2e8f7ebde2a1eca1a604d09df91988b9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2e8f7ebde2a1eca1a604d09df91988b9_JaffaCakes118
Size

1.2MB
MD5

2e8f7ebde2a1eca1a604d09df91988b9
SHA1

ca4f266c93b870d8eb148a63e1815a1c9f89d61c
SHA256

91231329e8850d7b2b8c33401fb2f2c7cbab08afdd283061ca8674611f24a144
SHA512

48508449c99135dee636c0a6d3337d687d0ee6ab9f4f23bb4f53aa428debcc42d69964a6da09170079c41c4e9b3cf5baab958f11d623153a6c6fd957ed8b7df0
SSDEEP

24576:hK2t2NrQL4lvmcFXKoAQCGStXoQO+LFv27GX6pbGyr6qJzPIl:45k8lvJF6ozCGStoQP27ppT6oG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e8f7ebde2a1eca1a604d09df91988b9_JaffaCakes118

Files

2e8f7ebde2a1eca1a604d09df91988b9_JaffaCakes118
.exe windows:4 windows x86 arch:x86

4154b42cd2d87a1f313625267e23e7de

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

CreateMappedBitmap
CreateToolbar
ImageList_GetDragImage
CreatePropertySheetPageA
ImageList_SetOverlayImage
CreateUpDownControl
ImageList_DrawEx
ImageList_GetImageInfo
InitCommonControlsEx
ImageList_Copy
ImageList_SetBkColor
ImageList_Create
DrawStatusTextA
ImageList_GetFlags
ImageList_Merge
_TrackMouseEvent
CreateToolbarEx
InitMUILanguage
ImageList_GetImageCount

wininet

FreeUrlCacheSpaceA
InternetInitializeAutoProxyDll
InternetGetCookieA

gdi32

SelectObject
WidenPath
GetDeviceGammaRamp
DeleteDC
FloodFill
SetStretchBltMode
SetWindowExtEx
DeleteObject
CreateBitmapIndirect
SetFontEnumeration
GetObjectW
GetSystemPaletteUse
GetDeviceCaps
GetBkMode
ArcTo
CreateDCW
RectInRegion
ColorMatchToTarget
ExtTextOutA

kernel32

FreeLibrary
EnumSystemLocalesA
CloseHandle
WideCharToMultiByte
FoldStringA
SetUnhandledExceptionFilter
HeapReAlloc
LeaveCriticalSection
QueryPerformanceCounter
CompareStringW
VirtualFree
DeleteCriticalSection
SetEnvironmentVariableA
HeapSize
TlsAlloc
SetHandleCount
DosDateTimeToFileTime
EnumSystemCodePagesW
GetSystemDirectoryA
GetStartupInfoA
CreateMutexA
GetModuleFileNameA
TerminateProcess
SetCurrentDirectoryW
HeapCreate
GetSystemTimeAsFileTime
GetOEMCP
GetCurrentProcessId
GetModuleHandleA
GetTimeZoneInformation
GetThreadPriorityBoost
VirtualAlloc
GetCPInfo
GetLocaleInfoW
GetConsoleCursorInfo
GetFileType
LCMapStringA
SetStdHandle
RtlUnwind
HeapAlloc
OpenMutexA
FreeEnvironmentStringsW
SetLastError
UnhandledExceptionFilter
GetVersionExA
GetDateFormatA
GetConsoleCP
GetCurrentProcess
GetLocaleInfoA
GetConsoleOutputCP
IsDebuggerPresent
MultiByteToWideChar
GetShortPathNameW
Sleep
RtlMoveMemory
ReadFile
ReleaseSemaphore
LoadLibraryW
TlsSetValue
LoadLibraryA
GetACP
GetComputerNameA
GetCommandLineA
FreeEnvironmentStringsA
EnumResourceLanguagesA
TlsFree
EnterCriticalSection
HeapFree
SetConsoleCtrlHandler
CreateFileA
LCMapStringW
InterlockedDecrement
GetTimeFormatA
GetTickCount
WriteFile
GetUserDefaultLCID
IsValidLocale
GetProcessHeap
GetEnvironmentStringsW
InterlockedIncrement
OpenSemaphoreA
EnumDateFormatsExW
SetFilePointer
GetCalendarInfoA
SetConsoleCP
GetStringTypeA
CompareStringA
IsValidCodePage
GetCurrentThread
GetProcAddress
GetModuleFileNameW
GetEnvironmentStrings
HeapDestroy
GetStdHandle
SetCriticalSectionSpinCount
GetConsoleMode
GetCompressedFileSizeW
GetFullPathNameA
CreateWaitableTimerW
GetWindowsDirectoryA
InterlockedExchange
TlsGetValue
FlushFileBuffers
VirtualFreeEx
GetLastError
GetStringTypeW
InitializeCriticalSection
WriteConsoleA
VirtualQuery
ExitProcess
GetCurrentThreadId
WriteConsoleW

shell32

CommandLineToArgvW

advapi32

CreateServiceA
InitializeSecurityDescriptor
GetUserNameA
InitiateSystemShutdownW
RegLoadKeyA
StartServiceA
LookupAccountSidA
RegDeleteValueW
RegSetValueW
RegRestoreKeyW
LookupSecurityDescriptorPartsW
CryptGenKey
ReportEventA
CryptGetDefaultProviderA

user32

DefMDIChildProcW
DialogBoxParamA
DlgDirListComboBoxW
ChildWindowFromPoint
ShowScrollBar
DdeInitializeA
ShowWindow
wsprintfA
GetTitleBarInfo
RegisterClassA
GetScrollRange
OffsetRect
GetClipCursor
GetTabbedTextExtentW
RegisterClassExA
GetWindowTextLengthA
UnloadKeyboardLayout

Sections

.text
Size: 168KB - Virtual size: 165KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 316KB - Virtual size: 312KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 744KB - Virtual size: 759KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4154b42cd2d87a1f313625267e23e7de

Headers

File Characteristics

Imports

comctl32

wininet

gdi32

kernel32

shell32

advapi32

user32

Sections

.text Size: 168KB - Virtual size: 165KB

.rdata Size: 316KB - Virtual size: 312KB

.data Size: 744KB - Virtual size: 759KB

.rsrc Size: 44KB - Virtual size: 43KB

.text
Size: 168KB - Virtual size: 165KB

.rdata
Size: 316KB - Virtual size: 312KB

.data
Size: 744KB - Virtual size: 759KB

.rsrc
Size: 44KB - Virtual size: 43KB