2e8efa6ad052131bc4fb736d3a23355f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2e8efa6ad052131bc4fb736d3a23355f_JaffaCakes118
Size

280KB
MD5

2e8efa6ad052131bc4fb736d3a23355f
SHA1

e148cacb84fc6b73d9b0022530a4a0f9ef802b03
SHA256

46952d6fc7ac05f44b7087d51b34f32dede69244093ef7b42a807c059c12560d
SHA512

f55540106e895a0903480fde4bc6118b2c01faef9dc1d6746cb41a4b16c31daf14895cca78c04e34e798a0736a76b4d25e17248e208babe48b122b6b25f436af
SSDEEP

6144:wk6JmE9X+I5e4jG7bPUyp6iMS6VDkCwKGuTu:wk6JmE9uI9iPUyikNKC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e8efa6ad052131bc4fb736d3a23355f_JaffaCakes118

Files

2e8efa6ad052131bc4fb736d3a23355f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

73f5be726ec163a327ab92c5b9e90a55

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

QueryDosDeviceW
VirtualQueryEx
SetCommTimeouts
FreeResource
GetAtomNameA
GetCompressedFileSizeW
GlobalAddAtomW
FlushConsoleInputBuffer
MoveFileW
AreFileApisANSI
SearchPathW
SwitchToFiber
UnmapViewOfFile
SetFileAttributesA
VirtualQuery
FlushFileBuffers
GetCPInfo
GlobalAddAtomA
GlobalFindAtomW
GetBinaryTypeW
GetSystemInfo
SetMailslotInfo
FormatMessageA
SetThreadAffinityMask
CopyFileExW
GetCurrentProcessId
CreateDirectoryExA
DeleteCriticalSection
ExitProcess
GetComputerNameW
SetEvent
GetSystemDirectoryW
GetEnvironmentVariableW
GetThreadPriority
GetLocaleInfoW
QueryDosDeviceA
GetTapeParameters
GetOverlappedResult
WritePrivateProfileStructA
lstrcpyA
GetDiskFreeSpaceExA
EnumResourceLanguagesW
GetUserDefaultLCID
ReadConsoleOutputA
TryEnterCriticalSection
OpenSemaphoreW
GetTempFileNameA
GetLargestConsoleWindowSize
GlobalUnlock
GetStartupInfoA
VirtualFree
GetProcessTimes
EnumCalendarInfoA
GlobalFree
SetLastError
CompareStringA
PulseEvent
GetTapeStatus
GetCommModemStatus
FatalAppExitA
CompareStringW
IsBadWritePtr
WriteConsoleOutputCharacterA
SetHandleCount
EnumSystemCodePagesW
FindCloseChangeNotification
GetTickCount
GetFullPathNameA
WritePrivateProfileSectionA
LoadLibraryExW
DebugBreak
SetProcessShutdownParameters
CreateEventA
lstrcmpiA
ClearCommBreak
GetUserDefaultLangID
GetFileInformationByHandle
SetConsoleOutputCP
_llseek
lstrcatW
SetEnvironmentVariableA
GetThreadContext
RaiseException
PeekNamedPipe
RemoveDirectoryW
CreateMutexW
GlobalDeleteAtom
GetHandleInformation
ReleaseSemaphore
VirtualAlloc
GetModuleHandleA

user32

IsWindowEnabled
ModifyMenuA
GetWindowTextW
GetKeyNameTextW
CreateAcceleratorTableA
keybd_event
SetWindowLongW
GetNextDlgGroupItem
IsWindowVisible

gdi32

RemoveFontResourceW
EnumFontsA
AbortDoc
CreateCompatibleDC
GetCharWidth32W
GetTextExtentPointW
SelectObject
GetCurrentObject
EqualRgn
CreatePalette
RectVisible
ExtEscape

comdlg32

GetSaveFileNameA

advapi32

InitiateSystemShutdownA
CryptSetHashParam
RegCreateKeyW
AddAccessAllowedAce
GetFileSecurityW
AccessCheckAndAuditAlarmW
LogonUserW
GetSecurityDescriptorControl
RegCreateKeyExW
GetPrivateObjectSecurity
NotifyChangeEventLog
RegEnumValueA
GetSidIdentifierAuthority

shell32

SHGetPathFromIDListA
SHLoadInProc
SHGetSettings
ExtractIconExW

oleaut32

SafeArrayGetElement
LoadTypeLibEx
SysAllocStringLen
SysStringLen
SysFreeString

comctl32

ImageList_Merge
ImageList_Replace
ImageList_AddMasked

shlwapi

PathIsURLW
StrCmpW
PathCompactPathExW
SHOpenRegStream2W
PathIsUNCServerW
PathRemoveBlanksA
PathCombineW
SHAutoComplete
PathGetCharTypeA
PathIsRelativeW
UrlCreateFromPathW
StrChrA
PathFileExistsW
PathRemoveBackslashA
SHSetValueA
PathFindFileNameA
StrCpyW
PathParseIconLocationW

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
_acmdln
exit
_XcptFilter
_exit
__getmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode

Sections

.text
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 264KB - Virtual size: 262KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

73f5be726ec163a327ab92c5b9e90a55

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

oleaut32

comctl32

shlwapi

msvcrt

Sections

.text Size: 4KB - Virtual size: 3KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 264KB - Virtual size: 262KB

.text
Size: 4KB - Virtual size: 3KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 264KB - Virtual size: 262KB