2dd115d54cda5ce2aeea99e9f3753ea7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2dd115d54cda5ce2aeea99e9f3753ea7_JaffaCakes118
Size

317KB
MD5

2dd115d54cda5ce2aeea99e9f3753ea7
SHA1

0c184d0cbeaa4958a59850020b8711732b572994
SHA256

87bb4a1d1fdac77e94241d572fb2bb8d5d13aa8484f8baced78a557e103ddd56
SHA512

589b15276ce4dd4b76ae9babd2ea5aa745cca7e8163901f22741352085dfd1d9b7d03e1cbdf15b9b9e407a88fecf6229719b929c212a9a5a7e47074d85535d2c
SSDEEP

6144:1ceMbDET5rF1hIdcqk3ZqE3C0ksyJAyOeICm8sNS1dGXcyaxWTJ:17MbITRF1hScqy3csn3d81IfaxWT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2dd115d54cda5ce2aeea99e9f3753ea7_JaffaCakes118

Files

2dd115d54cda5ce2aeea99e9f3753ea7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

55dec32509fd7edfb8c146d606a6be19

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

c:\cewutoh\nmdxfevye\ectelqlot\

Imports

kernel32

MultiByteToWideChar
TlsAlloc
SetConsoleCtrlHandler
TlsGetValue
GetLocaleInfoA
EnterCriticalSection
GetSystemTimeAsFileTime
SetEnvironmentVariableA
HeapCreate
GetCPInfo
GetTimeZoneInformation
CloseHandle
TlsFree
UnhandledExceptionFilter
GetLastError
CompareStringW
SetStdHandle
GetEnvironmentVariableW
VirtualFree
GetShortPathNameW
GetModuleHandleA
LCMapStringW
FreeEnvironmentStringsA
GetLocalTime
ExitProcess
GetStdHandle
QueryPerformanceCounter
LeaveCriticalSection
SetLastError
GetCurrentProcess
HeapReAlloc
CompareStringA
GetTickCount
GetStartupInfoW
OpenMutexA
GetProcAddress
HeapFree
SetHandleCount
InterlockedExchange
GetCurrentProcessId
GetCommandLineW
InterlockedIncrement
LocalUnlock
SetFilePointer
InitializeCriticalSection
TlsSetValue
GetVersion
HeapAlloc
GetCommandLineA
GetEnvironmentStrings
FlushFileBuffers
GetModuleFileNameW
VirtualAlloc
MoveFileW
WideCharToMultiByte
GetStringTypeA
IsBadWritePtr
GetSystemTime
GetModuleFileNameA
GetConsoleTitleA
GetUserDefaultLCID
TerminateProcess
GetCurrentThreadId
LCMapStringA
HeapDestroy
GetPrivateProfileStructA
FoldStringA
GetComputerNameA
GetEnvironmentStringsW
LoadLibraryA
SetThreadPriority
ReadFile
CreateMutexA
GetStartupInfoA
RtlUnwind
FreeEnvironmentStringsW
lstrcmp
DuplicateHandle
VirtualQuery
GetCurrentThread
WriteFile
DeleteCriticalSection
lstrcpynA
GetStringTypeW
InterlockedDecrement
OpenFileMappingA
GetFileType

gdi32

CreateEnhMetaFileA
CreateICW
GetDeviceCaps
CreateDCW
DeleteDC
GetObjectW
DrawEscape
DeleteObject
GetNearestColor

comdlg32

GetFileTitleA
PrintDlgA
GetOpenFileNameW

comctl32

ImageList_GetImageCount
InitCommonControlsEx
ImageList_GetImageInfo
ImageList_DrawIndirect
ImageList_GetIconSize

user32

GetKeyboardLayoutNameA
DefWindowProcW
RegisterClassExA
GetCaretBlinkTime
OemToCharA
GetWindowTextLengthA
GetMessagePos
DestroyWindow
CopyRect
GetWindowDC
GetKeyboardState
DdeConnect
RegisterClassA
EnumDisplaySettingsExA
SetWindowPlacement
CharNextA
DispatchMessageW
ShowWindow
ClipCursor
SetWindowsHookA
SetShellWindow
CreateCaret
DrawStateW
CreateWindowExA
MessageBoxA
UnionRect
CloseWindow
CallMsgFilterA
PostMessageA

advapi32

RegSetValueExW
CryptHashSessionKey

Sections

.text
Size: 130KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 57KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

55dec32509fd7edfb8c146d606a6be19

Headers

File Characteristics

PDB Paths

Imports

kernel32

gdi32

comdlg32

comctl32

user32

advapi32

Sections

.text Size: 130KB - Virtual size: 129KB

.rdata Size: 57KB - Virtual size: 61KB

.data Size: 88KB - Virtual size: 88KB

.rsrc Size: 40KB - Virtual size: 40KB

.text
Size: 130KB - Virtual size: 129KB

.rdata
Size: 57KB - Virtual size: 61KB

.data
Size: 88KB - Virtual size: 88KB

.rsrc
Size: 40KB - Virtual size: 40KB