2f49dd8b7d3f11f08abdd9ef8d75e3ec_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2f49dd8b7d3f11f08abdd9ef8d75e3ec_JaffaCakes118
Size

584KB
MD5

2f49dd8b7d3f11f08abdd9ef8d75e3ec
SHA1

b4bfaf0ea8a345ffc64dfb85e6ef20e57203ce5b
SHA256

1d5c4e9d8599203535944bd8d589d09d2505fd50b82b98ad5cf257368480563d
SHA512

c867e802412a750efeba15d43712167eb8fdfc9fb243f73cfdcc00650377b53ba9b910e5657bbdf114160c01428922c1ecf66d4ba081755286793c4154f81a0a
SSDEEP

12288:iJS0Rryetazu/s/Ua3n6ObD8MOVMdQtmKs7SxuGQh9ctUfPHDx:iJHwePGU8zghVMmYlSxuJ7f1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f49dd8b7d3f11f08abdd9ef8d75e3ec_JaffaCakes118

Files

2f49dd8b7d3f11f08abdd9ef8d75e3ec_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6aa5d28acea5b6a7e824e842fbf2e016

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

KillTimer
TileChildWindows
GetMonitorInfoW
EnumDesktopsW
IsWindowUnicode
DefWindowProcW
RealGetWindowClass
CheckRadioButton
ShowWindow
GetMenuBarInfo
SetWindowPos
SetClassWord
GetKeyState
MessageBoxA
SetCursor
SetProcessWindowStation
WaitMessage
RegisterClassExA
wsprintfA
WINNLSGetEnableStatus
DestroyWindow
CreateWindowExW
RegisterClassA
LoadIconA
ChildWindowFromPoint

gdi32

AddFontResourceW
OffsetViewportOrgEx
StretchDIBits
ExtEscape
GetICMProfileW
GetPath
ExtCreateRegion
FixBrushOrgEx

kernel32

SetConsoleActiveScreenBuffer
GetModuleHandleA
InitializeCriticalSection
VirtualFree
CreateMutexA
TlsFree
VirtualProtect
DeleteCriticalSection
IsBadWritePtr
CompareStringA
GetStringTypeW
FreeEnvironmentStringsW
LCMapStringA
GetCommandLineA
EnumResourceNamesW
GetCurrentThreadId
LeaveCriticalSection
GetStringTypeA
SetLastError
FlushFileBuffers
OpenMutexA
GetStartupInfoW
ReadFile
GetTickCount
QueryPerformanceCounter
GetFileType
GetUserDefaultLCID
SetConsoleTitleW
GetCurrentProcess
GetSystemInfo
GetCommandLineW
SetHandleCount
GetModuleFileNameA
GetCurrentProcessId
GetDateFormatA
GetConsoleOutputCP
VirtualAlloc
GetProfileStringA
ExitProcess
GetLocaleInfoA
RtlUnwind
SetEnvironmentVariableA
GetTimeFormatA
HeapAlloc
GetLocaleInfoW
GetEnvironmentStrings
GetEnvironmentStringsW
LCMapStringW
HeapReAlloc
GetCPInfo
LocalHandle
WideCharToMultiByte
SetStdHandle
VirtualQuery
WriteFile
HeapFree
HeapCreate
SetFilePointer
GetLastError
TlsGetValue
CloseHandle
OpenFile
GetStdHandle
FreeEnvironmentStringsA
HeapDestroy
ReadConsoleA
HeapSize
IsValidCodePage
GetModuleFileNameW
MultiByteToWideChar
GetOEMCP
DuplicateHandle
LocalSize
GetStartupInfoA
GetTimeZoneInformation
CreateNamedPipeA
UnhandledExceptionFilter
InterlockedExchange
InterlockedExchangeAdd
TlsAlloc
GetCurrentThread
IsValidLocale
LoadLibraryA
GetVersionExA
CreatePipe
CompareStringW
GetSystemTimeAsFileTime
TlsSetValue
GetACP
EnumSystemLocalesA
FindResourceA
GetProcAddress
EnterCriticalSection
TerminateProcess

comctl32

ImageList_SetIconSize
ImageList_SetBkColor
ImageList_SetDragCursorImage
DrawInsert
_TrackMouseEvent
CreatePropertySheetPage
ImageList_AddMasked
InitCommonControlsEx
ImageList_SetOverlayImage
ImageList_GetImageInfo
MakeDragList
ImageList_DrawEx
CreateStatusWindowA
ImageList_DragEnter
ImageList_GetBkColor
ImageList_ReplaceIcon
DrawStatusText
CreateToolbar
InitMUILanguage
DestroyPropertySheetPage
ImageList_Write
CreateStatusWindowW
ImageList_Duplicate
ImageList_DragShowNolock
GetEffectiveClientRect
ImageList_Destroy

wininet

InternetTimeToSystemTime
HttpOpenRequestA
IsUrlCacheEntryExpiredW
CreateUrlCacheEntryA
RetrieveUrlCacheEntryStreamA
SetUrlCacheEntryInfoA
RetrieveUrlCacheEntryFileA
InternetCheckConnectionA
InternetGetConnectedStateExW

comdlg32

GetOpenFileNameW
FindTextA
GetSaveFileNameA
ReplaceTextA

Sections

.text
Size: 164KB - Virtual size: 163KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 112KB - Virtual size: 131KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6aa5d28acea5b6a7e824e842fbf2e016

Headers

File Characteristics

Imports

user32

gdi32

kernel32

comctl32

wininet

comdlg32

Sections

.text Size: 164KB - Virtual size: 163KB

.rdata Size: 256KB - Virtual size: 252KB

.data Size: 112KB - Virtual size: 131KB

.rsrc Size: 48KB - Virtual size: 47KB

.text
Size: 164KB - Virtual size: 163KB

.rdata
Size: 256KB - Virtual size: 252KB

.data
Size: 112KB - Virtual size: 131KB

.rsrc
Size: 48KB - Virtual size: 47KB