2eceb087e571c548d88989a8d9490ef3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2eceb087e571c548d88989a8d9490ef3_JaffaCakes118
Size

511KB
MD5

2eceb087e571c548d88989a8d9490ef3
SHA1

3cfcf622974d095764d3ffea1dd3a0b64877b13b
SHA256

4efb3a08ece78df15b091215060d00f3e68ce6c27dd524c5816475de20e2872f
SHA512

052c2e3547811f0739223bcbe95efbf6df6df2a14d33ea426171ba0d0bea5c976c0f0d1294ec615d4e876486bb37ec20fe1e8908fc8d27622f3f203bd5bdce4e
SSDEEP

12288:382L6KGQak92in94Ph8k6oZugH3FBgBYCi9NM:382L6KGQd92inmh16ytrui9NM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2eceb087e571c548d88989a8d9490ef3_JaffaCakes118

Files

2eceb087e571c548d88989a8d9490ef3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2a0d39890547682593c421b842063c72

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

version

GetFileVersionInfoA

gdi32

EnumFontsA
StartPage
AddFontResourceW
PathToRegion
AbortDoc
CreateEnhMetaFileW
Escape
GetStockObject
GetNearestPaletteIndex
GetTextExtentPoint32A

user32

SetScrollPos
GetClassInfoExA
CloseClipboard
GetForegroundWindow
GetWindowRect
FillRect
SendNotifyMessageW
DrawTextA
WinHelpW
IsClipboardFormatAvailable
SetCursorPos
PostMessageW
RegisterDeviceNotificationA
SetParent
CharToOemW
KillTimer
SetWindowsHookExA
InsertMenuW
UnregisterDeviceNotification
PeekMessageW
RegisterHotKey
PostThreadMessageW
GetDC
UnhookWinEvent
InSendMessage
GetCapture
GetKeyboardState

comctl32

ImageList_SetDragCursorImage

kernel32

GetFileAttributesA
WritePrivateProfileSectionW
SetEvent
FreeLibraryAndExitThread
GetPrivateProfileStringA
GetOEMCP
SetConsoleOutputCP
DosDateTimeToFileTime
FlushConsoleInputBuffer
GetProfileStringA
GetACP
CreateDirectoryW
FreeLibrary
FlushFileBuffers
GetEnvironmentStringsW
ExitProcess
SetConsoleCursorPosition
LocalSize
GetDriveTypeW
VirtualLock
SetupComm
GetSystemDirectoryW
FindFirstFileExW
lstrcmpiA
EnumTimeFormatsW

advapi32

LookupAccountNameA
ChangeServiceConfigW
RegQueryInfoKeyA
GetSecurityDescriptorDacl
GetSecurityInfo
RegNotifyChangeKeyValue
GetUserNameW
DeregisterEventSource
LogonUserW
CreateProcessAsUserA
CryptGetProvParam
AdjustTokenPrivileges
RegSetValueExW

Sections

.text
Size: 2KB - Virtual size: 218KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 266KB - Virtual size: 266KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2a0d39890547682593c421b842063c72

Headers

File Characteristics

Imports

version

gdi32

user32

comctl32

kernel32

advapi32

Sections

.text Size: 2KB - Virtual size: 218KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 266KB - Virtual size: 266KB

.rsrc Size: 16KB - Virtual size: 16KB

.text
Size: 2KB - Virtual size: 218KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 266KB - Virtual size: 266KB

.rsrc
Size: 16KB - Virtual size: 16KB