2fb42a8fcdfcd4a8d1337dea30c79a1a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2fb42a8fcdfcd4a8d1337dea30c79a1a_JaffaCakes118
Size

38KB
MD5

2fb42a8fcdfcd4a8d1337dea30c79a1a
SHA1

21223c1ac3abaf4b9b3d93feb6dcaba1a02a5dc4
SHA256

9859a8465a65666fdd959bc1d5bab93be14591196d0c98501b7d093c6602f020
SHA512

fb348fb99bc1bf1d9d2168fede5896fe9a1c19d803d7f7738bc0ecb4d19c8088bba50ca9cc90a5c6e52093561be5a9be72290ecf7f2a928ee224389448ab2c42
SSDEEP

768:qxZp6uTBJmOCEDO109jUjiQu0DCZY8+idPBwDG1Ni4nCo0RmIh3KdpPTFy5XqPm:qtm8O102jFON+idyD4Qf32xFy56Pm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2fb42a8fcdfcd4a8d1337dea30c79a1a_JaffaCakes118

Files

2fb42a8fcdfcd4a8d1337dea30c79a1a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e335e29a1e4f5dac8bf84df8d8a5456c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
VirtualProtect
GetFullPathNameW
RegisterConsoleVDM
LocalUnlock
GetProfileStringW
lstrcmpiA
GetTimeFormatA
SetConsoleCursor
GetCommProperties
SetHandleCount
SetConsoleInputExeNameW
FileTimeToDosDateTime
DeviceIoControl
SetVolumeMountPointA
IsValidCodePage
EnumResourceNamesW
GetNextVDMCommand
GlobalFindAtomA
SetProcessShutdownParameters
_lwrite
QueryInformationJobObject
UnregisterWait
ScrollConsoleScreenBufferW
GlobalHandle
GetSystemTime
TermsrvAppInstallMode
SetupComm
GetDriveTypeW
SetErrorMode
GetStartupInfoA
FatalExit
GetOverlappedResult
FileTimeToLocalFileTime
GlobalLock
SetConsoleTitleA
ReadConsoleInputA
GetProcessWorkingSetSize
CancelTimerQueueTimer

user32

DestroyMenu
DispatchMessageA
AlignRects
TranslateAccelerator
LookupIconIdFromDirectoryEx
TranslateMessage
GetMenuItemCount
ClientToScreen
SetClassWord
VkKeyScanW
ShowScrollBar
GetGUIThreadInfo
WinHelpA
RegisterClassExA
DdeCmpStringHandles
ResolveDesktopForWOW
HideCaret
SetCaretBlinkTime
GetMessagePos
GetThreadDesktop
GetDlgCtrlID
CharUpperBuffW
DdeDisconnect
GetGuiResources
MsgWaitForMultipleObjects
UnionRect
DragObject
mouse_event
GetScrollBarInfo
SendMessageCallbackW

gdi32

EngLoadModule
GetClipBox
HT_Get8BPPMaskPalette
GetStockObject
STROBJ_bGetAdvanceWidths
GetEnhMetaFilePaletteEntries
PatBlt
GetCharWidthFloatW
SetRectRgn
GdiIsPlayMetafileDC
CreateRectRgnIndirect
CreateScalableFontResourceW
EngPlgBlt
QueryFontAssocStatus
GdiQueryFonts
GetCharWidth32W
PlayEnhMetaFile

comdlg32

ChooseFontA
FindTextW
WantArrows
Ssync_ANSI_UNICODE_Struct_For_WOW
ChooseColorA
ReplaceTextA
PrintDlgW
CommDlgExtendedError
PrintDlgExW
GetFileTitleA
FindTextA
PageSetupDlgA
LoadAlterBitmap
dwLBSubclass

Sections

.text
Size: 4KB - Virtual size: 1.0MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e335e29a1e4f5dac8bf84df8d8a5456c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

Sections

.text Size: 4KB - Virtual size: 1.0MB

.data Size: 30KB - Virtual size: 32KB

.idata Size: 3KB - Virtual size: 4KB

.text
Size: 4KB - Virtual size: 1.0MB

.data
Size: 30KB - Virtual size: 32KB

.idata
Size: 3KB - Virtual size: 4KB