseTape
GetModuleFileNameA
OpenFileMappingW
CreateFileA
ScrollConsoleScreenBufferA
PrepareTape
GetVolumeInformationW
GetSystemTimeAsFileTime
GetLongPathNameW
GetEnvironmentVariableA
GetNumberFormatW
GetCommandLineW
ReadConsoleOutputAttribute
FlushFileBuffers
GetConsoleCursorInfo
CreateThread
ExitProcess
CreateConsoleScreenBuffer
HeapAlloc
LoadResource
WriteConsoleOutputCharacterA
OpenSemaphoreA
TlsSetValue
ReadConsoleA
PurgeComm
SystemTimeToTzSpecificLocalTime
WaitForSingleObjectEx
_llseek
SetMailslotInfo
GetCommandLineA
EnumResourceLanguagesA
GetVersionExA

user32

EmptyClipboard
GetMenuStringA
SendDlgItemMessageW
GetKeyboardLayout
DrawCaption
OpenWindowStationW
ChangeDisplaySettingsA
SetMessageQueue
GetShellWindow
GetUserObjectInformationA
RegisterHotKey
SetMenuItemInfoA

gdi32

GetStretchBltMode
TranslateCharsetInfo
OffsetWindowOrgEx
SetDIBitsToDevice
SetPixelV
Arc
Ellipse
EnumMetaFile
GetPixel
DPtoLP
SetTextJustification
SetSystemPaletteUse
CreateRectRgnIndirect
OffsetClipRgn
ExtFloodFill
DeleteObject
IntersectClipRect
GetCurrentPositionEx
GetTextCharacterExtra
DeleteEnhMetaFile

advapi32

QueryServiceConfigW
RegQueryInfoKeyA
AddAccessAllowedAce
RegOpenKeyA
SetFileSecurityW
CryptGetProvParam
RegSetValueExW
RegisterEventSourceA
GetTokenInformation
LookupAccountSidW
CryptEncrypt

shell32

Shell_NotifyIconA
SHGetPathFromIDListA
DragAcceptFiles

ole32

CoImpersonateClient
MkParseDisplayName
PropVariantClear
CoTaskMemAlloc

oleaut32

RegisterTypeLi
VariantCopyInd
SysAllocStringLen
VariantChangeType
VariantChangeTypeEx
SafeArrayGetElement
CreateErrorInfo

comctl32

DestroyPropertySheetPage
CreateStatusWindowW
ImageList_DrawIndirect
ImageList_Draw

shlwapi

StrFormatKBSizeW
SHRegWriteUSValueW
PathCommonPrefixW
PathCombineA
PathFileExistsA
PathRemoveExtensionW
StrChrIW
wnsprintfW
PathStripToRootW
SHRegGetBoolUSValueW
PathIsURLW
SHCopyKeyW

setupapi

SetupGetLineCountA
SetupPromptReboot
SetupDiCreateDeviceInfoA
SetupDiOpenDeviceInfoW
SetupDiEnumDeviceInterfaces
SetupDiSetSelectedDriverA
SetupInstallFromInfSectionW
SetupDiGetDeviceRegistryPropertyA

Sections

.text
Size: 300KB - Virtual size: 296KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5781853a948305307cd66120d3192628

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

setupapi

Sections

.text Size: 300KB - Virtual size: 296KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 2KB

.text
Size: 300KB - Virtual size: 296KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 2KB