2dcb26d2d0afa7cb011f56ffd3b4a8f6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2dcb26d2d0afa7cb011f56ffd3b4a8f6_JaffaCakes118
Size

320KB
MD5

2dcb26d2d0afa7cb011f56ffd3b4a8f6
SHA1

08063a685c6d6730ef3a7b6966e1a116ffafffd1
SHA256

8b86afd26f33a0e0a36dc0cb8346aa360da7c2226bee77d45ef3e54618fa5f55
SHA512

af8d2d4222c2020e872e7ea38c3b727fe0864448968a8fee65a9aaa4dd0c5206345613716428681d2cb90750bb6c29b42d3b89e41889ead0e73f45d349ff59da
SSDEEP

6144:51UPLj3eHTNVJLZWWdy7F5ClZDM08VPwJRxaEMapVEZSljLrAGC:/UP/ONVJGSZDM5wJRcRac

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2dcb26d2d0afa7cb011f56ffd3b4a8f6_JaffaCakes118

Files

2dcb26d2d0afa7cb011f56ffd3b4a8f6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fc5369166aed30b476f8e8f28e52d4e5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GlobalAddAtomW
CreatePipe
GetCurrentDirectoryW
IsProcessorFeaturePresent
IsValidLocale
LocalSize
GetShortPathNameW
SearchPathW
ConnectNamedPipe
GlobalFlags
FindFirstFileExW
EnumCalendarInfoA
CreateFileW
EnumSystemCodePagesA
FileTimeToLocalFileTime
GetSystemInfo
GetPrivateProfileSectionW
ClearCommBreak
GetCommModemStatus
EnumResourceNamesW
TlsGetValue
VirtualProtect
GetTempFileNameA
ReleaseMutex
OpenSemaphoreW
FindFirstFileA
LoadResource
MoveFileW
DeleteFiber
ReleaseSemaphore
_lread
WriteConsoleOutputCharacterA
lstrcmpiW
FreeEnvironmentStringsA
GetConsoleCursorInfo
EnumDateFormatsW
GetNumberFormatW
GetCPInfo
WritePrivateProfileStringW
PeekConsoleInputW
GlobalAddAtomA
ExpandEnvironmentStringsW
QueryDosDeviceA
GetCommandLineA
GetVersionExA
UnhandledExceptionFilter
ExitProcess

user32

DefDlgProcW
IsCharLowerA
ArrangeIconicWindows
FillRect
GetForegroundWindow
SetDlgItemTextW
ShowScrollBar
DrawTextExA
ScrollDC
SetWindowTextW
MessageBoxW
GetDlgItem
IsZoomed
SendMessageTimeoutW
UnregisterHotKey
GetKeyboardState
CharToOemBuffA
FindWindowW
GetMessageA
AppendMenuW
IsCharAlphaW
GetKeyNameTextW
CharLowerA
EmptyClipboard
RegisterDeviceNotificationA
GetClassLongA
CreateMDIWindowW

gdi32

PaintRgn
SetAbortProc
DeleteObject
GetMapMode
AbortDoc
CreateFontIndirectW
CopyMetaFileA
GetCharWidth32A

advapi32

AddAccessAllowedAce
ControlService
CopySid
RegSetValueW
AllocateLocallyUniqueId
StartServiceCtrlDispatcherA
SetFileSecurityA
CryptDecrypt
CryptEncrypt
RegCreateKeyW
GetFileSecurityW
RegQueryInfoKeyA
AccessCheckAndAuditAlarmA

shell32

SHLoadInProc
SHBrowseForFolderA
SHGetPathFromIDListA
SHGetSpecialFolderPathW

ole32

OleSetMenuDescriptor
CoFreeAllLibraries
OleFlushClipboard
OleSaveToStream
CoUninitialize
RevokeDragDrop

oleaut32

SafeArrayRedim
SysStringLen
SafeArrayGetLBound
VariantChangeType
VariantCopy

comctl32

ImageList_SetBkColor

shlwapi

PathUndecorateW
PathFileExistsW
StrCmpIW
StrCpyNW
PathStripPathA
StrCmpNIA

setupapi

SetupScanFileQueueA
SetupIterateCabinetA

Sections

.text
Size: 300KB - Virtual size: 296KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

fc5369166aed30b476f8e8f28e52d4e5

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

setupapi

Sections

.text Size: 300KB - Virtual size: 296KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 9KB

.text
Size: 300KB - Virtual size: 296KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 9KB