2f3a6056c48203a1750d8b34c55f0055_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2f3a6056c48203a1750d8b34c55f0055_JaffaCakes118
Size

177KB
MD5

2f3a6056c48203a1750d8b34c55f0055
SHA1

c0da2e19b6cb5904d81a94babfbbe85687e09d81
SHA256

1aabe4b0564aee2a7217827d856ed33891ba2e959a9241511b00786722dad294
SHA512

34b492b974ffe03ed2d0caa41051858ebe0a74e567be55e36cdc8dc80ca972e5df87ce3a4d4891b3e8f38e07937191ad4c70ba553e46e3eec5706056ce380644
SSDEEP

3072:Mch+Brm2fU37jwKnkSM63PYwjI9gVgfYr5ApBQoh7v635OsVQD6TgGKTeO:1h+dmKU3XnkSM63ECJrTJJOvD6MPTeO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f3a6056c48203a1750d8b34c55f0055_JaffaCakes118

Files

2f3a6056c48203a1750d8b34c55f0055_JaffaCakes118
.exe windows:4 windows x86 arch:x86

131d0ecfd1c776cec8b753c930244281

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpW
GetModuleFileNameW
WaitForSingleObject
DosPathToSessionPathW
WaitForMultipleObjects
InterlockedIncrement
GetThreadLocale
GetVersionExA
CreateSemaphoreW
InterlockedDecrement
lstrlenW
GetLocaleInfoA
GetCurrentProcess
VirtualAlloc
GlobalReAlloc
InterlockedExchange
GetCurrentThreadId
GetProcAddress
lstrcpyW
GetCurrentProcessId
CreateThread
ReleaseSemaphore
SetThreadPriority
GetProcessId
ResetEvent
GetSystemTimeAsFileTime
GlobalFree
QueryPerformanceCounter
LocalAlloc
EnumResourceTypesA
lstrlenA
VirtualFree
CloseHandle
WriteFile
GlobalUnlock
lstrcmpiW
GetCurrentThread
GetVersionExW
GlobalAlloc
RaiseException
DeleteCriticalSection
GetTickCount
OutputDebugStringW
EnterCriticalSection
GetSystemInfo
InitializeCriticalSection
SetEvent
FreeLibrary
ProcessIdToSessionId
GetModuleHandleW
GetLastError
ExitProcess
LocalFree
CreateFileW
lstrcpynW
LeaveCriticalSection
DisableThreadLibraryCalls
Sleep
CreateEventW
MultiByteToWideChar
GetACP
GetThreadPriority
DuplicateHandle
LoadLibraryW
GlobalLock
GetModuleFileNameA

gdi32

RealizePalette
GetStockObject
GetObjectW
SelectObject
GetDIBits
SelectPalette
CreateDIBSection
StretchDIBits
SetStretchBltMode
CreateCompatibleDC
BitBlt

winmm

timeGetTime
mixerOpen
mixerGetLineInfoW
waveInGetNumDevs
mixerGetLineControlsW
mixerSetControlDetails
mixerGetControlDetailsW
timeSetEvent
mixerClose
mixerGetNumDevs
waveInGetDevCapsW
mixerGetDevCapsW

user32

TranslateMessage
ReleaseDC
PostThreadMessageW
KillTimer
UnregisterClassA
IsWindowVisible
wvsprintfW
GetWindowRect
GetQueueStatus
GetDC
UnregisterClassW
EnableWindow
PeekMessageW
wsprintfW
SetParent
RegisterWindowMessageW
DispatchMessageW
SetTimer
MsgWaitForMultipleObjects

gdiplus

GdipAlloc
GdiplusShutdown
GdipCreateHBITMAPFromBitmap
GdiplusStartup
GdipCreateBitmapFromStreamICM
GdipCreateBitmapFromStream
GdipGetImageThumbnail
GdipDisposeImage
GdipFree
GdipCloneImage

Sections

.text
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 65KB - Virtual size: 65KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1024B - Virtual size: 240KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

131d0ecfd1c776cec8b753c930244281

Headers

File Characteristics

Imports

kernel32

gdi32

winmm

user32

gdiplus

Sections

.text Size: 106KB - Virtual size: 106KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 65KB - Virtual size: 65KB

.tls Size: 1024B - Virtual size: 240KB

.text
Size: 106KB - Virtual size: 106KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 65KB - Virtual size: 65KB

.tls
Size: 1024B - Virtual size: 240KB