2dad15a8143151cafd7a8509136cc042_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2dad15a8143151cafd7a8509136cc042_JaffaCakes118
Size

352KB
MD5

2dad15a8143151cafd7a8509136cc042
SHA1

fb2be182c9cfc31bc95ed1eea4f76b8c6711dba2
SHA256

f1f6284713d7682745a4af955b7c27caa9890eb21f86c08eeb27013f31f38bee
SHA512

142c40b31bfc8fa000bcddcfe4b127cfe1a1a907849145e35fe834aab469ba8ee3564eb426323f63eb20b5a8dca44c139c8a3c35e3aa1887ce0ccaad9be26154
SSDEEP

6144:VftBxvUARAX1aUmlCWSusMfmYU946bRHmcIyrOYb1GvrlG3n4Mkfyy5UhyTqA9:Vft/Kla8WSuxeP94CRHmZTYb1IrcXEx+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2dad15a8143151cafd7a8509136cc042_JaffaCakes118

Files

2dad15a8143151cafd7a8509136cc042_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0d9a981dc7a9b1b670eb9b70895b4a6e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateNamedPipeW
ReleaseSemaphore
WritePrivateProfileStructA
LocalLock
EnumCalendarInfoA
OpenSemaphoreW
WritePrivateProfileSectionW
CreateWaitableTimerA
SetProcessAffinityMask
FindFirstFileW
WritePrivateProfileStringA
MoveFileExA
RaiseException
lstrcpynA
FillConsoleOutputCharacterA
CreateMutexW
GetDriveTypeA
SetEnvironmentVariableW
VirtualProtect
GetCommandLineA
GetLargestConsoleWindowSize
EnumDateFormatsW
GlobalFree
lstrcatW
GetCommModemStatus
DebugBreak
FlushConsoleInputBuffer
IsBadReadPtr
VirtualAlloc
SetHandleCount
GetFileAttributesA
CreateIoCompletionPort
SetCommTimeouts
GetHandleInformation
SetVolumeLabelA
CompareStringW
FormatMessageW
OpenMutexA
SetEvent
GetModuleHandleA
EnumSystemCodePagesA
FreeLibraryAndExitThread
EnumTimeFormatsW
SetEndOfFile
UnhandledExceptionFilter
lstrcmpiA
GetAtomNameA
OutputDebugStringW
SetCurrentDirectoryA
SetupComm
QueryDosDeviceA
ExitThread
FindCloseChangeNotification
GetDriveTypeW
GetVersionExA
FileTimeToLocalFileTime
ExitProcess

user32

PostThreadMessageA
SetActiveWindow
wvsprintfA
GetClientRect
SetSysColors
RegisterWindowMessageW
MapVirtualKeyExW
EqualRect
GetTabbedTextExtentW
MessageBoxExA
SwitchToThisWindow
UnionRect
EnumDisplayMonitors
ModifyMenuA
InflateRect
OemKeyScan
CreateCursor
GetCaretBlinkTime
ChildWindowFromPoint
KillTimer
GetDCEx
MapVirtualKeyA
EnumWindows
SendMessageTimeoutW
SetMenuItemInfoW
CharPrevA
CharLowerA
GetMenuItemCount
CreateDialogParamA
InsertMenuItemW
RedrawWindow
IsDlgButtonChecked
OemToCharA
ChildWindowFromPointEx
DispatchMessageA
GetNextDlgGroupItem
IsIconic
SetClipboardData
GetQueueStatus

gdi32

OffsetViewportOrgEx
SetWinMetaFileBits

comdlg32

GetSaveFileNameA
ChooseFontA
PageSetupDlgW
ReplaceTextA

advapi32

ReadEventLogW
DeregisterEventSource
RegEnumValueW
LogonUserA
CryptDestroyKey
MakeAbsoluteSD
ImpersonateNamedPipeClient
SetFileSecurityA
GetSidSubAuthority
RegOpenKeyW
CopySid
BuildTrusteeWithNameW
SetFileSecurityW
AddAccessDeniedAce
CreateProcessAsUserA
SetSecurityInfo
CryptDeriveKey
GetSecurityDescriptorGroup
RegFlushKey
RegisterEventSourceA
EnumServicesStatusW
CloseEventLog
RegReplaceKeyW
RegisterEventSourceW
GetUserNameW
ReportEventA
StartServiceA
CryptImportKey
OpenProcessToken
MapGenericMask
RegConnectRegistryA
EnumServicesStatusA
RegLoadKeyA

ole32

GetClassFile
OleQueryLinkFromData
CoLockObjectExternal
OleGetIconOfClass
IIDFromString

oleaut32

QueryPathOfRegTypeLi
SysAllocStringLen
LoadTypeLibEx
SetErrorInfo
VariantCopy
SafeArrayPutElement

shlwapi

PathAddBackslashA
PathUnquoteSpacesA
StrChrA
PathIsRootW
PathStripToRootW
PathAddBackslashW
PathParseIconLocationW
PathQuoteSpacesW

setupapi

SetupDiGetClassDevsExA
SetupIterateCabinetA
SetupDiDestroyDeviceInfoList
SetupDiBuildClassInfoList
SetupInitDefaultQueueCallback
SetupDiCallClassInstaller
SetupGetIntField
SetupPromptReboot

Sections

.text
Size: 292KB - Virtual size: 288KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

0d9a981dc7a9b1b670eb9b70895b4a6e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

ole32

oleaut32

shlwapi

setupapi

Sections

.text Size: 292KB - Virtual size: 288KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 48KB - Virtual size: 45KB

.text
Size: 292KB - Virtual size: 288KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 48KB - Virtual size: 45KB