2d7819ba28d3e2e8e305ffbcf3b666f8_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2d7819ba28d3e2e8e305ffbcf3b666f8_JaffaCakes118
Size

97KB
MD5

2d7819ba28d3e2e8e305ffbcf3b666f8
SHA1

dbe09490aba957b58a9130a6a9faa8fc28a6bdf1
SHA256

77b64c3047e578a1ccc649979a1bbb992e47dd5b61c00763040a741b03b449f7
SHA512

1a331661b398c4e5a4e20c4bc04aa3d6621298268ca84a1462d300719caf9dcdfa573b471c0dbcaa156e7f4945087dda9849ec067ba102ae7b15fc0574f07390
SSDEEP

1536:invtSWg9lwgn2i289e4lGqVnVMIW8FCX588r9LW1Qxh/QnugFlv:ivrgl28rlGMnVMIW8FCxVW1gUzv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d7819ba28d3e2e8e305ffbcf3b666f8_JaffaCakes118

Files

2d7819ba28d3e2e8e305ffbcf3b666f8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6818e7feb4f8f780c5b5507eb8a71c17

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

Process32First
CreateToolhelp32Snapshot
LCMapStringA
SetEndOfFile
LoadLibraryA
GetProcAddress
GetOEMCP
GetACP
GetCPInfo
SetFilePointer
CreateFileA
ReadFile
FlushFileBuffers
SetStdHandle
HeapReAlloc
VirtualAlloc
HeapAlloc
RtlUnwind
Module32First
HeapDestroy
GetEnvironmentVariableA
GetFileType
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
TerminateProcess
HeapFree
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
GetVersion
GetCommandLineA
GetModuleHandleA
LCMapStringW
Process32Next
GetCurrentProcess
TerminateThread
HeapCreate
CreateThread
GetStdHandle
WriteFile
ReleaseSemaphore
GetExitCodeProcess
GetSystemDirectoryA
GetStartupInfoA
CreateProcessA
ExitProcess
GetLastError
CreateSemaphoreA
WaitForSingleObject
Sleep
OpenEventA
SetProcessShutdownParameters
GetVersionExA
GetCurrentDirectoryA
GetPrivateProfileStringA
CloseHandle
CreateEventA
VirtualFree
SetEvent

user32

CharLowerA
CharUpperA
CharNextA
DialogBoxParamA
EnumWindows
IsWindowVisible
GetWindowThreadProcessId
GetWindowTextA
GetClassNameA
GetDesktopWindow
GetForegroundWindow
MessageBoxExA
MoveWindow
GetDlgCtrlID
GetDlgItem
SendDlgItemMessageA
EndDialog
GetWindowRect
SetTimer
SetWindowTextA
EnableWindow
CheckDlgButton
IsDlgButtonChecked
SetDlgItemTextA
KillTimer
FindWindowA
ShowWindow
SetForegroundWindow
SendMessageA
GetSysColor
DefDlgProcA
LoadIconA
LoadCursorA
RegisterClassExA

gdi32

SetTextColor
CreateFontA
CreateSolidBrush
SetBkMode

advapi32

OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegDeleteKeyA
RegOpenKeyExA
RegCloseKey
RegQueryValueExA
QueryServiceStatus
OpenSCManagerA
OpenServiceA
CloseServiceHandle
ControlService
GetUserNameA

shell32

Shell_NotifyIconA
ShellExecuteA

comctl32

InitCommonControlsEx

Sections

.text
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 569KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 144KB - Virtual size: 144KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6818e7feb4f8f780c5b5507eb8a71c17

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

comctl32

Sections

.text Size: 40KB - Virtual size: 36KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 16KB - Virtual size: 569KB

.rsrc Size: 144KB - Virtual size: 144KB

.text
Size: 40KB - Virtual size: 36KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 16KB - Virtual size: 569KB

.rsrc
Size: 144KB - Virtual size: 144KB