2f0878e327681f9b248c113806bd14e6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2f0878e327681f9b248c113806bd14e6_JaffaCakes118
Size

288KB
MD5

2f0878e327681f9b248c113806bd14e6
SHA1

6d85d78daefeecb7fae99d3d42888628b43b8287
SHA256

9a933110c3eb468a6cb75cbcbdaa6128e79ccbd5b3ff93a8cc29ce984295e323
SHA512

e7aa35aa4b32552e773cff9e09bd8c5af3191c6e745bfaa155a5ef8f62114723e37a612e5fd089db209279f1a55c24a39cc5d85aeaae44440a70642c9fc6870a
SSDEEP

6144:DKXN8P2IL07mMEE2qzxdx0PN8y1gqe1k9E++ddSeLhZX1j7VjMMdaM/ll6:2M2ILCLn0myF+dMghZX55oMMM/G

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f0878e327681f9b248c113806bd14e6_JaffaCakes118

Files

2f0878e327681f9b248c113806bd14e6_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1d2126ce2c62b485104720099d96bdc4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WriteConsoleW
SetConsoleWindowInfo
SetWaitableTimer
ReadProcessMemory
GlobalAlloc
VirtualAllocEx
CreateRemoteThread
GetLastError
GetProfileIntA
CreateEventW
FlushFileBuffers
GetLogicalDrives
LocalSize
UnlockFile
OpenMutexA
IsDebuggerPresent
CallNamedPipeA
ReadFileScatter
GetProcessVersion
_llseek
CreateDirectoryW
lstrcmpA
InterlockedExchangeAdd
SetThreadIdealProcessor
LocalFree
GetProcessTimes
HeapValidate
UnhandledExceptionFilter
SetErrorMode
CopyFileA
GetCommandLineW
GetACP
GlobalFlags
SetMailslotInfo
CreateIoCompletionPort
GetCommModemStatus
GlobalAddAtomW
FreeLibrary
FlushViewOfFile
BackupRead
FindResourceW
InterlockedCompareExchange
lstrlenW
GlobalLock
GetCompressedFileSizeA
InterlockedIncrement
UpdateResourceA
DeleteCriticalSection
SetConsoleCtrlHandler
ReadFile
WriteTapemark
VirtualFree
OutputDebugStringW
WriteConsoleOutputW
GetCompressedFileSizeW
SetCurrentDirectoryW
VirtualProtect
WinExec
GetCurrentDirectoryA
OpenEventA
SetConsoleOutputCP
OpenMutexW
SetProcessShutdownParameters
GetNamedPipeInfo
ExpandEnvironmentStringsA
GetThreadTimes
_lcreat
GetShortPathNameW
IsBadCodePtr
ConnectNamedPipe
TlsAlloc
EnumCalendarInfoA
FoldStringW
GetFullPathNameW
GlobalSize
PurgeComm
MapViewOfFileEx
GetPrivateProfileStringA
CreateThread
IsValidCodePage
GetWindowsDirectoryA
GetSystemInfo
SetVolumeLabelW
SizeofResource
ReadConsoleW
QueryDosDeviceA
GlobalAddAtomA
GetFileType
SetPriorityClass
IsBadStringPtrA
FileTimeToDosDateTime
ReadConsoleOutputAttribute
GetVolumeInformationA
GetFileSize
DisconnectNamedPipe
OpenSemaphoreA
EnterCriticalSection
HeapAlloc
GetTapePosition
GetCommandLineA
GetVersionExA
LoadLibraryExW
ExitProcess

user32

GetUpdateRect
SendInput
OpenDesktopW
DrawTextExA
GetMessageTime
GetMenuState
GetWindowDC
CharPrevA
SystemParametersInfoW
CreateWindowExW
InvertRect
SendMessageCallbackW
GetWindowRect
DrawTextExW
InternalGetWindowText
SystemParametersInfoA
GetGuiResources
HiliteMenuItem
OemToCharBuffW
SetWindowWord
CreateDesktopA
ChangeDisplaySettingsW
UnregisterClassA
IsDialogMessageW
GrayStringA
GetSysColorBrush
ActivateKeyboardLayout
SetWindowPlacement
wvsprintfW
OemKeyScan
SetWindowsHookExA

gdi32

CreateCompatibleDC
PolyDraw
LineTo
PlayMetaFileRecord

comdlg32

GetSaveFileNameA
GetFileTitleA
ChooseColorA

advapi32

CryptSetHashParam
GetSecurityInfo
DeleteAce
GetPrivateObjectSecurity
LookupAccountSidW
GetSidSubAuthorityCount
EnumDependentServicesA
GetSecurityDescriptorDacl
AdjustTokenPrivileges
InitializeSid
SetNamedSecurityInfoW
CryptDecrypt
RegReplaceKeyW
RegCreateKeyW
CloseServiceHandle
RegSetValueExA
RegUnLoadKeyA
RegisterEventSourceW
AddAccessDeniedAce
IsValidSecurityDescriptor
ReadEventLogW
StartServiceW
CryptDestroyKey
CryptSetProvParam
ObjectCloseAuditAlarmW
CryptDeriveKey
RegQueryInfoKeyA
CryptSetKeyParam
ImpersonateNamedPipeClient
GetNamedSecurityInfoA
BuildTrusteeWithNameW
GetSidSubAuthority
AbortSystemShutdownW
OpenProcessToken
RegRestoreKeyA
CryptAcquireContextA
AddAce

shell32

SHGetMalloc
DragFinish
SHGetFileInfoW
DuplicateIcon

ole32

ReleaseStgMedium
OleCreateFromFile
CLSIDFromString
CoGetObject
StgIsStorageFile
CreateItemMoniker
StgOpenStorageOnILockBytes

oleaut32

VariantChangeType
SysFreeString
SafeArrayCreate

comctl32

ImageList_DrawEx
ImageList_AddMasked

shlwapi

PathIsDirectoryW
PathRemoveArgsW
PathCompactPathExW
StrCatW
UrlGetPartW

Sections

.text
Size: 264KB - Virtual size: 263KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1d2126ce2c62b485104720099d96bdc4

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

Sections

.text Size: 264KB - Virtual size: 263KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 12KB - Virtual size: 8KB

.text
Size: 264KB - Virtual size: 263KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 12KB - Virtual size: 8KB