2f23a8a5f5577ecd58af42a131b0ea2a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2f23a8a5f5577ecd58af42a131b0ea2a_JaffaCakes118
Size

212KB
MD5

2f23a8a5f5577ecd58af42a131b0ea2a
SHA1

bef54999c23465d45a83cc72ecf6ac3d57a6084e
SHA256

46097139d106039f34ee278d2b20bf58c0cb1137a854e81b11dff39efeceac75
SHA512

99da6afede153ca52daa189e2be6283a585ffc501c655e99a91f95999e660de466a0c575bb2d5f20d7580948f4e00712a98c48bc7a9779e4562892fd66b7dcb1
SSDEEP

3072:rDnT08u1aExpxTf4Or30a+xC4NYngAgP6UNt49f/NY4ja:rX3UaExp14uka+xChM6U4NY4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f23a8a5f5577ecd58af42a131b0ea2a_JaffaCakes118

Files

2f23a8a5f5577ecd58af42a131b0ea2a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

22fb880a77e29707ac2aed31fbf7f403

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DrawIconEx
GetMenuItemCount
GetMessageA
GetParent
IsDialogMessageA
IsZoomed
LoadIconA
LoadStringA
ReleaseCapture
SendDlgItemMessageA
SetCapture
SetClipboardData
SetWindowPlacement
SetWindowPos
TranslateMessage
WinHelpA

gdi32

CreateDIBSection
CreateDIBitmap
CreatePatternBrush
CreateSolidBrush
DPtoLP
FillPath
GetCurrentPositionEx
GetNearestColor
GetWindowOrgEx
InvertRgn
OffsetWindowOrgEx
PatBlt
PolyDraw
RemoveFontResourceA
SelectClipRgn
SelectObject
SetDIBitsToDevice
SetWorldTransform

kernel32

CreateFileMappingA
CreateProcessW
ExpandEnvironmentStringsA
FileTimeToDosDateTime
FindClose
FindResourceW
GetCurrentDirectoryA
GetDiskFreeSpaceA
GetFileSize
GetShortPathNameA
GetUserDefaultLCID
GetVersionExA
HeapCreate
HeapDestroy
InterlockedIncrement
LCMapStringA
LCMapStringW
ReadFile
RemoveDirectoryA
ResumeThread
SetEvent
SystemTimeToFileTime
TlsAlloc
UnhandledExceptionFilter
WaitForMultipleObjects

shell32

DragAcceptFiles
DragQueryPoint
ExtractIconA
ExtractIconExW
SHBindToParent
SHGetFileInfoA
SHGetFileInfoW
SHGetPathFromIDListA
SHGetSettings
ShellExecuteEx
Shell_NotifyIconW

advapi32

GetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegDeleteValueW
RegEnumKeyExA
RegEnumValueW

comctl32

CreatePropertySheetPageA
CreatePropertySheetPageW
CreateStatusWindowA
CreateToolbarEx
DestroyPropertySheetPage
ImageList_Add
ImageList_Create
ImageList_DragShowNolock
ImageList_EndDrag
ImageList_GetImageCount
ImageList_GetImageInfo
ImageList_LoadImageW
ImageList_SetDragCursorImage
ImageList_SetIconSize
ImageList_SetImageCount
ImageList_SetOverlayImage
InitCommonControlsEx
PropertySheetA
PropertySheetW

Sections

.text
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

ZNQKYR7a
Size: 1KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

22fb880a77e29707ac2aed31fbf7f403

Headers

File Characteristics

Imports

user32

gdi32

kernel32

shell32

advapi32

comctl32

Sections

.text Size: 89KB - Virtual size: 88KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 99KB - Virtual size: 99KB

.rsrc Size: 18KB - Virtual size: 17KB

ZNQKYR7a Size: 1KB - Virtual size: 120KB

.text
Size: 89KB - Virtual size: 88KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 99KB - Virtual size: 99KB

.rsrc
Size: 18KB - Virtual size: 17KB

ZNQKYR7a
Size: 1KB - Virtual size: 120KB