2fa8565db7142c43304919970a9eb98f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2fa8565db7142c43304919970a9eb98f_JaffaCakes118
Size

520KB
MD5

2fa8565db7142c43304919970a9eb98f
SHA1

dcf8740708ab3fa4424e870e54c53cd2048377e0
SHA256

255c2b2b8ac09562a0d5ce3e59b1dbeedd37d96107b28f7f61851a562ae012d0
SHA512

bc5131bcba8491cb3ca45d95637565f4b99cab0a615cbdbe8cd7a4d2dce15e4e39f2284102e5937eec28b56e3169492115980bfb21728ca38cb2242ec74bd980
SSDEEP

6144:0pfE87gFVIMnBVYc/IQwviniUO5HBP60C337Jf5RTLqR0Sed4tt1YJG5c7:0pfcBBI7fQt3Fv62ScKt1YEM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2fa8565db7142c43304919970a9eb98f_JaffaCakes118

Files

2fa8565db7142c43304919970a9eb98f_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5ab2ab1f642e5b3e4212f8776c8893f4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineW
GetStartupInfoW
GetStdHandle
GetOEMCP
SetFileAttributesW
IsValidCodePage
GetCurrencyFormatW
FreeEnvironmentStringsW
GetDriveTypeA
GetTimeFormatA
HeapSize
GetModuleFileNameA
AllocConsole
TlsSetValue
SetStdHandle
UnhandledExceptionFilter
EnterCriticalSection
TlsAlloc
MultiByteToWideChar
GetLastError
FindAtomW
GetEnvironmentStringsA
GetLocaleInfoW
GetModuleFileNameW
LeaveCriticalSection
InterlockedExchange
LCMapStringW
TlsGetValue
GetCurrentProcess
RtlUnwind
GetSystemInfo
IsBadWritePtr
GetProcAddress
EnumCalendarInfoW
VirtualQuery
WriteProfileSectionA
VirtualProtect
GetCurrentProcessId
GetACP
ReadFile
GetStringTypeW
GetCommandLineA
WriteConsoleOutputAttribute
ExitProcess
GetCPInfo
LCMapStringA
SetLastError
GetCurrentThread
VirtualAlloc
CompareStringA
GetTickCount
GetUserDefaultLCID
LoadLibraryA
CompareStringW
GetModuleHandleA
TlsFree
WriteFile
HeapCreate
HeapReAlloc
HeapFree
GetStartupInfoA
InitializeCriticalSection
SetEnvironmentVariableA
SetHandleCount
WideCharToMultiByte
GetStringTypeA
QueryPerformanceCounter
GetVersionExA
SetFilePointer
OpenMutexA
GetSystemTimeAsFileTime
lstrcpynW
VirtualFree
GetFileType
CreateDirectoryW
FreeEnvironmentStringsA
HeapDestroy
GetLocaleInfoA
LockResource
EnumSystemLocalesA
GetTimeZoneInformation
CloseHandle
HeapAlloc
GetEnvironmentStrings
DeleteCriticalSection
ReadConsoleInputW
CreateMutexA
GetDateFormatA
IsBadReadPtr
TerminateProcess
GlobalFlags
IsValidLocale
GetCurrentThreadId
FlushFileBuffers
GetEnvironmentStringsW

user32

RegisterClassA
DispatchMessageW
DestroyWindow
GrayStringW
BroadcastSystemMessageA
ShowWindow
CreateMenu
CopyIcon
MonitorFromWindow
DefWindowProcA
RegisterClassExA
TileChildWindows
LoadImageW
EnableScrollBar
DdeCreateDataHandle
OemToCharBuffA
GetKeyNameTextW
RegisterWindowMessageW
CreateWindowExA
MapWindowPoints
CloseWindowStation
SetClassWord
MessageBoxA
DdeCmpStringHandles
DialogBoxParamA

comctl32

ImageList_Add
ImageList_GetIconSize
ImageList_SetImageCount
ImageList_Draw
CreateStatusWindowW
ImageList_SetFilter
ImageList_DrawEx
CreateStatusWindowA
InitCommonControlsEx
ImageList_Write
DrawStatusText

Sections

.text
Size: 88KB - Virtual size: 85KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 260KB - Virtual size: 257KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 104KB - Virtual size: 105KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5ab2ab1f642e5b3e4212f8776c8893f4

Headers

File Characteristics

Imports

kernel32

user32

comctl32

Sections

.text Size: 88KB - Virtual size: 85KB

.rdata Size: 260KB - Virtual size: 257KB

.data Size: 104KB - Virtual size: 105KB

.rsrc Size: 64KB - Virtual size: 60KB

.text
Size: 88KB - Virtual size: 85KB

.rdata
Size: 260KB - Virtual size: 257KB

.data
Size: 104KB - Virtual size: 105KB

.rsrc
Size: 64KB - Virtual size: 60KB