2db185554ca1bb9896477eb6397d54c8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2db185554ca1bb9896477eb6397d54c8_JaffaCakes118
Size

100KB
MD5

2db185554ca1bb9896477eb6397d54c8
SHA1

47a71a95ef3fcfb37bedd725a277ce6f3ebc3309
SHA256

5dc94016bc01bec4745bb2222a1b931d90e9953507a1100835506b3669fb9f17
SHA512

f395fc433078fbb47a9270ffc83f389a41b037e3cd21063fbd035dbb54a5f8b389ac98dcc76cf9f782d67227fc24cf7a2cac14953c91e06b202bcaac5622b8cc
SSDEEP

1536:dguyBIo3E0r412ooXZ+UplaUVl2MLBPcyE1NZtPo0:dUB53EMi2ooXcUplX0QlcyE1NZtPo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2db185554ca1bb9896477eb6397d54c8_JaffaCakes118

Files

2db185554ca1bb9896477eb6397d54c8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a212fb00727b313188e044527b850ddf

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

_llseek
CloseHandle
ReleaseMutex
GetLastError
CreateMutexA
GetPrivateProfileIntA
SetStdHandle
SetFilePointer
ReadFile
LoadLibraryA
GetProcAddress
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
WriteFile
GlobalAlloc
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetDriveTypeA
GetCurrentDirectoryA
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
LocalAlloc
LocalFree
OpenFile
GlobalReAlloc
GetModuleFileNameA
GlobalFree
_lclose
GlobalLock
_lread
GlobalUnlock
GetPrivateProfileStringA
GetVersionExA
SetCurrentDirectoryA
WinExec
RtlUnwind
HeapDestroy
GetEnvironmentVariableA
GetOEMCP
GetACP
GetCPInfo
ExitProcess
HeapFree
GetFullPathNameA
HeapAlloc
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
FlushFileBuffers

user32

PostMessageA
GetClassNameA
ShowWindow
EnumWindows
CreateWindowExA
SetFocus
LoadBitmapA
SendMessageA
MessageBeep
LoadIconA
LoadCursorA
LoadImageA
RegisterClassExA
RegisterClassA
DialogBoxParamA
DefDlgProcA
EndDialog
BeginPaint
EndPaint
SetRect
GetWindowLongA
AdjustWindowRectEx
GetDesktopWindow
GetWindowRect
SetWindowPos
SetWindowTextA

gdi32

PatBlt
SetDIBitsToDevice
CreatePalette
GetStockObject
SelectPalette
RealizePalette
SetStretchBltMode
DeleteObject

shell32

ShellExecuteA
SHGetFileInfoA
SHChangeNotify

winmm

PlaySoundA

Sections

.text
Size: 28KB - Virtual size: 25KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a212fb00727b313188e044527b850ddf

Headers

File Characteristics

Imports

kernel32

user32

gdi32

shell32

winmm

Sections

.text Size: 28KB - Virtual size: 25KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 17KB

.rsrc Size: 52KB - Virtual size: 49KB

.text
Size: 28KB - Virtual size: 25KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 17KB

.rsrc
Size: 52KB - Virtual size: 49KB