2e95c6525d884ef2146b387576e2cb54_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2e95c6525d884ef2146b387576e2cb54_JaffaCakes118
Size

467KB
MD5

2e95c6525d884ef2146b387576e2cb54
SHA1

d0bd72ce64ef7a93eea434fa0f7ecf95b84642c8
SHA256

3d86e7bdded4f89f2a6959729ec550bd63f9047f84ebb31bee066c59cfeed9ca
SHA512

1e6f7cd6ad8b9a14c51137527620afb88e9a0327277978beaf5e93a481375c2e502254625937a068ae38e3ea8a26dbfdbabc10740024b507dcc9ad798cef0f21
SSDEEP

12288:GxlD7HFjJ+V9KKSCOTE0k4aLuXuz9f4IcZXR7Ot:GbD7HFjJk2RIzuXuz6IcZXR6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e95c6525d884ef2146b387576e2cb54_JaffaCakes118

Files

2e95c6525d884ef2146b387576e2cb54_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1e11cda5987a459acd5cdacc6f040e4e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx
DrawStatusText
ImageList_AddIcon
ImageList_DrawEx
CreateToolbar
ImageList_SetDragCursorImage

advapi32

RegOpenKeyExW
AbortSystemShutdownW
CryptDestroyKey
CryptSetHashParam
CryptGenRandom
CryptGetDefaultProviderW
RegQueryValueExA
RegDeleteKeyA
GetUserNameW
RegSetKeySecurity
CryptSetProviderExA
InitiateSystemShutdownW
CryptEnumProviderTypesW
RegQueryMultipleValuesW
CryptSetProviderW
LookupSecurityDescriptorPartsA

gdi32

GetObjectW
Pie
SetDIBColorTable
GdiPlayScript
EnumMetaFile
RoundRect
Arc
GetGlyphOutlineW
GetICMProfileA
DeleteDC
CreateDCA
SetDIBitsToDevice
SelectObject
GetDeviceCaps
GetLayout

kernel32

VirtualQuery
GetCPInfo
InterlockedExchange
LCMapStringA
UnhandledExceptionFilter
IsBadWritePtr
HeapDestroy
GetSystemTime
FreeEnvironmentStringsW
CompareStringA
QueryPerformanceCounter
CloseHandle
CompareStringW
GetTickCount
DuplicateHandle
GetProcAddress
TerminateProcess
GetModuleHandleA
DeleteCriticalSection
GetSystemTimeAsFileTime
HeapCreate
InterlockedDecrement
GetStartupInfoA
VirtualAlloc
TlsAlloc
GetLongPathNameA
GetCurrentThread
ReadFile
SetStdHandle
GetLocalTime
OpenMutexA
GetVersion
TlsSetValue
TlsGetValue
FreeEnvironmentStringsA
GetCurrentProcess
GetCurrentProcessId
SetFilePointer
LCMapStringW
InitializeCriticalSection
GetEnvironmentStringsW
GetACP
SetEnvironmentVariableA
GetLastError
GetLocaleInfoA
TlsFree
CreateMutexA
LeaveCriticalSection
GetOEMCP
GetModuleFileNameA
CreateDirectoryExA
GetStringTypeW
VirtualFree
LoadLibraryA
ExitProcess
GetTimeZoneInformation
WideCharToMultiByte
GetFileType
HeapReAlloc
InterlockedIncrement
FlushFileBuffers
SetLastError
GetCommandLineA
GetVersionExW
WriteFile
HeapAlloc
GetWindowsDirectoryW
SetHandleCount
HeapFree
GetStdHandle
EnterCriticalSection
GetEnvironmentStrings
GetCurrentThreadId
MultiByteToWideChar
RtlUnwind
GetStringTypeA

user32

GetSystemMetrics
CreateWindowExA
OemToCharA
MessageBoxW
SetUserObjectSecurity
SetDoubleClickTime
LoadMenuA
GetDC
LoadKeyboardLayoutW
DrawTextA
ShowWindow
SendNotifyMessageW
LoadMenuIndirectW
ReuseDDElParam
IsZoomed
DefWindowProcW
DlgDirListA
TrackPopupMenu
BringWindowToTop
RegisterClassA
RegisterClassExA
DestroyWindow
RemovePropA

Sections

.text
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 255KB - Virtual size: 255KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 102KB - Virtual size: 119KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 31KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1e11cda5987a459acd5cdacc6f040e4e

Headers

File Characteristics

Imports

comctl32

advapi32

gdi32

kernel32

user32

Sections

.text Size: 78KB - Virtual size: 77KB

.rdata Size: 255KB - Virtual size: 255KB

.data Size: 102KB - Virtual size: 119KB

.rsrc Size: 31KB - Virtual size: 30KB

.text
Size: 78KB - Virtual size: 77KB

.rdata
Size: 255KB - Virtual size: 255KB

.data
Size: 102KB - Virtual size: 119KB

.rsrc
Size: 31KB - Virtual size: 30KB