2f7edaa461a22d27ca90bccf12a3023a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2f7edaa461a22d27ca90bccf12a3023a_JaffaCakes118
Size

492KB
MD5

2f7edaa461a22d27ca90bccf12a3023a
SHA1

d541ab07911bff59cedbd38def1a7aca942d2445
SHA256

f48c3ed635357a5021eb4fda08957725b5e3b5fbf27cd7cfcca2d07b918af74b
SHA512

fb2d16262d1f26607e0d4e2a7ffed808e4af64083732bab7c277fb816344d37c35f100acfb233c77462c0df8412fa546f8c5fdf6936e9bd7c4d98d54ff333e7a
SSDEEP

6144:YHrCRZeRp54g5qbtSjhiee7r++kYHhUxYKyUhIEbCifav/tG+zu6ftjILPB8h:WrCRZeJrghSjDypxUhpbC6av/tDSLC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f7edaa461a22d27ca90bccf12a3023a_JaffaCakes118

Files

2f7edaa461a22d27ca90bccf12a3023a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f1f27e2d849e2853f6b8fe729313564a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

k:\dedmeuk\qwxljai\oywcsuet\ptfqvs\miokzaetu.pdb

Imports

advapi32

RegLoadKeyW
CryptReleaseContext
CryptDuplicateKey
LookupSecurityDescriptorPartsA
CryptHashSessionKey
RegLoadKeyA
RegOpenKeyExA

comctl32

InitCommonControlsEx
ImageList_GetImageCount
ImageList_Replace
ImageList_AddMasked
ImageList_SetOverlayImage
CreatePropertySheetPageA
ImageList_Destroy
ImageList_GetBkColor
GetEffectiveClientRect
ImageList_GetDragImage
ImageList_ReplaceIcon

shell32

SheChangeDirExW
SHEmptyRecycleBinA
InternalExtractIconListW
SHGetPathFromIDListW

comdlg32

GetSaveFileNameW
PrintDlgA
PageSetupDlgA
GetOpenFileNameW

user32

RegisterClassExA
RegisterClassA
CreateMDIWindowA
AnimateWindow
LockWindowUpdate
UnhookWinEvent
GetTabbedTextExtentW
GetKeyboardLayoutNameA
TileChildWindows
CreateCaret
SetDlgItemTextA
GetDoubleClickTime
GetMenuItemRect
DdeUninitialize
InSendMessageEx
ValidateRgn
IsZoomed
EnumWindows
ChangeDisplaySettingsExA
MenuItemFromPoint
SetWindowLongW
GetInputState
IsRectEmpty
GetClipboardFormatNameA
GetMenuItemInfoA

kernel32

TerminateProcess
GetCurrentProcess
FreeLibrary
IsDebuggerPresent
GetCurrentThreadId
GetFileType
SetConsoleCtrlHandler
DebugBreak
GetProcessHeap
GetProcAddress
GetLastError
MultiByteToWideChar
ReleaseSemaphore
CreateMutexA
GetUserDefaultLCID
HeapValidate
FreeEnvironmentStringsA
TlsSetValue
GetLocaleInfoA
GetOEMCP
OutputDebugStringW
GetACP
WriteConsoleA
DeleteFileW
LCMapStringA
UnhandledExceptionFilter
GetStringTypeW
GetModuleHandleA
GetModuleFileNameA
FlushFileBuffers
SetHandleCount
VirtualQuery
GetTimeZoneInformation
GetPrivateProfileSectionNamesA
CompareStringA
ReadFile
GetConsoleOutputCP
GetCurrentProcessId
HeapCreate
SetStdHandle
GetModuleFileNameW
LeaveCriticalSection
GetStdHandle
GetCalendarInfoA
GetCurrentThread
SetLastError
LocalCompact
SetUnhandledExceptionFilter
GetEnvironmentStrings
VirtualFree
CreateFileA
OutputDebugStringA
HeapDestroy
SetEnvironmentVariableA
GetConsoleMode
RtlUnwind
EnterCriticalSection
GetStartupInfoA
GetTickCount
InitializeCriticalSection
IsBadReadPtr
GetStartupInfoW
GetCommandLineW
EnumSystemLocalesA
GetPriorityClass
LoadLibraryA
ExitProcess
WideCharToMultiByte
GetCPInfo
LCMapStringW
HeapFree
TlsAlloc
OpenMutexA
IsValidLocale
WriteConsoleW
GetStringTypeA
VirtualAlloc
lstrlenA
LoadLibraryW
HeapReAlloc
FreeEnvironmentStringsW
HeapAlloc
InterlockedIncrement
GetCommandLineA
DeleteCriticalSection
GetConsoleCP
GetTimeFormatA
lstrcpynA
GetVersionExA
WriteConsoleOutputCharacterW
RaiseException
TlsFree
WriteFile
InterlockedExchange
GetLocaleInfoW
CompareStringW
GetSystemTimeAsFileTime
SetFilePointer
CloseHandle
IsValidCodePage
TlsGetValue
GetDateFormatA
GetEnvironmentStringsW
QueryPerformanceCounter
InterlockedDecrement

wininet

InternetConfirmZoneCrossingA
InternetCanonicalizeUrlW
InternetWriteFileExA
InternetAttemptConnect
InternetSecurityProtocolToStringW
InternetGetConnectedStateExA

Sections

.text
Size: 208KB - Virtual size: 206KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 108KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 104KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f1f27e2d849e2853f6b8fe729313564a

Headers

File Characteristics

PDB Paths

Imports

advapi32

comctl32

shell32

comdlg32

user32

kernel32

wininet

Sections

.text Size: 208KB - Virtual size: 206KB

.rdata Size: 108KB - Virtual size: 106KB

.data Size: 92KB - Virtual size: 104KB

.rsrc Size: 80KB - Virtual size: 78KB

.text
Size: 208KB - Virtual size: 206KB

.rdata
Size: 108KB - Virtual size: 106KB

.data
Size: 92KB - Virtual size: 104KB

.rsrc
Size: 80KB - Virtual size: 78KB