2eec675bd8ff13dfcd86e5c55a23056c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2eec675bd8ff13dfcd86e5c55a23056c_JaffaCakes118
Size

136KB
MD5

2eec675bd8ff13dfcd86e5c55a23056c
SHA1

fc9ce81daf7a7f355c1bcee47c5419aa62ef6fc2
SHA256

21909d469094a1eab194f22ce7e9200dc0c9ec077c88be47cf24db64505a557b
SHA512

a31ad450fad65c8da31ea2ad47c4b9e6fcab6951648eedbbb8b4bf3452e5e0b27592dea679cfec1e9fd826a67dc527e762a692eda511397640b5de53c627d6b1
SSDEEP

3072:cXTsKEhkN/7eiEfFobwfYw3tRO/u7G/7Qe0MG6LX27Nit/CwoF7SI/:cDEfkRw3DO/fqMGyXl9XE7S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2eec675bd8ff13dfcd86e5c55a23056c_JaffaCakes118

Files

2eec675bd8ff13dfcd86e5c55a23056c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

f2cde455a5f7259514329b7d90ca95fa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

FreeEnvironmentStringsW
GetModuleHandleA
GetSystemDirectoryA
LocalFree
SetFileAttributesW
GetStringTypeA
VirtualProtect
LocalAlloc
VirtualQuery
WaitForSingleObject
GetStartupInfoA
GetFileTime

msvcrt

_acmdln
__p__fmode
__getmainargs
_isatty
_controlfp
_XcptFilter
_initterm
_except_handler3
__set_app_type
_strdup
__setusermatherr
__p__commode
exit
_adjust_fdiv
clock
log10
fopen

version

VerLanguageNameA
GetFileVersionInfoA
GetFileVersionInfoSizeW
VerQueryValueW
GetFileVersionInfoW
VerInstallFileA
VerFindFileW

oleaut32

SysReAllocStringLen
SafeArrayGetUBound
SysFreeString
CreateErrorInfo
SafeArrayPutElement
LoadTypeLib
VariantInit
GetErrorInfo
SafeArrayGetElement
SafeArrayRedim
SetErrorInfo
SysAllocStringByteLen

user32

GetLastActivePopup
RemovePropA
TranslateMessage
GetKeyboardType
EndDialog
PtInRect
IsZoomed

comctl32

ImageList_Read
ImageList_BeginDrag
ImageList_AddMasked
CreatePropertySheetPageW
ImageList_GetBkColor
ImageList_Write
ImageList_Remove
InitCommonControls

shell32

SHCreateDirectoryExA
SHGetFolderPathA
ExtractIconExA
SHGetFolderLocation
SHGetSpecialFolderLocation
SHFileOperationA
SHGetSpecialFolderPathW
SHFileOperationW
SHGetSettings

advapi32

LookupPrivilegeValueA
CryptCreateHash
InitializeAcl
QueryServiceStatus
CryptAcquireContextA
RegEnumValueA
InitiateSystemShutdownA

gdi32

GdiFlush
Rectangle
SetStretchBltMode
CreateHatchBrush
EnumFontFamiliesExA
CreateEnhMetaFileA

ole32

OleFlushClipboard
CoUninitialize
CoRegisterMessageFilter
StgOpenStorageOnILockBytes
CoTaskMemRealloc
CoTaskMemAlloc
StringFromCLSID
IIDFromString
StringFromIID

Sections

.text
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 17KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f2cde455a5f7259514329b7d90ca95fa

Headers

File Characteristics

Imports

kernel32

msvcrt

version

oleaut32

user32

comctl32

shell32

advapi32

gdi32

ole32

Sections

.text Size: 18KB - Virtual size: 18KB

.data Size: 17KB - Virtual size: 41KB

.rsrc Size: 99KB - Virtual size: 98KB

.text
Size: 18KB - Virtual size: 18KB

.data
Size: 17KB - Virtual size: 41KB

.rsrc
Size: 99KB - Virtual size: 98KB