2d73cf26b13e24d9805181c184fbf627_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2d73cf26b13e24d9805181c184fbf627_JaffaCakes118
Size

316KB
MD5

2d73cf26b13e24d9805181c184fbf627
SHA1

60685a97eae5e772fd594ee019d05f8b1af68f26
SHA256

8bfc746468b11facfcc18ebf48e8e87900bb3b415091e091b0613ed22e75a6b9
SHA512

3314efa08346f0acf45c9e1ca9573e65cee63e7631c7ab54c74fd929da8e9437c616f99bd4a1bc542d281072fe168e01aabbfaa2ad9d3e42f8898b9721a1e28e
SSDEEP

6144:Z0Xc34iOncbT1cUbBZJa1fOLafwDsNsjXTEd2XCmmkD0c:e+OncbaUbpmKafwDnXTxCmmk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d73cf26b13e24d9805181c184fbf627_JaffaCakes118

Files

2d73cf26b13e24d9805181c184fbf627_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5ccc1ccd5538040daefc989213b34adb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLogicalDriveStringsA
lstrlenA
GetCommandLineA
VirtualProtect
SizeofResource
GetVersionExA
GetProfileIntA
WritePrivateProfileSectionA
GetProcessHeap
GetAtomNameA
GlobalReAlloc
ExitProcess
GetEnvironmentStringsW
CreateDirectoryA
ExitThread
GlobalFree
LocalReAlloc
GetConsoleCursorInfo
GetConsoleMode

user32

CreateWindowExA
CharToOemW
ModifyMenuA
FindWindowExW
DeferWindowPos
CharLowerBuffW
EndDialog
SetClassLongW
GetMenuInfo
GetClipboardSequenceNumber
CopyRect
DestroyMenu
LoadBitmapW
IsWindowUnicode
DefMDIChildProcA
GetWindowTextW
EnumDisplayDevicesW
SetScrollPos
ClipCursor
MonitorFromRect
ShowScrollBar
IsCharAlphaNumericA
GetMessageExtraInfo
EmptyClipboard
TrackMouseEvent
FindWindowExA
LoadMenuIndirectW
CopyImage
GetClipboardViewer
ChildWindowFromPointEx
CreateIconFromResource
RegisterDeviceNotificationA
RegisterHotKey
DrawCaption
ChangeMenuW
CallWindowProcA
TabbedTextOutW
GetWindowTextLengthW
TranslateAcceleratorA
GetClipboardFormatNameW
CascadeWindows
GetClientRect
CloseDesktop
DialogBoxIndirectParamA
GetWindowLongW
GrayStringW
IsCharUpperA
DrawFrameControl
GetPropA
SystemParametersInfoA
ShowCaret
FrameRect
GetKeyboardType
LoadAcceleratorsA
SendInput

gdi32

ResizePalette
GetTextCharacterExtra
GetCharWidthA
GetTextMetricsA
GetTextExtentExPointA
EnumEnhMetaFile
SetBitmapBits
EnumFontFamiliesW
SetRectRgn
ModifyWorldTransform
CloseFigure
CreateEllipticRgn
GetPixelFormat
GetPaletteEntries
EnumFontsW
CreatePolygonRgn
GetLayout

comdlg32

GetSaveFileNameW
ChooseColorA

advapi32

RegDeleteKeyW
CreatePrivateObjectSecurity
RegSetValueExA
GetSecurityDescriptorControl
MapGenericMask
ReadEventLogW
PrivilegeCheck
GetExplicitEntriesFromAclW
SetSecurityDescriptorOwner
RegLoadKeyW
OpenThreadToken

shell32

SHAddToRecentDocs
SHLoadInProc
DragAcceptFiles
SHGetSpecialFolderPathA
Shell_NotifyIconA

ole32

CoGetTreatAsClass
OleLockRunning

oleaut32

SafeArrayGetLBound

comctl32

ImageList_DragMove
ImageList_SetImageCount

shlwapi

PathUnquoteSpacesA
PathStripPathW
StrRStrIW
SHCopyKeyW
SHRegOpenUSKeyW
PathGetCharTypeW
PathParseIconLocationW
wnsprintfA
PathRemoveBackslashA
StrToIntExW
UrlCombineW

setupapi

SetupOpenFileQueue
SetupDiGetDeviceInstallParamsW
SetupDiBuildDriverInfoList

Sections

.text
Size: 300KB - Virtual size: 296KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5ccc1ccd5538040daefc989213b34adb

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

setupapi

Sections

.text Size: 300KB - Virtual size: 296KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 8KB - Virtual size: 7KB

.text
Size: 300KB - Virtual size: 296KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 8KB - Virtual size: 7KB