2ed9d81a4eed8712ab6c4458a0c28a0c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2ed9d81a4eed8712ab6c4458a0c28a0c_JaffaCakes118
Size

316KB
MD5

2ed9d81a4eed8712ab6c4458a0c28a0c
SHA1

c4aff4abb7204f4cf0b1bf373195d3e7206d1924
SHA256

b511634837b77ff6cb113cd573576137018f2637b54559ac42b65f522f713d58
SHA512

6f985f5fcfaec3e849bf1864bac2cef45aae0b38e5b3bf0bdd6e91409ea11a41fb9ca3eefa8b28b898702e46624445fcd387b124ef15aab91aec4234715c4593
SSDEEP

6144:SSJIJNvY3tUPHyDXHvABd09f3SMSjoQQeFqa7DcjW0Tq:S+ILwdUPSDXYBdSf3S2QrhS5q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ed9d81a4eed8712ab6c4458a0c28a0c_JaffaCakes118

Files

2ed9d81a4eed8712ab6c4458a0c28a0c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d238f219356747dd1392708b3cf5b3d1

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnumCalendarInfoW
WriteProfileStringA
CreateEventA
GetDriveTypeA
SetCurrentDirectoryW
GetFileAttributesW
GetCommandLineA
GetVersionExA
VirtualProtect
ExitProcess

user32

GetClassNameW
GetWindowInfo
VkKeyScanW
FlashWindow
GetMenuItemID
GetParent
CheckDlgButton
CopyImage
SetClipboardData
BringWindowToTop
GetScrollRange
GetWindowDC
GetNextDlgTabItem
DrawMenuBar
ScrollDC
wsprintfA
EnumDesktopWindows
GetUserObjectSecurity
SetWinEventHook
AppendMenuA
SetActiveWindow
MessageBeep
CreateDialogIndirectParamW
GetAncestor
SetMenuItemInfoW
HideCaret
SetPropW
GetKeyNameTextW
RegisterClipboardFormatW
MessageBoxExA
LoadMenuA
MenuItemFromPoint
OpenWindowStationA
PtInRect
IsRectEmpty
EndPaint
DrawStateW
CallWindowProcW
SetWindowTextW
RemoveMenu

gdi32

GetTextMetricsW
GetFontData
CreateBitmap
SetPaletteEntries
CreateFontIndirectA
SetPixelFormat
GetViewportOrgEx
Rectangle
PlayEnhMetaFileRecord
DeleteDC
GetTextExtentPoint32A
GetMapMode
MaskBlt
ExtTextOutW
EnumFontFamiliesExW
SetMapperFlags
GetTextExtentPointW
GetNearestColor
StartDocA

advapi32

CreatePrivateObjectSecurity
AllocateLocallyUniqueId
GetSecurityDescriptorControl
RegDeleteKeyW
CryptHashData
AccessCheck
EnumDependentServicesA
FreeSid
LookupPrivilegeValueW
ImpersonateNamedPipeClient
AccessCheckAndAuditAlarmA
OpenEventLogW
NotifyBootConfigStatus
GetNamedSecurityInfoW
CryptVerifySignatureA

shell32

FindExecutableW
ShellAboutW
ExtractAssociatedIconA
CommandLineToArgvW
DoEnvironmentSubstW
SHLoadInProc

ole32

OleQueryLinkFromData
CoGetObject
CoResumeClassObjects
OleCreate
OleSetMenuDescriptor

oleaut32

SafeArrayUnaccessData
SysAllocString
VariantClear
QueryPathOfRegTypeLi
SafeArrayCreate
GetErrorInfo
SafeArrayRedim
CreateErrorInfo
VariantChangeType

comctl32

ImageList_SetImageCount
ImageList_DragMove
ImageList_Duplicate
ImageList_GetBkColor

shlwapi

SHDeleteValueW
PathStripToRootA
SHQueryValueExW
PathIsDirectoryEmptyW

setupapi

SetupDiSetDeviceInstallParamsA
SetupDiGetDeviceInterfaceDetailW
SetupScanFileQueueA
SetupOpenAppendInfFileW
SetupGetTargetPathW
SetupDiSetSelectedDriverW

Sections

.text
Size: 268KB - Virtual size: 267KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

d238f219356747dd1392708b3cf5b3d1

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

setupapi

Sections

.text Size: 268KB - Virtual size: 267KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 40KB - Virtual size: 39KB

.text
Size: 268KB - Virtual size: 267KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 40KB - Virtual size: 39KB