2f186772979421f38f9442f5724fe420_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2f186772979421f38f9442f5724fe420_JaffaCakes118
Size

583KB
MD5

2f186772979421f38f9442f5724fe420
SHA1

dd1526f0ef49b90a4e45e8a0086dea5234365281
SHA256

5b9f14afabf546a540c3341529d1d1bb93fabf508f585d5d0872215dd33376ca
SHA512

ead7d65f1ba4f252766728f2123082323af4ed10a2e4c6a464755d00e3ad9f1d4eb43cde155e5dc9d33cb2b407ce0c7d4dfc862c62dfbefe4240742a70ae4bd6
SSDEEP

12288:AGV3a1cPkCg1Wei7T5ZE+a6TC3zedD1CLsUhglrY8iTKnZ:D3scMCk05ZN6qdD1CLZmziTc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f186772979421f38f9442f5724fe420_JaffaCakes118

Files

2f186772979421f38f9442f5724fe420_JaffaCakes118
.exe windows:4 windows x86 arch:x86

2092fda5249ee32832989f264b0b8ff9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

F:\ELTGO\UOWIEETT.PDB

Imports

kernel32

GetOEMCP
SetHandleCount
GetStringTypeA
GetStdHandle
GetCompressedFileSizeW
GetLocaleInfoW
EnterCriticalSection
GetCurrentThreadId
MultiByteToWideChar
SetStdHandle
CompareStringW
GetTickCount
RtlUnwind
CompareStringA
ExitProcess
UnhandledExceptionFilter
HeapCreate
WideCharToMultiByte
GetModuleFileNameA
GetStartupInfoA
CloseHandle
GetSystemInfo
GetLastError
GetVersionExA
GetCurrentProcess
FlushFileBuffers
DeleteCriticalSection
FreeEnvironmentStringsA
GetCommandLineA
HeapSize
GetTimeZoneInformation
TlsFree
SetLastError
TlsGetValue
HeapDestroy
VirtualFree
GetModuleHandleA
LoadLibraryA
WriteFile
GetFileType
SetFilePointer
GetEnvironmentStrings
HeapAlloc
FreeEnvironmentStringsW
SetEnvironmentVariableA
QueryPerformanceCounter
GetACP
LeaveCriticalSection
InitializeCriticalSection
TlsAlloc
GetDateFormatA
HeapReAlloc
TerminateProcess
GetCurrentThread
LCMapStringW
IsValidLocale
EnumSystemLocalesA
ReadFile
GetLocaleInfoA
GetStringTypeW
IsValidCodePage
GetCPInfo
VirtualAlloc
GetCurrentProcessId
HeapFree
VirtualProtect
VirtualQuery
GetSystemTimeAsFileTime
GetEnvironmentStringsW
LCMapStringA
TlsSetValue
InterlockedExchange
IsBadWritePtr
CreateMutexA
OpenMutexA
GetProcAddress
GetUserDefaultLCID
GetTimeFormatA

shell32

SHGetSpecialFolderPathA

wininet

FtpRemoveDirectoryW
FtpSetCurrentDirectoryW
InternetTimeToSystemTimeA
InternetCreateUrlW
HttpAddRequestHeadersW

comctl32

ImageList_GetDragImage
ImageList_Duplicate
CreateUpDownControl
CreatePropertySheetPageA
InitCommonControlsEx
ImageList_ReplaceIcon
ImageList_GetImageCount
ImageList_BeginDrag
ImageList_LoadImage
ImageList_LoadImageA
ImageList_GetFlags

user32

RegisterClassExA
RegisterClassA
GetMonitorInfoW
GetSystemMenu
GetMenuItemRect
GetMenuState
TranslateAcceleratorA
GetCaretPos
DdeAddData
CheckDlgButton
MessageBeep
SetCursorPos
GetWindowRgn
RegisterClipboardFormatW

Sections

.text
Size: 374KB - Virtual size: 373KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 103KB - Virtual size: 102KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2092fda5249ee32832989f264b0b8ff9

Headers

File Characteristics

PDB Paths

Imports

kernel32

shell32

wininet

comctl32

user32

Sections

.text Size: 374KB - Virtual size: 373KB

.rdata Size: 60KB - Virtual size: 86KB

.data Size: 103KB - Virtual size: 102KB

.rsrc Size: 45KB - Virtual size: 44KB

.text
Size: 374KB - Virtual size: 373KB

.rdata
Size: 60KB - Virtual size: 86KB

.data
Size: 103KB - Virtual size: 102KB

.rsrc
Size: 45KB - Virtual size: 44KB