2ff8c6e2a51fb39fab44f0ce35495a79_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2ff8c6e2a51fb39fab44f0ce35495a79_JaffaCakes118
Size

448KB
MD5

2ff8c6e2a51fb39fab44f0ce35495a79
SHA1

6e562a4e012286542090c3053d713e398c4d586a
SHA256

d8b457594aec734156cb72a56ee5af8eb5f8c2991d29540ad771ab6b9a1c6b8f
SHA512

2236d456ba7fef0633a839f85c6667e31896b355130026c4cefa44e9aff1a458e3bc3de6a79bc220120d2e5a83fe9a24214580d5b0d393446bbfae3c729edd1e
SSDEEP

12288:0YeLr6SxV3ztM3J5xBkGMNEW/HhFre4ARyoO0Xs7:0Yy20V3ze3nxAEW/BFgPG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ff8c6e2a51fb39fab44f0ce35495a79_JaffaCakes118

Files

2ff8c6e2a51fb39fab44f0ce35495a79_JaffaCakes118
.exe windows:4 windows x86 arch:x86

24531e5b3f02e11bbabe27de6f1f4cb8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetSystemMetrics
CharNextA
SendDlgItemMessageW
ShowWindow
WinHelpW
GetWindowRect
CreateDialogParamW
MoveWindow
SetWindowTextW
DialogBoxParamW
SetDlgItemTextW
EndDialog
RegisterDeviceNotificationW
SendMessageW
SystemParametersInfoW
DestroyIcon
ScreenToClient
LoadStringW
CharNextW
GetDlgItem

iphlpapi

CreateIpNetEntry

advapi32

RegCloseKey
RegOpenKeyExA
RegOpenKeyExW
RegQueryValueExA
RegQueryValueExW

powrprof

GetPwrCapabilities

msvcrt

_except_handler3

kernel32

lstrcatW
GetModuleHandleA
GetCurrentProcess
LoadLibraryW
InterlockedExchange
GetVersionExA
GetDateFormatW
GetSystemPowerStatus
lstrlenW
LocalFree
GetProcAddress
CreateFileW
LocalAlloc
GetModuleFileNameW
lstrcpyW
CloseHandle
lstrcmpW
GetLastError
GetWindowsDirectoryW
TerminateProcess
DisableThreadLibraryCalls
DeviceIoControl
GetLocaleInfoW
SetUnhandledExceptionFilter
MultiByteToWideChar
GetModuleHandleW
FormatMessageW
lstrcpynW
UnhandledExceptionFilter

ntdll

LdrUnloadDll
NtAllocateVirtualMemory

setupapi

SetupDiGetDeviceInterfaceDetailW
SetupDiGetClassDevsW
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInterfaces

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 928KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 20B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 215KB - Virtual size: 215KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 201KB - Virtual size: 201KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

24531e5b3f02e11bbabe27de6f1f4cb8

Headers

File Characteristics

Imports

user32

iphlpapi

advapi32

powrprof

msvcrt

kernel32

ntdll

setupapi

Sections

.text Size: 20KB - Virtual size: 20KB

.data Size: 9KB - Virtual size: 928KB

.reloc Size: 512B - Virtual size: 20B

.rsrc Size: 215KB - Virtual size: 215KB

.rdata Size: 201KB - Virtual size: 201KB

.text
Size: 20KB - Virtual size: 20KB

.data
Size: 9KB - Virtual size: 928KB

.reloc
Size: 512B - Virtual size: 20B

.rsrc
Size: 215KB - Virtual size: 215KB

.rdata
Size: 201KB - Virtual size: 201KB