2ef54be4a7553729beef207d7b8afc16_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2ef54be4a7553729beef207d7b8afc16_JaffaCakes118
Size

162KB
MD5

2ef54be4a7553729beef207d7b8afc16
SHA1

3f301634f96ab0a606e58396f35b50457ace0dde
SHA256

e33e1e9eb8177606398d1c3aa3c517b72d88ae5125c0f8e25544f8b24675e395
SHA512

8dee29757b48777ff5e58d6f3202da01c2ef5f2ff3a148f5babbe5729f4f1959817d89d911e5ee7b5896ebfbe6b2f2b925792482dcc14c170ce04a27092bd57c
SSDEEP

3072:6glUrp2Zq27AONN1YFgv5McQkUaZIExBUXWhYK0C4VHD6:6gOrmqUT1nyzaZdrUGhYK0j6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ef54be4a7553729beef207d7b8afc16_JaffaCakes118

Files

2ef54be4a7553729beef207d7b8afc16_JaffaCakes118
.exe windows:5 windows x86 arch:x86

14fda4f37db8e5d83881f6e5dce7878a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

GetOEMCP
GetTempPathW
GetLocalTime
GetDiskFreeSpaceA
GetModuleHandleA
LocalFileTimeToFileTime
DeleteFileW
VirtualProtect
SetFilePointer
GetStartupInfoA
GetSystemTime
GetUserDefaultLCID
GetCPInfo
VirtualFree
GetCommandLineW
LCMapStringW

user32

DestroyIcon
GetFocus
GetIconInfo
GetTopWindow
MessageBeep
UpdateWindow
GetSysColor

msvcrt

log10
exit
__mb_cur_max
__p__fmode
_except_handler3
__setusermatherr
isleadbyte
_get_osfhandle
_initterm
_acmdln
__set_app_type
__p__commode
_XcptFilter
ftell
_adjust_fdiv
__getmainargs

comctl32

ImageList_EndDrag
ImageList_Replace
ImageList_SetOverlayImage
ImageList_GetImageCount
ImageList_Destroy
ImageList_Read
ImageList_LoadImageW
PropertySheetA
ImageList_DragEnter

ole32

CreateItemMoniker
CoLoadLibrary
CoFreeUnusedLibraries
CLSIDFromProgID
CreateStreamOnHGlobal
CoUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
OleIsCurrentClipboard
CoInitialize
CoGetClassObject
CoTaskMemRealloc

oleaut32

VariantClear
SysReAllocStringLen
SysFreeString
SafeArrayGetElement
SafeArrayUnaccessData
LoadTypeLib
SafeArrayPutElement

shell32

DragQueryFile
SHGetSpecialFolderPathA
SHAppBarMessage
ShellExecuteW
SHCreateDirectoryExW
SHGetPathFromIDListW
ShellExecuteExA
DragQueryFileW

advapi32

SetSecurityDescriptorGroup
RegEnumValueW
DeregisterEventSource

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 151KB - Virtual size: 150KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

14fda4f37db8e5d83881f6e5dce7878a

Headers

File Characteristics

Imports

kernel32

user32

msvcrt

comctl32

ole32

oleaut32

shell32

advapi32

Sections

.text Size: 4KB - Virtual size: 4KB

.rdata Size: 151KB - Virtual size: 150KB

.data Size: 6KB - Virtual size: 5KB

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 151KB - Virtual size: 150KB

.data
Size: 6KB - Virtual size: 5KB