2f8618b809d4c3960b00b6d6889f8cdb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2f8618b809d4c3960b00b6d6889f8cdb_JaffaCakes118
Size

280KB
MD5

2f8618b809d4c3960b00b6d6889f8cdb
SHA1

e55066fd84ed1754908706c25209d8551560b2a2
SHA256

34a02d43256ba878fb8322e0d7d9171727779fe197baa9e2c2e1d485f185316c
SHA512

f782e2793b765cfa875a719b5ef75e5069d3b5125c6ac94a6615c6f602f2c819f86957e3823d78b7760480e40377dbb4def2920d5f14a6a87ec3c36c19f382d6
SSDEEP

6144:O8fYqgEwjjOjxNEWAPaPbRtEammQR7wfE0KG1igBbDX5P:5fYmcjOjxNEWooRC7/0KG1igljF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f8618b809d4c3960b00b6d6889f8cdb_JaffaCakes118

Files

2f8618b809d4c3960b00b6d6889f8cdb_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3b21137d1876c33fa54139136d0ec719

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

n:\hte

Imports

comctl32

InitCommonControlsEx

kernel32

SetHandleCount
FlushFileBuffers
TlsGetValue
CompareStringW
GetACP
GetStringTypeW
RtlUnwind
EnterCriticalSection
SetStdHandle
GetEnvironmentStrings
InterlockedExchange
GetModuleHandleA
GetOEMCP
LeaveCriticalSection
GetEnvironmentStringsW
WriteConsoleInputW
GetProcAddress
VirtualQuery
HeapFree
GetCommandLineA
GetCurrentProcess
GetCPInfo
HeapDestroy
ExitProcess
HeapCreate
FreeEnvironmentStringsW
GetVersion
WideCharToMultiByte
CreateMutexA
OpenMutexA
TlsSetValue
GetSystemTimeAsFileTime
ReadFile
FreeEnvironmentStringsA
GetCurrentThreadId
SetFilePointer
LCMapStringW
InitializeCriticalSection
InterlockedDecrement
GetSystemTime
TlsAlloc
UnhandledExceptionFilter
GetCurrentThread
DeleteCriticalSection
SetLastError
GetTimeZoneInformation
GetLocalTime
GetLastError
QueryPerformanceCounter
LCMapStringA
GetStdHandle
IsBadWritePtr
ContinueDebugEvent
TlsFree
CloseHandle
TerminateProcess
CompareStringA
HeapAlloc
GetCurrentProcessId
GetModuleFileNameA
GetStringTypeA
MultiByteToWideChar
GetFileType
GetStartupInfoA
VirtualAlloc
VirtualFree
WriteFile
LoadLibraryA
InterlockedIncrement
SetEnvironmentVariableA
GetTickCount
HeapReAlloc

user32

SetCaretBlinkTime
DestroyCursor
GetWindowInfo
EnumWindowStationsA
DdeCreateDataHandle
DdeAbandonTransaction
GetGUIThreadInfo
GetOpenClipboardWindow
SetWinEventHook
GetClassLongW
RegisterClassExA
SystemParametersInfoW
CreateCursor
GetCaretPos
GetAsyncKeyState
CheckRadioButton
SetSysColors
OpenWindowStationA
SendNotifyMessageW
RegisterClassA
ChangeDisplaySettingsW
RegisterDeviceNotificationA
GetKBCodePage
DrawTextW
SetPropA
GetWindowModuleFileNameW

comdlg32

GetOpenFileNameW

Sections

.text
Size: 163KB - Virtual size: 163KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 87KB - Virtual size: 86KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3b21137d1876c33fa54139136d0ec719

Headers

File Characteristics

PDB Paths

Imports

comctl32

kernel32

user32

comdlg32

Sections

.text Size: 163KB - Virtual size: 163KB

.rdata Size: 13KB - Virtual size: 37KB

.data Size: 87KB - Virtual size: 86KB

.rsrc Size: 15KB - Virtual size: 14KB

.text
Size: 163KB - Virtual size: 163KB

.rdata
Size: 13KB - Virtual size: 37KB

.data
Size: 87KB - Virtual size: 86KB

.rsrc
Size: 15KB - Virtual size: 14KB