2f366c85e21ca0d232a724f64e50a505_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2f366c85e21ca0d232a724f64e50a505_JaffaCakes118
Size

225KB
MD5

2f366c85e21ca0d232a724f64e50a505
SHA1

347124933b057b3a51418866318fae89c341d1ff
SHA256

97b10620201f1dc88cc444452c67d923bee3a7e7cfd96f969d1588f47ee73aa6
SHA512

e7fd776991c3f480c420ac97ba8432144e97acf2804992e52336ae25efff132583fe010c0f623426b2d8180fc20a896a97751b531ae2a838eb42932f5181eb11
SSDEEP

6144:BKSqAJDWR3u8fqG2IQvbeoE484nl8Yats0x9CtUTsG:BKOV62IQzE484nlXaGgstUoG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f366c85e21ca0d232a724f64e50a505_JaffaCakes118

Files

2f366c85e21ca0d232a724f64e50a505_JaffaCakes118
.exe windows:5 windows x86 arch:x86

93284f8af2d2f8c1ef82401c0b73bc83

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

TlsAlloc
GetCurrentThreadId
GetCurrentThread
CreateMutexA
ExitProcess
GetCurrentDirectoryA
GetProcAddress
GetModuleHandleA
CreateEventA
GetLocalTime
VirtualAlloc
GetSystemTime
HeapAlloc
GetProcessHeap
GetOEMCP
GetACP
CompareStringW
CompareStringA
GetLocaleInfoW
GetTimeZoneInformation
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
GetCPInfo
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
WideCharToMultiByte
Sleep
InterlockedIncrement
GetStartupInfoW
GetVersion
RtlUnwind
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameW
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetEnvironmentStrings
GetCommandLineW
GetCommandLineA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
TlsSetValue
TlsFree
SetLastError
TlsGetValue
GetLastError
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
FatalAppExitA
HeapReAlloc
IsBadWritePtr
LoadLibraryA
InterlockedDecrement
SetEnvironmentVariableA

user32

GetActiveWindow
GetSystemMetrics
GetForegroundWindow
BeginPaint
EndPaint
PostQuitMessage
DefWindowProcA
ValidateRect
MessageBoxA
LoadIconA
LoadCursorA
RegisterClassExA
CreateWindowExA
ShowWindow
UpdateWindow
GetMessageA
TranslateMessage
DispatchMessageA

Sections

.text
Size: 203KB - Virtual size: 203KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 552B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

93284f8af2d2f8c1ef82401c0b73bc83

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 203KB - Virtual size: 203KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 13KB - Virtual size: 20KB

.rsrc Size: 1024B - Virtual size: 552B

.text
Size: 203KB - Virtual size: 203KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 13KB - Virtual size: 20KB

.rsrc
Size: 1024B - Virtual size: 552B