2f88d7e8ad15f4c268a5644fea03d05e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2f88d7e8ad15f4c268a5644fea03d05e_JaffaCakes118
Size

65KB
MD5

2f88d7e8ad15f4c268a5644fea03d05e
SHA1

8ddb2c0d28af042c72f8a5070da5d19ef0244931
SHA256

4d18c8161a80e9d30f94560a4f80a6fe6a8018e999e70b4014233fb82291cef2
SHA512

969952d152f16215d31baa23b375b98fd513a8daa9b4e74176493c3e92537985ce816c069b14e513bf9cb2906d1962ff562b2063329559718927a632064c695c
SSDEEP

1536:ePeIhqRdHWEne6TZZFOS3lxctDUvxQ429GaZ8Ba2yo2ewlQr:EeIURdHXTr3l2WfTHzjwl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f88d7e8ad15f4c268a5644fea03d05e_JaffaCakes118

Files

2f88d7e8ad15f4c268a5644fea03d05e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a46d85a17b7c53f6cbec3a8f011a7a83

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapSize
lstrlenA
Sleep
lstrcatA
SetCurrentDirectoryA
CreateDirectoryA
lstrcpyA
ExitProcess
GetModuleHandleA
GetCommandLineA
GlobalFree
GlobalAlloc
FreeResource
CloseHandle
WriteFile
LockResource
CreateFileA
SizeofResource
LoadResource
FindResourceA
DeleteFileA
RemoveDirectoryA
GetLastError
HeapReAlloc
CreateProcessA
GetCurrentProcess
GetModuleFileNameA
GetExitCodeProcess
WaitForSingleObject
SetFilePointer
ReadFile
GetSystemDefaultLCID
GetVolumeInformationA
GetWindowsDirectoryA
WideCharToMultiByte
GetStdHandle
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
HeapFree
GetProcessHeap
HeapAlloc
MultiByteToWideChar
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetCPInfo
GetOEMCP
LoadLibraryA
IsBadCodePtr
IsBadWritePtr
IsBadReadPtr
SetUnhandledExceptionFilter
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
RtlUnwind
GetStartupInfoA
GetProcAddress
TerminateProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
GetFileType
HeapDestroy
HeapCreate

user32

wsprintfA
CharUpperA

advapi32

RegCloseKey
RegSetValueExA
RegQueryValueExA
RegOpenKeyA
RegCreateKeyA

shell32

SHGetSpecialFolderPathA

ole32

OleInitialize
CoCreateInstance
OleUninitialize

oleaut32

VariantInit
SysAllocString
VariantClear

Sections

.text
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a46d85a17b7c53f6cbec3a8f011a7a83

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 23KB - Virtual size: 22KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 1024B - Virtual size: 69KB

.rsrc Size: 33KB - Virtual size: 61KB

.text
Size: 23KB - Virtual size: 22KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 1024B - Virtual size: 69KB

.rsrc
Size: 33KB - Virtual size: 61KB