2e6deb732fcb262d5e431a99bc67d84e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2e6deb732fcb262d5e431a99bc67d84e_JaffaCakes118
Size

571KB
MD5

2e6deb732fcb262d5e431a99bc67d84e
SHA1

beebe0efddb0bf996383dbe7bf7e55e2d3dcd29e
SHA256

f56e3fd95843a802d424526273492ec7bf3373ac4a063c4c284bfe615b6b6309
SHA512

a1028959986dabb2621916f5756019a552398b5bc306321f07ca0d3c2f0dda95c3a4c7ba0f3e1dfd1c773e8a915393a7bf1f2a5f16a8301b8c720014810953ab
SSDEEP

12288:r3wtZjtKZV50KVhhIiUi56W+33ZfMSSrVxFOvLXY71vbTky4fbn/FJJIYHXGv5mI:DwzU5lWiUicW+3pfMSkxcvjevbTky4fs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e6deb732fcb262d5e431a99bc67d84e_JaffaCakes118

Files

2e6deb732fcb262d5e431a99bc67d84e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

96ea55e583e52001da018b01f42319bb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

DrawStatusText
InitCommonControlsEx
ImageList_Duplicate

comdlg32

FindTextA
ChooseColorA
PageSetupDlgA

kernel32

TlsGetValue
GetCurrentProcess
OpenMutexA
GetFileType
GetCurrencyFormatW
MapViewOfFile
EnumResourceTypesA
GetCPInfo
ReadConsoleOutputAttribute
InitializeCriticalSection
TlsSetValue
GetCurrentProcessId
GetSystemTime
VirtualFree
GetProcessHeap
GetStartupInfoW
GetLocalTime
GetTickCount
LocalFileTimeToFileTime
FreeEnvironmentStringsA
GetVersion
HeapDestroy
HeapReAlloc
DeleteCriticalSection
SetLastError
LoadLibraryA
WideCharToMultiByte
InterlockedDecrement
SetStdHandle
GetCommandLineW
lstrlenW
GetTimeZoneInformation
SetHandleCount
TlsFree
LCMapStringW
CompareStringA
SetFilePointer
VirtualQuery
SystemTimeToFileTime
GetStringTypeA
GetProcAddress
ReadFile
RtlUnwind
CompareFileTime
GetCurrentThread
ExitProcess
GetProfileIntW
CreateMutexA
GetModuleFileNameW
SetEnvironmentVariableA
GetStringTypeW
TlsAlloc
GetModuleHandleA
ReadConsoleOutputA
OpenSemaphoreA
CloseHandle
UnhandledExceptionFilter
TerminateProcess
VirtualFreeEx
IsBadWritePtr
EnumResourceNamesA
GetSystemTimeAsFileTime
LoadLibraryExA
FlushFileBuffers
GetStartupInfoA
GetModuleFileNameA
GetStdHandle
VirtualAlloc
GetEnvironmentStringsW
LCMapStringA
HeapAlloc
WriteConsoleOutputAttribute
GetEnvironmentStrings
CompareStringW
InterlockedExchange
SetLocaleInfoW
InterlockedIncrement
MultiByteToWideChar
GetCommandLineA
QueryPerformanceCounter
GetLastError
WritePrivateProfileStringA
LeaveCriticalSection
HeapCreate
FreeEnvironmentStringsW
InterlockedExchangeAdd
WriteFile
HeapFree
GetCurrentThreadId
EnterCriticalSection

user32

RegisterClassA
RegisterClassExA
GetIconInfo
GetInputState
UnregisterDeviceNotification
DestroyCursor
ShowWindow
FrameRect
CloseWindowStation
CreateMDIWindowW
DrawIconEx
CreateWindowExA
SetMenuContextHelpId
MessageBoxA
CloseDesktop
IsCharAlphaNumericW

Sections

.text
Size: 296KB - Virtual size: 296KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 80KB - Virtual size: 111KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

96ea55e583e52001da018b01f42319bb

Headers

File Characteristics

Imports

comctl32

comdlg32

kernel32

user32

Sections

.text Size: 296KB - Virtual size: 296KB

.rdata Size: 80KB - Virtual size: 111KB

.data Size: 112KB - Virtual size: 112KB

.rsrc Size: 80KB - Virtual size: 80KB

.text
Size: 296KB - Virtual size: 296KB

.rdata
Size: 80KB - Virtual size: 111KB

.data
Size: 112KB - Virtual size: 112KB

.rsrc
Size: 80KB - Virtual size: 80KB