2dda811383bc20124f67d8d9d64f7e4f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2dda811383bc20124f67d8d9d64f7e4f_JaffaCakes118
Size

302KB
MD5

2dda811383bc20124f67d8d9d64f7e4f
SHA1

c9263b6b1d79058e3a87fb778f60220a82c3d342
SHA256

8873dfec2fe10364bbe0b7f03f72de658739445e98971b638f8267e3d10cb971
SHA512

002617e9233f451760774b20ea53f85fb219524cd5d7cba080f94736fa4d7fc691c1265c66b4b0cd7d0c3ea94fda37a2be76965b718c2365fec52d3e5c2b47eb
SSDEEP

6144:idsJmcTXVvn6/kjFmdeQABOaAqPbJ6xRqe9iRnEx0oG:64xdjgeLBPAq0D1iRd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2dda811383bc20124f67d8d9d64f7e4f_JaffaCakes118

Files

2dda811383bc20124f67d8d9d64f7e4f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

7391535cbeb3421aeecfe003a69c70c2

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

k:\eddgwafmdo\amv.PDB

Imports

kernel32

GetSystemTimeAsFileTime
GetCurrentThread
GetStartupInfoA
HeapReAlloc
GetCurrentThreadId
GetCommandLineW
UnhandledExceptionFilter
SetStdHandle
LCMapStringW
CreateMutexA
TlsAlloc
GetSystemInfo
QueryPerformanceCounter
GetModuleHandleA
DeleteCriticalSection
GetStringTypeW
WideCharToMultiByte
CompareStringW
GetLastError
HeapSize
GetStdHandle
GetModuleHandleW
VirtualQuery
TlsFree
HeapFree
GetSystemDefaultLangID
GetStringTypeA
GetLocaleInfoA
VirtualProtect
GetProcAddress
LCMapStringA
GetTimeZoneInformation
LoadLibraryA
GetCurrentProcessId
GetStartupInfoW
GetUserDefaultLCID
GetOEMCP
RtlUnwind
WriteFile
OpenMutexA
GetTickCount
GetLocaleInfoW
GetCPInfo
SetLastError
GetEnvironmentStringsW
VirtualAlloc
LeaveCriticalSection
TlsGetValue
SetHandleCount
InitializeCriticalSection
SetFilePointer
CloseHandle
HeapDestroy
GetCurrentProcess
FillConsoleOutputCharacterW
GetEnvironmentStrings
GetCommandLineA
IsValidLocale
IsValidCodePage
InterlockedExchange
VirtualFree
TlsSetValue
GlobalGetAtomNameW
IsBadWritePtr
GetModuleFileNameW
HeapCreate
GetVersionExA
SetEnvironmentVariableA
HeapAlloc
ReadFile
GetTimeFormatA
FreeEnvironmentStringsW
GetModuleFileNameA
GetDateFormatA
EnumSystemLocalesA
MultiByteToWideChar
ExitProcess
GetFileType
TerminateProcess
GetACP
CompareStringA
FreeEnvironmentStringsA
EnterCriticalSection
FlushFileBuffers

comctl32

ImageList_SetFlags
ImageList_Create
CreatePropertySheetPageA
ImageList_ReplaceIcon
InitCommonControlsEx
DrawInsert
ImageList_GetDragImage
DrawStatusTextA
CreateStatusWindow
ImageList_AddIcon
ImageList_BeginDrag
ImageList_DragMove
DestroyPropertySheetPage
MakeDragList
CreatePropertySheetPage

user32

TranslateAccelerator
CreateWindowExA
DestroyWindow
CreateCaret
GetClassNameW
RegisterClassExA
ShowWindow
CascadeChildWindows
InsertMenuItemA
DestroyAcceleratorTable
MessageBoxW
DefWindowProcA
RegisterClassA
MapVirtualKeyW

Sections

.text
Size: 173KB - Virtual size: 173KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 85KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7391535cbeb3421aeecfe003a69c70c2

Headers

File Characteristics

PDB Paths

Imports

kernel32

comctl32

user32

Sections

.text Size: 173KB - Virtual size: 173KB

.rdata Size: 24KB - Virtual size: 40KB

.data Size: 85KB - Virtual size: 85KB

.rsrc Size: 18KB - Virtual size: 18KB

.text
Size: 173KB - Virtual size: 173KB

.rdata
Size: 24KB - Virtual size: 40KB

.data
Size: 85KB - Virtual size: 85KB

.rsrc
Size: 18KB - Virtual size: 18KB