2f1866501199953e81924c408a3b3e22_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2f1866501199953e81924c408a3b3e22_JaffaCakes118
Size

26KB
MD5

2f1866501199953e81924c408a3b3e22
SHA1

b3a173906cb2e59c462d2ce11369ab2e5fb8cf0c
SHA256

d65ef0bc265236b81fd29b3f8228f144f5014d29f7073276826595360ab086d8
SHA512

eaee9c1280124837aae74dc2310fba7cddefe9348f804d43752daf796bb5f3ad0e5af42ac86afa0f3914e2456c95173801dc6cae6dff8544f9d4f250fc1db5e1
SSDEEP

384:HPXTa0K9UXd1EWwdH3mx1hZobtbBix9E+9WFJHHyL6Z:HPDafGd1WWPqt69WjSL2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f1866501199953e81924c408a3b3e22_JaffaCakes118

Files

2f1866501199953e81924c408a3b3e22_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e5fc31b96a5a7996af35806e5d89e5d4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__CxxFrameHandler
_adjust_fdiv
free
_purecall
_except_handler3
wcscpy
_initterm
realloc
malloc
wcsncpy
wcsncat
wcslen

advapi32

RegDeleteKeyW
RegCloseKey
RegQueryValueExW
RegDeleteValueW
RegEnumKeyExW
RegQueryInfoKeyW
RegOpenKeyExW
RegCreateKeyExW
RegSetValueExW

user32

CharNextW

ntdll

RtlAdjustPrivilege
NtAllocateVirtualMemory
RtlAddAccessAllowedAce

rpcrt4

RpcStringFreeW

ole32

CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc

kernel32

SizeofResource
lstrlenW
DeleteCriticalSection
LoadResource
GetStartupInfoA
EnterCriticalSection
LeaveCriticalSection
FreeLibrary
lstrlenA
MultiByteToWideChar
FindResourceW
lstrcatW
DisableThreadLibraryCalls
lstrcmpiW
InitializeCriticalSection
lstrcpynW
LoadLibraryExW
GetModuleFileNameW
HeapDestroy
lstrcpyW
InterlockedDecrement
GetLastError

oleaut32

VariantClear

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e5fc31b96a5a7996af35806e5d89e5d4

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

advapi32

user32

ntdll

rpcrt4

ole32

kernel32

oleaut32

Sections

.text Size: 3KB - Virtual size: 2KB

.rsrc Size: 5KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 72KB

.reloc Size: 512B - Virtual size: 28B

.rdata Size: 16KB - Virtual size: 16KB

.text
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 5KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 72KB

.reloc
Size: 512B - Virtual size: 28B

.rdata
Size: 16KB - Virtual size: 16KB