2f1d1834e608c81ce72eb4316f939cea_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2f1d1834e608c81ce72eb4316f939cea_JaffaCakes118
Size

521KB
MD5

2f1d1834e608c81ce72eb4316f939cea
SHA1

395f42022beb315309c9be5aa02eb7e6ed8bfa3a
SHA256

c0bfd4221786974a68876dabe6f93b55076f93ec44a512730c3500eccace391b
SHA512

021c93b10b605622317dcc0a169e0ff2ffa7bcec3a76965491ce16ce0320993e5d9788472e1928a4b125325db54ddb0819a28be024e18d9a12062870c3fa87a1
SSDEEP

12288:/9rIVRsRRUik5WLuIh+EwfuE+d00wIrUolXQD7:/9ryRsRRzk5WLpJXE+e0wk7a

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f1d1834e608c81ce72eb4316f939cea_JaffaCakes118

Files

2f1d1834e608c81ce72eb4316f939cea_JaffaCakes118
.exe windows:4 windows x86 arch:x86

228af545c7556703ddc0e6692a0b6bb8

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

h:\papytm\exh\bjj\txice\tuhufr

Imports

gdi32

GetMetaFileW
GetCurrentPositionEx
SetDIBColorTable
GetCharWidthFloatW
GetBrushOrgEx
StretchDIBits
GetViewportExtEx
LPtoDP
CreateFontA
GetMiterLimit
UpdateColors
GetEnhMetaFileW
Escape
SetPixelFormat
SetDeviceGammaRamp
DPtoLP
FlattenPath
Pie
EnumFontFamiliesA
SetRectRgn

user32

ShowCursor
OemToCharW
SetParent
IsMenu
VkKeyScanExA
DestroyWindow
ReleaseCapture
CallMsgFilterW
GetMenuDefaultItem
GetGUIThreadInfo
GetUpdateRect
PtInRect
RegisterDeviceNotificationW
MonitorFromRect
GetMenuItemInfoA
GetNextDlgTabItem
InvalidateRect
GetClipboardSequenceNumber
ShowWindow
GetClassInfoA
CharLowerW
RegisterClassExA
DlgDirSelectExA
MessageBoxW
DefWindowProcW
RegisterClassA
CreateWindowExA
DdeDisconnectList

comctl32

ImageList_Replace
ImageList_LoadImageW
CreatePropertySheetPage
ImageList_SetImageCount
InitCommonControlsEx
ImageList_DragShowNolock
ImageList_SetDragCursorImage
ImageList_Copy
CreatePropertySheetPageA
ImageList_GetDragImage
_TrackMouseEvent
ImageList_Add

kernel32

OpenEventW
GetEnvironmentStringsW
InterlockedExchange
GetModuleFileNameA
GetConsoleMode
CreateMutexA
SetEnvironmentVariableA
GetCommandLineA
GetLastError
DeleteCriticalSection
FreeEnvironmentStringsW
GetStartupInfoA
IsValidLocale
HeapCreate
GetModuleHandleA
LoadLibraryExA
HeapFree
GetTimeFormatA
MultiByteToWideChar
InitializeCriticalSectionAndSpinCount
ReadFileEx
GetConsoleOutputCP
VirtualFree
TlsAlloc
GetACP
UnhandledExceptionFilter
ReadFile
SetConsoleCtrlHandler
GetProcessHeap
WaitForMultipleObjects
GetCurrentProcessId
FreeLibrary
HeapReAlloc
OpenMutexA
TerminateProcess
FreeEnvironmentStringsA
WriteConsoleW
SetHandleCount
GetEnvironmentStrings
GetSystemDefaultLangID
ExitProcess
LCMapStringA
GetCurrentThread
CloseHandle
LCMapStringW
GetStdHandle
GetLocaleInfoW
SetUnhandledExceptionFilter
TlsFree
GetUserDefaultLCID
HeapDestroy
GetStringTypeA
IsDebuggerPresent
WritePrivateProfileStringA
CreateFileA
IsValidCodePage
FindNextChangeNotification
GetVersion
GetCPInfo
GetFileType
EnumSystemLocalesA
GetStringTypeW
SetLastError
TlsGetValue
InterlockedDecrement
CompareStringA
VirtualLock
EnumSystemCodePagesW
GetStringTypeExW
VirtualQuery
RtlUnwind
CreateFileMappingA
GetSystemTimeAsFileTime
GetProfileIntW
WriteConsoleA
GetDateFormatA
CreateEventW
GetTickCount
HeapAlloc
GetOEMCP
SetEndOfFile
EnumResourceLanguagesW
GetVersionExA
InterlockedIncrement
SetStdHandle
GetCurrentProcess
VirtualAlloc
EnterCriticalSection
QueryPerformanceCounter
GetConsoleCP
WideCharToMultiByte
WriteFile
GetProcAddress
HeapSize
TlsSetValue
LoadLibraryA
InitializeCriticalSection
GetTimeZoneInformation
Sleep
EnumResourceNamesW
SetFilePointer
FlushFileBuffers
CompareStringW
GetNumberFormatW
GetCurrentThreadId
GetLocaleInfoA
LeaveCriticalSection

wininet

InternetSetCookieA
HttpCheckDavCompliance
FtpCreateDirectoryW

Sections

.text
Size: 309KB - Virtual size: 309KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 86KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

228af545c7556703ddc0e6692a0b6bb8

Headers

File Characteristics

PDB Paths

Imports

gdi32

user32

comctl32

kernel32

wininet

Sections

.text Size: 309KB - Virtual size: 309KB

.rdata Size: 86KB - Virtual size: 99KB

.data Size: 113KB - Virtual size: 113KB

.rsrc Size: 10KB - Virtual size: 10KB

.text
Size: 309KB - Virtual size: 309KB

.rdata
Size: 86KB - Virtual size: 99KB

.data
Size: 113KB - Virtual size: 113KB

.rsrc
Size: 10KB - Virtual size: 10KB