2f04140ada00ef7f4a702e97ca01edde_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2f04140ada00ef7f4a702e97ca01edde_JaffaCakes118
Size

77KB
MD5

2f04140ada00ef7f4a702e97ca01edde
SHA1

b4c68cedd37be5a92c8cda7fc5f52a3e2efd839b
SHA256

576226e5df601527406a08c67ce294db7d5f68d7e30f4e1a4c2f9e061d38278b
SHA512

c998673e9e2be5082c5ff3a7555ac2d0ba687f267b166f1895f4d783a432d68196c8cea500f10a9e81e0da904e3f9609d6a25343609aa31e1d38a34268243aaa
SSDEEP

1536:nVjqCizEXyulXj4joWPFNDpQSsHXo3MoyGI+ehO4Ez+TNH:VjqCizEiuleNNGXsMoydNEzo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f04140ada00ef7f4a702e97ca01edde_JaffaCakes118

Files

2f04140ada00ef7f4a702e97ca01edde_JaffaCakes118
.exe windows:4 windows x86 arch:x86

68227bf8239ebf19fee272236f363411

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

RemoveDirectoryA
CreateFileA
lstrcpyA
SetLastError
GetLastError
VirtualAlloc
Sleep
GlobalFree
GetModuleHandleA
GlobalAlloc
HeapFree
GetProcessHeap
WaitForMultipleObjects
SuspendThread
CreateThread
FreeResource
SizeofResource
LockResource
LoadResource
FindResourceExA
VirtualProtect
VirtualQuery
LocalAlloc
GetFileSize
GetSystemTime
WriteFile
CopyFileA
ReadFile
GetSystemInfo
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
HeapReAlloc
HeapAlloc
GetOEMCP
GetACP
GetCPInfo
RtlUnwind
GetStringTypeW
HeapCreate
HeapDestroy
GetFileType
CloseHandle
LocalFree
VirtualFree
LoadLibraryExW
LoadLibraryA
GetProcAddress
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA

user32

DefWindowProcA
ShowWindow
CreateWindowExA
UpdateWindow
LoadCursorA
RegisterClassExA
GetDC
ReleaseDC
IsWindow
IsWindowEnabled
GetDesktopWindow
SetWindowRgn
GetWindowLongA
LoadIconA

gdi32

CreateCompatibleBitmap
GetDIBits
GetObjectA
CreatePenIndirect
DeleteObject

ole32

CoUninitialize

oleaut32

VariantInit
VariantCopy

lz32

LZClose

Sections

.text
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 324KB - Virtual size: 321KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 401KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

68227bf8239ebf19fee272236f363411

Headers

File Characteristics

Imports

kernel32

user32

gdi32

ole32

oleaut32

lz32

Sections

.text Size: 44KB - Virtual size: 43KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 324KB - Virtual size: 321KB

.rsrc Size: 8KB - Virtual size: 401KB

.text
Size: 44KB - Virtual size: 43KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 324KB - Virtual size: 321KB

.rsrc
Size: 8KB - Virtual size: 401KB