2ffa48fa6752aa4db4450dcaf8027a49_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2ffa48fa6752aa4db4450dcaf8027a49_JaffaCakes118
Size

196KB
MD5

2ffa48fa6752aa4db4450dcaf8027a49
SHA1

e9e28be046aae36c9b79c33db757d3509e59a1bb
SHA256

1afa712f5b14950adb100bc97ad8435ba26fbde0b641c75efb6d322ad53caa71
SHA512

f7240fae9e30db011d7bd3d9c24e3f327459036d37cfefb6f1ea34e61b42ae018c4a6e486092e296448e22f11a1cec5fb36c9253f6dae13191644ff9e3e78136
SSDEEP

3072:Ag0/fRP+kz/hPPL2gUDJxdboX6FIToFgZ7gNIkj88ajv4BLOpN:Gn558FsRcIkx+eLOp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ffa48fa6752aa4db4450dcaf8027a49_JaffaCakes118

Files

2ffa48fa6752aa4db4450dcaf8027a49_JaffaCakes118
.exe windows:4 windows x86 arch:x86

18d752511896de1a5a4cfc8f72337e50

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadIconA
DispatchMessageA
SetWindowTextA
GetTopWindow
LoadCursorA
DrawAnimatedRects
GetWindowLongW
LoadBitmapA
GetKeyboardLayoutNameA
DestroyWindow
SetWindowPos
GetIconInfo
WindowFromPoint
SetClipboardData
GetForegroundWindow
ChildWindowFromPoint
OffsetRect
IsZoomed
ScrollWindow
GetPropA
EnumThreadWindows

ole32

CoRevokeClassObject
OleCreateStaticFromData
CreateBindCtx
CreateOleAdviseHolder
CoFreeUnusedLibraries
CoCreateInstanceEx
StringFromIID
CoRevokeClassObject
CoDisconnectObject
CoReleaseMarshalData
CreateStreamOnHGlobal
StgOpenStorage
MkParseDisplayName
GetHGlobalFromStream
PropVariantClear
CoCreateFreeThreadedMarshaler

gdi32

GetDCOrgEx
GetPixel
SetBkMode
CreateDIBitmap
GetPaletteEntries
SetBkMode

comdlg32

FindTextA
GetSaveFileNameA
ChooseColorA
GetFileTitleA

shlwapi

SHQueryValueExA
SHEnumValueA
PathGetCharTypeA
SHQueryInfoKeyA
PathFileExistsA
SHDeleteKeyA
PathIsDirectoryA
SHSetValueA

advapi32

GetLengthSid
RegQueryValueExA
RegEnumKeyExA
RegDeleteValueA
RegQueryInfoKeyA
RegOpenKeyA

version

VerFindFileA
GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA
VerFindFileA
VerFindFileA

shell32

SHGetDiskFreeSpaceA
DragQueryFileA

msvcrt

atol
sin
sprintf
malloc

kernel32

lstrcpyA
GetProcessHeap
LoadLibraryExA
GlobalAddAtomA
lstrcmpA
HeapFree
GetStartupInfoA
EnumCalendarInfoA
MoveFileExA
ResetEvent
lstrcmpiA
lstrlenA
GetModuleHandleW
IsBadReadPtr
lstrlenW
SizeofResource
GetModuleHandleA
VirtualFree
GetCPInfo
RaiseException
LocalReAlloc
ExitThread
CreateThread
CloseHandle
GetCurrentThreadId
InitializeCriticalSection
VirtualAlloc
LockResource
FreeResource
WideCharToMultiByte
HeapAlloc
GetLocalTime
GetUserDefaultLCID
GetOEMCP
EnterCriticalSection
SetEvent
GetFullPathNameA
GetLastError
GetCommandLineA
GetProcAddress
GetSystemDefaultLangID
ExitProcess
GetEnvironmentStrings
SetFilePointer
WaitForSingleObject
LoadResource
FreeLibrary
GetLocaleInfoA
GetFileAttributesA
DeleteCriticalSection
HeapDestroy
GlobalFindAtomA
GetCurrentThread
SetEndOfFile
GetSystemDefaultLangID
SizeofResource
FindFirstFileA
FormatMessageA
GlobalAddAtomA
lstrcmpiA
MoveFileA
GetProcAddress
GetCurrentProcessId
GlobalAlloc
WideCharToMultiByte
GetStdHandle
GetStartupInfoA
lstrcpyA
MoveFileExA
LoadLibraryExA
LoadResource
LockResource
FreeLibrary
GetThreadLocale
GetCurrentThreadId
GetCommandLineW
GlobalFindAtomA
EnumCalendarInfoA
Sleep
EnterCriticalSection
ExitThread
GetModuleHandleW
WriteFile
SetFilePointer
SetHandleCount
GetModuleHandleA
lstrlenW
FindResourceA
RaiseException
GetFullPathNameA
ExitProcess
lstrcatA
HeapAlloc
SetErrorMode
GetVersionExA
lstrlenA
IsBadReadPtr
LocalFree
GetFileAttributesA
lstrcpynA
GetLastError
GetDiskFreeSpaceA
ReadFile

oleaut32

SafeArrayPtrOfIndex
SafeArrayUnaccessData
SafeArrayGetElement
OleLoadPicture
SysStringLen
RegisterTypeLib
VariantChangeType
SafeArrayCreate
VariantCopyInd
SysAllocStringLen

comctl32

ImageList_DrawEx
ImageList_Read
ImageList_Remove
ImageList_Write
ImageList_Create
ImageList_Draw
ImageList_DragShowNolock
ImageList_Add
ImageList_GetBkColor

Sections

.text
Size: 92KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 4KB - Virtual size: 603B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.cdata
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

18d752511896de1a5a4cfc8f72337e50

Headers

File Characteristics

Imports

user32

ole32

gdi32

comdlg32

shlwapi

advapi32

version

shell32

msvcrt

kernel32

oleaut32

comctl32

Sections

.text Size: 92KB - Virtual size: 88KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 8KB - Virtual size: 6KB

BSS Size: 4KB - Virtual size: 603B

.cdata Size: 68KB - Virtual size: 66KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 92KB - Virtual size: 88KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 8KB - Virtual size: 6KB

BSS
Size: 4KB - Virtual size: 603B

.cdata
Size: 68KB - Virtual size: 66KB

.rsrc
Size: 8KB - Virtual size: 7KB