2e837bee49608d3325ffc7b769a6ee64_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2e837bee49608d3325ffc7b769a6ee64_JaffaCakes118
Size

539KB
MD5

2e837bee49608d3325ffc7b769a6ee64
SHA1

8f039401376e76710a6cc2a3bd328d3311804929
SHA256

31969887a5736a9a9251b08b59fc25261629542834a36020e06506c87879cd42
SHA512

4152b7bc2684406e9ac6188b208addcf8740d7c2ed8a56db54b2f88325f44c2c91921486d0879d0acdc4d1cd7a75be684f8108e772579f707091f668c60a209d
SSDEEP

12288:iOYQuCGk/XO3Jekmu/MxXplozu00bxJTqIpp8:iVCnXOgkP+XDIuXbxJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e837bee49608d3325ffc7b769a6ee64_JaffaCakes118

Files

2e837bee49608d3325ffc7b769a6ee64_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5089712b4177779f9ccc0df2fb8a3335

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

InitCommonControlsEx

kernel32

TlsGetValue
QueryPerformanceCounter
ExitProcess
GetSystemTime
HeapCreate
GetCurrentThreadId
DeleteCriticalSection
CompareStringA
GetCommandLineA
GetACP
GetStdHandle
SetEnvironmentVariableA
EnumCalendarInfoExW
VirtualProtect
VirtualAlloc
SetStdHandle
GetVersion
ReadFile
FreeEnvironmentStringsW
VirtualFree
InterlockedIncrement
IsBadReadPtr
GetStartupInfoA
GlobalFlags
EnterCriticalSection
HeapAlloc
HeapFree
CompareStringW
IsBadWritePtr
HeapReAlloc
GetProcAddress
GetTickCount
GetEnvironmentStringsW
TryEnterCriticalSection
GetStringTypeA
SetLastError
ReleaseMutex
LocalShrink
TlsSetValue
RtlUnwind
GetCurrentProcess
TerminateProcess
FlushFileBuffers
MultiByteToWideChar
WideCharToMultiByte
SetFilePointer
TlsAlloc
GetCurrentThread
GetTimeZoneInformation
LCMapStringA
GetOEMCP
GetLocaleInfoA
InterlockedDecrement
GetModuleFileNameA
OpenMutexA
CopyFileExA
InterlockedExchange
GetStringTypeW
InitializeCriticalSection
TlsFree
GetEnvironmentStrings
SetConsoleCursorInfo
CreateMutexA
GetCPInfo
FindNextFileA
CloseHandle
WriteFile
GetFileType
FreeEnvironmentStringsA
UnhandledExceptionFilter
RtlMoveMemory
VirtualQuery
SetHandleCount
WritePrivateProfileSectionA
GetLocalTime
SetConsoleTextAttribute
GetModuleHandleA
HeapDestroy
GetCurrentProcessId
LeaveCriticalSection
LocalFileTimeToFileTime
LoadLibraryA
GetSystemTimeAsFileTime
GetLastError
LCMapStringW

user32

RegisterClassExA
MessageBoxIndirectA
LookupIconIdFromDirectoryEx
RegisterClassA
SetMenuItemInfoW
CharNextExA

Sections

.text
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 359KB - Virtual size: 358KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5089712b4177779f9ccc0df2fb8a3335

Headers

File Characteristics

Imports

comctl32

kernel32

user32

Sections

.text Size: 168KB - Virtual size: 168KB

.rdata Size: 4KB - Virtual size: 24KB

.data Size: 359KB - Virtual size: 358KB

.rsrc Size: 7KB - Virtual size: 6KB

.text
Size: 168KB - Virtual size: 168KB

.rdata
Size: 4KB - Virtual size: 24KB

.data
Size: 359KB - Virtual size: 358KB

.rsrc
Size: 7KB - Virtual size: 6KB