2fd9997c0023b41935a0c720a34a9022_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2fd9997c0023b41935a0c720a34a9022_JaffaCakes118
Size

428KB
MD5

2fd9997c0023b41935a0c720a34a9022
SHA1

d7d6c207ed9815508a22ec870025da021a81560f
SHA256

353f51e0423b14285798680c6e5b87a87ed475a4fe72c357d0a8bdc862a5f292
SHA512

65c52529709e8236a8cac8d850bbe43d75b1766320963060940ae21658d340871dd865e86d3a28a4bd6ab1c4388016792c551848847fd0324e5ba2201971f31d
SSDEEP

6144:XDA5tBG5j6oxDTwaWwoQ+xc9goDE9UK8KItJBtvqOz2TvRM:zA5tBCj6kFoJxNUE0xPi6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2fd9997c0023b41935a0c720a34a9022_JaffaCakes118

Files

2fd9997c0023b41935a0c720a34a9022_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8bc14f190acd6e2dbc932092e59f470c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OutputDebugStringA
DeleteFileA
GetModuleFileNameA
GetLastError
CreateProcessA
GetSystemDirectoryA
SetFileAttributesA
SetFileTime
ExitProcess
GetCurrentProcess
GetEnvironmentVariableA
lstrcmpiA
Process32Next
Process32First
CreateToolhelp32Snapshot
CreateRemoteThread
WriteProcessMemory
VirtualAllocEx
OpenProcess
GetProcAddress
GetModuleHandleA
VirtualFree
MoveFileExA
GetTempFileNameA
Sleep
LoadLibraryA
TerminateProcess
GetFileAttributesA
WriteFile
GetTickCount
SetFilePointer
GetTempPathA
MoveFileA
FreeResource
SizeofResource
LocalFileTimeToFileTime
SystemTimeToFileTime
LoadResource
FindResourceA
CreateMutexA
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
ReadFile
IsBadCodePtr
IsBadReadPtr
GetOEMCP
GetACP
GetCPInfo
SetStdHandle
SetUnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
FlushFileBuffers
HeapCreate
HeapDestroy
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetCurrentThreadId
GetVersionExA
GetWindowsDirectoryA
CreateFileA
GetFileSize
CloseHandle
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
MultiByteToWideChar
GetCommandLineA
GetVersion
RtlUnwind
HeapFree
RaiseException
HeapReAlloc
HeapAlloc
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA

user32

VkKeyScanA
GetInputState
PostThreadMessageA
GetMessageA
wsprintfA

advapi32

LookupPrivilegeValueA
AdjustTokenPrivileges
OpenProcessToken

shlwapi

StrStrIA

Sections

.text
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sxdata
Size: 4KB - Virtual size: 124B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 352KB - Virtual size: 348KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8bc14f190acd6e2dbc932092e59f470c

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shlwapi

Sections

.text Size: 48KB - Virtual size: 44KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 12KB - Virtual size: 18KB

.sxdata Size: 4KB - Virtual size: 124B

.rsrc Size: 352KB - Virtual size: 348KB

.text
Size: 48KB - Virtual size: 44KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 12KB - Virtual size: 18KB

.sxdata
Size: 4KB - Virtual size: 124B

.rsrc
Size: 352KB - Virtual size: 348KB