2f41654ea903d70d629affaec2e188e8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2f41654ea903d70d629affaec2e188e8_JaffaCakes118
Size

216KB
MD5

2f41654ea903d70d629affaec2e188e8
SHA1

9e0764ac94e90ff61ccb9241fecbb65a23caa2af
SHA256

ac1f2464e1e6eaa2e79347c308cb4479479521bf65f0a92de688b3b9fd0f559d
SHA512

b655696055762cdffb34120f388e10fe049f5254b777a1e1137a4720fb0474f28ddc86370ef3c34e89e3b992226cc6fefdcbebb00e4aa81f6fd704b782166e45
SSDEEP

6144:qieht8ImsQiMEto3olBffsa0KCIDdJp7e6e:qi0ajdkbBdCE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f41654ea903d70d629affaec2e188e8_JaffaCakes118

Files

2f41654ea903d70d629affaec2e188e8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c0fed418c45f03feaa8d9170ec8ce760

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLongPathNameW
CreateMutexW
GetLogicalDriveStringsW
MoveFileA
LoadLibraryA
GetFileAttributesA
Beep
GetDiskFreeSpaceW
IsValidCodePage
GetTimeFormatW
GetExpandedNameA
SetPriorityClass
IsDebuggerPresent
GetSystemTime
WaitForMultipleObjects
GetLocalTime
GetExitCodeProcess
GlobalDeleteAtom
GetVersionExW
CreateMailslotW
lstrcpynA
IsBadStringPtrA
SetEvent
GetCurrentDirectoryA
GlobalGetAtomNameW
CreateEventA
GetCurrentProcessId
GetModuleFileNameW
FreeLibrary
GetModuleHandleW
GetUserDefaultLangID
SetCalendarInfoW
GetStartupInfoW
GetTempPathA
GetStringTypeW
GetOEMCP
lstrcpyW
OpenMutexA
lstrcmpiW
SetComputerNameA
GetFileTime
CompareStringW
LocalFree
GetCommandLineW
lstrcpy
EndUpdateResourceW
lstrcmpA
ExpandEnvironmentStringsW
CreateMutexA
EnumCalendarInfoA
ExitThread
LoadResource
HeapCreate
GetThreadLocale
GetProcAddress
GetLogicalDrives

user32

CreateIcon
GetDC
InsertMenuItemA
InvalidateRgn
EndDialog
ChildWindowFromPoint
DialogBoxIndirectParamW
DrawIcon
GetForegroundWindow
CheckDlgButton
GetMessageA
SetDlgItemTextA
ShowCaret
GetDlgItemInt
GetWindowRect
DestroyIcon
GetWindowLongW
GetDlgItemTextA
wsprintfA
CreateDialogParamW
EnumDesktopWindows
IsMenu
LoadIconA
PeekMessageW
SetCursorPos
GetMenuStringA
GetScrollPos
ReleaseDC
GetCapture
CharUpperA
CloseWindow
LoadMenuA
DialogBoxParamA
MonitorFromRect
GetMenuItemInfoW
SetWindowTextW

gdi32

GetCharWidthFloatA
GetDIBColorTable
GdiGetBatchLimit
GetTextExtentExPointI
CloseFigure
CreateDCW
SetTextColor
CreatePolygonRgn
FillPath
PolyPolyline
EnumFontFamiliesExW
GetMetaFileW
CreateFontA
RemoveFontResourceA
CreatePen
EndPage
CreateRectRgn
SetPaletteEntries

advapi32

RegQueryInfoKeyA
RegEnumValueW
RegOpenKeyW
RegCloseKey
RegOpenKeyA

shlwapi

StrChrW
SHEnumKeyExW
SHLoadIndirectString
PathRelativePathToA
wvnsprintfW
PathIsDirectoryEmptyA
StrRStrIA
AssocQueryStringW

ole32

CoCreateGuid
CoGetMalloc
OleLoad
CoGetDefaultContext
BindMoniker
CoUninitialize

oleaut32

VariantCopyInd
LoadTypeLibEx
VarI1FromR4
VarBoolFromUI1
VarR8Pow

Sections

.z
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.grkcCc
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.G
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tYN
Size: 4KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.J
Size: 86KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 363KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.dxtrr
Size: 1KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c0fed418c45f03feaa8d9170ec8ce760

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shlwapi

ole32

oleaut32

Sections

.z Size: 8KB - Virtual size: 8KB

.grkcCc Size: 85KB - Virtual size: 84KB

.G Size: 13KB - Virtual size: 13KB

.tYN Size: 4KB - Virtual size: 26KB

.J Size: 86KB - Virtual size: 86KB

.data Size: 6KB - Virtual size: 363KB

.dxtrr Size: 1KB - Virtual size: 8KB

.rsrc Size: 9KB - Virtual size: 8KB

.reloc Size: 1024B - Virtual size: 1024B

.z
Size: 8KB - Virtual size: 8KB

.grkcCc
Size: 85KB - Virtual size: 84KB

.G
Size: 13KB - Virtual size: 13KB

.tYN
Size: 4KB - Virtual size: 26KB

.J
Size: 86KB - Virtual size: 86KB

.data
Size: 6KB - Virtual size: 363KB

.dxtrr
Size: 1KB - Virtual size: 8KB

.rsrc
Size: 9KB - Virtual size: 8KB

.reloc
Size: 1024B - Virtual size: 1024B