2edf40dd3b452953e2072f4de92f2ce8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2edf40dd3b452953e2072f4de92f2ce8_JaffaCakes118
Size

447KB
MD5

2edf40dd3b452953e2072f4de92f2ce8
SHA1

5d7c481da18f1f94beb6fbfb075fe5a09ee5ed9c
SHA256

a42f43c24b82cb11095db272d31569b13286f7ae319c6e7009b41ac0753dfee6
SHA512

d4ba9310797079acf9d7f04d1e20e8c4f9235b3090b80d81748558cea831b3ecd86c54733823b35c62a69650df435590797c763b1edde841c781b1009f48d23e
SSDEEP

6144:pL2fOsLqmOKGD8jJX3p73cP2FrSS4vD6hmXa/CnXss6UCTktSdx3AJ7g5:luOKGD8r3vFcvwmXMs6HTktwx2c5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2edf40dd3b452953e2072f4de92f2ce8_JaffaCakes118

Files

2edf40dd3b452953e2072f4de92f2ce8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9e108d7d22d2588412e1ffffd72c7315

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shell32

SHInvokePrinterCommandA

comdlg32

PageSetupDlgA
GetSaveFileNameA

kernel32

SetEnvironmentVariableA
LeaveCriticalSection
GetStringTypeW
TerminateProcess
LoadLibraryA
RtlUnwind
Sleep
GetModuleHandleA
IsDebuggerPresent
GetLastError
MultiByteToWideChar
SetUnhandledExceptionFilter
FreeEnvironmentStringsA
HeapReAlloc
FreeLibrary
GetVersionExA
TlsGetValue
GetProcAddress
GetTickCount
TlsFree
GetTimeZoneInformation
LCMapStringA
IsValidCodePage
GetProcessHeap
QueryPerformanceCounter
InitializeCriticalSection
GetCurrentProcessId
SetHandleCount
HeapSize
HeapDestroy
TlsSetValue
GetUserDefaultLCID
GlobalAddAtomW
GetStringTypeA
GetCurrentThreadId
WideCharToMultiByte
InterlockedExchange
VirtualFree
InterlockedDecrement
FreeEnvironmentStringsW
GetDateFormatA
HeapCreate
GetCurrentThread
GetCommandLineA
GetOEMCP
VirtualQuery
CompareStringW
FoldStringA
GetACP
GetEnvironmentStringsW
EnterCriticalSection
WriteConsoleOutputW
VirtualAlloc
CreatePipe
SetConsoleCtrlHandler
HeapFree
CompareStringA
HeapAlloc
LCMapStringW
RemoveDirectoryA
OpenEventA
IsValidLocale
TlsAlloc
FillConsoleOutputCharacterW
GetSystemTimeAsFileTime
GetCurrentProcess
GetLocaleInfoA
GetCPInfo
DeleteCriticalSection
WriteFile
GetFileType
InterlockedIncrement
GetStartupInfoA
GetTimeFormatA
GetModuleFileNameA
EnumSystemLocalesA
SetLastError
UnhandledExceptionFilter
ExitProcess
WriteConsoleInputW
GetStdHandle
GetEnvironmentStrings
GetLocaleInfoW

gdi32

CreateSolidBrush
EqualRgn
ExtFloodFill
CreatePatternBrush

user32

LoadStringA
MapWindowPoints
DdeQueryNextServer
FindWindowA
CreateAcceleratorTableA
PtInRect
SetKeyboardState
UnloadKeyboardLayout
GetWindowRgn
SetCursorPos
IsMenu
GetNextDlgTabItem
GetDlgCtrlID
LoadMenuIndirectA
ShowScrollBar
CreateIconFromResource
CreateMenu
InternalGetWindowText
EnumThreadWindows

Sections

.text
Size: 144KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 280KB - Virtual size: 280KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9e108d7d22d2588412e1ffffd72c7315

Headers

File Characteristics

Imports

shell32

comdlg32

kernel32

gdi32

user32

Sections

.text Size: 144KB - Virtual size: 144KB

.rdata Size: 8KB - Virtual size: 40KB

.data Size: 280KB - Virtual size: 280KB

.rsrc Size: 13KB - Virtual size: 12KB

.text
Size: 144KB - Virtual size: 144KB

.rdata
Size: 8KB - Virtual size: 40KB

.data
Size: 280KB - Virtual size: 280KB

.rsrc
Size: 13KB - Virtual size: 12KB