2d80d7fe04473fff89114718758ef56a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2d80d7fe04473fff89114718758ef56a_JaffaCakes118
Size

524KB
MD5

2d80d7fe04473fff89114718758ef56a
SHA1

8334debed60a9f0cfb9cc95a8c6f83a46441d0de
SHA256

9e5bbb0b726bb31a25f70a6a276ed20cee2fcabfec898f5079a698bc31626c92
SHA512

0277b16101b129a6af25d5076353b0317fda177d3216af3944d9734a2cbc739455d0e86b9f7d7cf099d94909c798a515eae2d37ca106357694ef2fa7bec46fb2
SSDEEP

6144:t65j6weQzlM8NxGYItV274DeQYVckbfO9OlfrgmjOteM6MuZYT71r1zqWYy:tUpHh9kYID2cDUrbfvlfUHN6M/r1lY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d80d7fe04473fff89114718758ef56a_JaffaCakes118

Files

2d80d7fe04473fff89114718758ef56a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fa10b9b938fa1d108095a1d3e6eed3df

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetFileType
VirtualAlloc
GetDateFormatA
CloseHandle
EnumSystemLocalesA
GetTimeZoneInformation
lstrcpyA
DeleteFiber
GetStringTypeW
GetEnvironmentStrings
GetStartupInfoA
EnterCriticalSection
GetEnvironmentStringsW
MultiByteToWideChar
LeaveCriticalSection
InterlockedExchange
GetStdHandle
GetCurrentThread
GetOEMCP
HeapAlloc
LoadLibraryA
FlushFileBuffers
GetModuleHandleA
GetSystemInfo
SetThreadContext
ReadConsoleA
CompareStringA
GetProcAddress
GetACP
FindResourceExA
HeapSize
FreeEnvironmentStringsA
VirtualFree
HeapReAlloc
GetSystemTimeAsFileTime
TlsAlloc
TlsFree
UnhandledExceptionFilter
GetModuleFileNameA
GetLocaleInfoA
HeapDestroy
HeapFree
WriteProfileSectionA
GetComputerNameW
SetLastError
IsValidCodePage
SetEnvironmentVariableA
ReadFile
DeleteCriticalSection
GetCommandLineA
ExitProcess
GetPrivateProfileStringW
IsBadWritePtr
CompareFileTime
SetHandleCount
EnumSystemCodePagesW
InitializeCriticalSection
TlsGetValue
GetLocaleInfoW
GetCurrentProcessId
WriteProfileStringW
CreateMutexA
OpenMutexA
VirtualLock
IsValidLocale
VirtualQuery
GetSystemTime
GetCurrentProcess
LCMapStringA
GetTimeFormatA
FreeLibraryAndExitThread
VirtualProtectEx
TerminateProcess
WriteFile
VirtualProtect
GetVersionExA
HeapCreate
TlsSetValue
SetFilePointer
GetUserDefaultLCID
LCMapStringW
SetStdHandle
CreateToolhelp32Snapshot
GetVolumeInformationA
FreeEnvironmentStringsW
GetTickCount
GetCPInfo
GetCurrentThreadId
GetStringTypeA
QueryPerformanceCounter
CompareStringW
GetLastError
RtlUnwind
WideCharToMultiByte

comctl32

InitCommonControlsEx

user32

DefFrameProcA
GetWindowPlacement
SendMessageTimeoutA
GetThreadDesktop
CharUpperBuffA
EndDeferWindowPos
ExitWindowsEx
ShowScrollBar
RegisterClassA
GetCursorPos
KillTimer
SetSysColors
WinHelpA
VkKeyScanExW
RegisterClassExA
PaintDesktop
DrawIcon

Sections

.text
Size: 336KB - Virtual size: 336KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 57KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 106KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fa10b9b938fa1d108095a1d3e6eed3df

Headers

File Characteristics

Imports

kernel32

comctl32

user32

Sections

.text Size: 336KB - Virtual size: 336KB

.rdata Size: 57KB - Virtual size: 70KB

.data Size: 106KB - Virtual size: 105KB

.rsrc Size: 23KB - Virtual size: 22KB

.text
Size: 336KB - Virtual size: 336KB

.rdata
Size: 57KB - Virtual size: 70KB

.data
Size: 106KB - Virtual size: 105KB

.rsrc
Size: 23KB - Virtual size: 22KB