2f59370ede73f7da48d5ec6860bdb9bb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2f59370ede73f7da48d5ec6860bdb9bb_JaffaCakes118
Size

518KB
MD5

2f59370ede73f7da48d5ec6860bdb9bb
SHA1

c9b5dc6c780c8eedefcf5b6524792eb7c06b7ac3
SHA256

6c64a56dc59ca787450f940873f4452f1a0bc3920dee74ab4b80a487e538da32
SHA512

1a7f2718f5cc1a9cf701b0df1080164a1709e91800cc8a18dc793224356df1189ac5604673b9abf75bf502ddef86f3aa7100b5209add1e44c72cd7cdf45cd80c
SSDEEP

12288:lBzILWOy/Ri4a5J0cariiWf0jGgbdb+37f:zILW1i4Aicariiyj8db+r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f59370ede73f7da48d5ec6860bdb9bb_JaffaCakes118

Files

2f59370ede73f7da48d5ec6860bdb9bb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

20ad95be5e2531ffb427cb2c19d9cd74

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

h:\p

Imports

kernel32

VirtualAlloc
GetConsoleOutputCP
TlsSetValue
SetLastError
QueryPerformanceCounter
InitializeCriticalSection
InterlockedIncrement
ReadFile
HeapAlloc
GetLocalTime
MultiByteToWideChar
SetUnhandledExceptionFilter
GetEnvironmentVariableW
SetEnvironmentVariableW
GetUserDefaultLCID
GetModuleHandleA
WriteConsoleA
TlsFree
GetLocaleInfoW
LCMapStringW
GetDateFormatA
GetTickCount
CreateFileA
EnterCriticalSection
ExitProcess
IsValidCodePage
GetStartupInfoA
LocalFileTimeToFileTime
InterlockedDecrement
GetOEMCP
UnhandledExceptionFilter
VirtualQuery
HeapCreate
GetCurrentProcess
OpenEventA
LCMapStringA
SetHandleCount
SetFilePointer
CreateMutexA
GetLocaleInfoA
GetConsoleMode
FlushFileBuffers
InterlockedExchange
GetVersionExA
DeleteCriticalSection
Sleep
GetLastError
TlsAlloc
SetStdHandle
IsDebuggerPresent
GetTimeFormatA
IsValidLocale
TlsGetValue
VirtualFree
GetEnvironmentStrings
HeapFree
GetFileAttributesW
SetComputerNameW
SetConsoleCtrlHandler
GetConsoleCP
GetTimeZoneInformation
GetStringTypeW
GetProcAddress
HeapReAlloc
GetStdHandle
EnumSystemLocalesA
CompareStringA
LoadLibraryA
OpenMutexA
WriteFile
LockResource
HeapDestroy
GetCommandLineA
lstrcmpi
GetModuleFileNameA
GetProcessHeap
HeapSize
GetACP
GetCurrentThreadId
RtlUnwind
FreeLibrary
CompareStringW
GetFileType
SetEnvironmentVariableA
ReadConsoleOutputCharacterA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCPInfo
GetStringTypeA
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
CloseHandle
GetCurrentThread
CreateThread
GetEnvironmentStringsW
LeaveCriticalSection
TerminateProcess
WriteConsoleW
LocalFlags

comdlg32

PrintDlgW
GetSaveFileNameA

comctl32

InitCommonControlsEx

user32

SetUserObjectInformationW
GetClassLongA
LoadMenuIndirectA
RegisterClassExA
WINNLSGetIMEHotkey
GetWindowLongW
DestroyWindow
wvsprintfW
RegisterClassA
SetDebugErrorLevel
SetTimer
GetSysColorBrush

advapi32

CryptDecrypt
RegConnectRegistryW
RegSaveKeyA

Sections

.text
Size: 367KB - Virtual size: 367KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

20ad95be5e2531ffb427cb2c19d9cd74

Headers

File Characteristics

PDB Paths

Imports

kernel32

comdlg32

comctl32

user32

advapi32

Sections

.text Size: 367KB - Virtual size: 367KB

.rdata Size: 24KB - Virtual size: 28KB

.data Size: 116KB - Virtual size: 115KB

.rsrc Size: 9KB - Virtual size: 8KB

.text
Size: 367KB - Virtual size: 367KB

.rdata
Size: 24KB - Virtual size: 28KB

.data
Size: 116KB - Virtual size: 115KB

.rsrc
Size: 9KB - Virtual size: 8KB