2f2d57ebe46c159ea640c8d500c80d53_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2f2d57ebe46c159ea640c8d500c80d53_JaffaCakes118
Size

253KB
MD5

2f2d57ebe46c159ea640c8d500c80d53
SHA1

1c80cff309c52a7477a1a1877e8a955dc068e9e7
SHA256

d452b26123087be7340093aebe0451985ea39f6e84ba237d69caf1da38ed45f6
SHA512

8c8d30910485894179633f83cced8e781e338a9d9851804df6844e22a3094d3cbfe3e63ed3294034eb2193c9a600a5ec02e4284e2f5da5d48c80eacdf5bf0bbe
SSDEEP

6144:D2tjN8qg0swN72JnLS1BjieHV4E+7wuTi0ZFStC/Qh:DhqjswAJnLSGK2XwmicEs/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f2d57ebe46c159ea640c8d500c80d53_JaffaCakes118

Files

2f2d57ebe46c159ea640c8d500c80d53_JaffaCakes118
.exe windows:4 windows x86 arch:x86

86d24b322efa105d84ba3bd9f89ddc7f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentThreadId
GetVersionExA
GetProcessHeap
GetCurrentProcess
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleA
TlsAlloc
GetLastError
MultiByteToWideChar
ExitProcess
Sleep
GetStartupInfoA
GetModuleFileNameA
GetEnvironmentStringsW
HeapCreate
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
LoadLibraryA
InitializeCriticalSection
GetProcAddress

winipsec

GetQMPolicy
DeleteMMPolicy

user32

DestroyIcon
InvalidateRect
ShowWindow
ShowCursor
SendMessageW
EndDialog
SetWindowTextA
RegisterClassExA
TrackPopupMenuEx
RegisterClassW
DefWindowProcA
AppendMenuW
UnregisterClassW
LoadBitmapA
SetMenu
SetFocus
PostMessageA
GetMessageW
RegisterClassA
CreateAcceleratorTableW
CopyRect
LoadIconW
GetCursorPos

gdi32

CreateDIBPatternBrush
StretchDIBits
TranslateCharsetInfo
CreatePalette
RemoveFontResourceA
CreateHatchBrush
CreateCompatibleDC
CreateFontA
CreateFontIndirectW
CreatePen
CreateDIBSection
CreatePolygonRgn
GetTextExtentPointA
CreatePolyPolygonRgn
CreatePatternBrush

avifil32

AVIFileGetStream
AVIFileCreateStream
AVIStreamInfoW
AVIStreamGetFrameOpen
AVISaveVW
EditStreamSetInfoW
IID_IGetFrame
AVIFileOpenA
AVIMakeStreamFromClipboard
AVIPutFileOnClipboard

Sections

.icode
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.iR
Size: 106KB - Virtual size: 165KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 364KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cUtB
Size: 111KB - Virtual size: 169KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

86d24b322efa105d84ba3bd9f89ddc7f

Headers

File Characteristics

Imports

kernel32

winipsec

user32

gdi32

avifil32

Sections

.icode Size: 4KB - Virtual size: 3KB

.text Size: 12KB - Virtual size: 16KB

.rdata Size: 2KB - Virtual size: 38KB

.iR Size: 106KB - Virtual size: 165KB

.data Size: 5KB - Virtual size: 364KB

.cUtB Size: 111KB - Virtual size: 169KB

.rsrc Size: 8KB - Virtual size: 8KB

.reloc Size: 1KB - Virtual size: 4KB

.icode
Size: 4KB - Virtual size: 3KB

.text
Size: 12KB - Virtual size: 16KB

.rdata
Size: 2KB - Virtual size: 38KB

.iR
Size: 106KB - Virtual size: 165KB

.data
Size: 5KB - Virtual size: 364KB

.cUtB
Size: 111KB - Virtual size: 169KB

.rsrc
Size: 8KB - Virtual size: 8KB

.reloc
Size: 1KB - Virtual size: 4KB