2f1fdd2b31f1ab3d161e101ef7046d63_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2f1fdd2b31f1ab3d161e101ef7046d63_JaffaCakes118
Size

560KB
MD5

2f1fdd2b31f1ab3d161e101ef7046d63
SHA1

aa1639aa922a43642c3176211ad5943c93e71a58
SHA256

c328449bbbc75efaafddc2b48f0cf1e182c9c4a1097e925ee471f80abf26869d
SHA512

465f47e98293c8ae9f17f6b72a8741dbb8b1a02e4632031d8ed80dd18254a929fbe73933061281e527eee35134feac386e5424b8037ff250733efcd69fb77a77
SSDEEP

12288:SLxBObCOQspPN8b81+Y9RoRAmDUJshbOD2D7rI/N9:0XO5QCPkseRAmgQOo701

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f1fdd2b31f1ab3d161e101ef7046d63_JaffaCakes118

Files

2f1fdd2b31f1ab3d161e101ef7046d63_JaffaCakes118
.exe windows:4 windows x86 arch:x86

559516c4d3b701dec92c6ece366a5a29

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\kekqsjteo.pdb

Imports

comctl32

ImageList_GetImageCount
ImageList_LoadImageW
ImageList_Read
CreateMappedBitmap
InitCommonControlsEx
CreateStatusWindowW
ImageList_SetFlags
CreateToolbar
DrawStatusTextW

advapi32

CreateServiceA
CryptDestroyKey
RegOpenKeyExW
RegQueryInfoKeyA

shell32

SHEmptyRecycleBinW

user32

PostThreadMessageA
DdeSetQualityOfService
DrawTextA
GetMenuDefaultItem
DdeFreeDataHandle
ShowScrollBar
GetGUIThreadInfo
DestroyWindow
GetAncestor
SetMenuItemInfoW
DefWindowProcW
CreateWindowStationW
GetTopWindow
MessageBoxExA
CloseClipboard
SetWindowLongW
ChangeDisplaySettingsExA
RegisterClassA
RegisterClassExA
CopyAcceleratorTableA
CharLowerBuffA
BlockInput
MessageBoxW
DdeGetData
ShowWindow
DrawStateW
WINNLSEnableIME
DefWindowProcA
CreateWindowExW
FindWindowExW

kernel32

GetStringTypeA
FileTimeToSystemTime
lstrlenA
TerminateProcess
SetLastError
HeapDestroy
OpenEventA
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetLocalTime
CloseHandle
InterlockedIncrement
GetModuleHandleA
GetSystemInfo
LoadLibraryA
GetSystemTime
TlsSetValue
HeapAlloc
DeleteFileW
LeaveCriticalSection
GetCommandLineW
GetCurrentThread
SetEnvironmentVariableA
GetConsoleTitleA
SetConsoleActiveScreenBuffer
GetStdHandle
SetConsoleCursorInfo
InterlockedDecrement
CompareStringA
GetThreadContext
FoldStringW
GetLastError
GetCurrentDirectoryW
ResumeThread
HeapFree
TryEnterCriticalSection
CompareStringW
GlobalReAlloc
GetStringTypeW
EnumCalendarInfoA
CreateMailslotA
GetTickCount
GetStartupInfoW
FileTimeToLocalFileTime
GetEnvironmentStrings
WriteConsoleOutputAttribute
TlsFree
HeapReAlloc
ReadFile
LoadModule
GetCurrentProcessId
IsValidLocale
GetFileTime
SetStdHandle
GetCommandLineA
GetModuleFileNameA
EnumResourceLanguagesW
SetFilePointer
GetStringTypeExW
LCMapStringW
QueryPerformanceCounter
MultiByteToWideChar
SetUnhandledExceptionFilter
SetCurrentDirectoryW
LCMapStringA
GetEnvironmentVariableW
GetCurrentThreadId
GetFileType
FormatMessageA
GetCPInfo
GetThreadLocale
WriteFile
FoldStringA
GetModuleFileNameW
SetThreadLocale
CreateProcessA
VirtualQuery
SetConsoleCursorPosition
SetHandleCount
lstrcatA
VirtualAlloc
IsBadWritePtr
GlobalCompact
EnterCriticalSection
MapViewOfFileEx
FlushFileBuffers
CreateMutexA
TlsGetValue
GetProcAddress
FindFirstFileW
FreeEnvironmentStringsW
WideCharToMultiByte
LocalReAlloc
OpenMutexA
DeleteCriticalSection
RtlUnwind
EnumSystemLocalesW
VirtualFree
InitializeCriticalSection
GetProcessAffinityMask
GetEnvironmentStringsW
SetLocalTime
TlsAlloc
LocalSize
InterlockedExchange
GetDiskFreeSpaceExA
FreeEnvironmentStringsA
FindResourceW
GetDateFormatA
RemoveDirectoryW
GetCurrentProcess
ExitProcess
HeapCreate
SetSystemTime
UnhandledExceptionFilter
GetVersion
GetStartupInfoA

comdlg32

GetOpenFileNameW

wininet

GopherGetLocatorTypeW
InternetCheckConnectionW
InternetTimeToSystemTimeW
FindNextUrlCacheEntryA

Sections

.text
Size: 156KB - Virtual size: 153KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 253KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

559516c4d3b701dec92c6ece366a5a29

Headers

File Characteristics

PDB Paths

Imports

comctl32

advapi32

shell32

user32

kernel32

comdlg32

wininet

Sections

.text Size: 156KB - Virtual size: 153KB

.rdata Size: 256KB - Virtual size: 253KB

.data Size: 108KB - Virtual size: 129KB

.rsrc Size: 36KB - Virtual size: 34KB

.text
Size: 156KB - Virtual size: 153KB

.rdata
Size: 256KB - Virtual size: 253KB

.data
Size: 108KB - Virtual size: 129KB

.rsrc
Size: 36KB - Virtual size: 34KB