b2a17ddb371fd56951ed090152930ec2_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b2a17ddb371fd56951ed090152930ec2_JaffaCakes118
Size

507KB
MD5

b2a17ddb371fd56951ed090152930ec2
SHA1

1e8f442fb7dfdaa5f176446da301809dfe02325a
SHA256

90377eca9284f55523ab788d6042885b97ec6d94ad92f3699d0a26de61e41abc
SHA512

2bcd601a204e8c5c3ce20417affca6f6ac432f9abe9bdb3b1b4c70b6010ca10bb322642376d86f93ce49233df35f397bba993ba7bd967472266b2da4abe08a83
SSDEEP

12288:rRafJpu1dmV9a4dGC7rOgObOLi+D2OOB+854:oRpUdmV9lAiDmdOOt54

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b2a17ddb371fd56951ed090152930ec2_JaffaCakes118

Files

b2a17ddb371fd56951ed090152930ec2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

fc263ea833c8253809f0f93ff2099765

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

RegisterClassExA
CreateCursor
InsertMenuItemW
SetMenuContextHelpId
RegisterDeviceNotificationA
DrawIconEx
GetLastActivePopup
LoadBitmapW
EnumPropsExW
ToAsciiEx
SetRectEmpty
GetCursor
RegisterClassA
UnhookWinEvent
CheckMenuRadioItem
LookupIconIdFromDirectoryEx
ShowWindowAsync
EnableScrollBar
DispatchMessageW
CopyIcon
wvsprintfA
GetTabbedTextExtentW
PtInRect
GetClassInfoExA
GetDlgItem
MsgWaitForMultipleObjectsEx
OpenClipboard

comctl32

InitCommonControlsEx

advapi32

InitiateSystemShutdownA
CryptSignHashW
RegConnectRegistryA
RegLoadKeyA
CryptContextAddRef
LookupPrivilegeDisplayNameA
CryptHashData

kernel32

WideCharToMultiByte
HeapDestroy
SetFilePointer
EnterCriticalSection
LCMapStringA
GetCurrentThread
CreateFileMappingW
WriteConsoleW
HeapReAlloc
HeapAlloc
GetTimeZoneInformation
GetConsoleMode
IsValidLocale
SetHandleCount
CreateFileA
GetConsoleOutputCP
GetEnvironmentStringsW
GetLastError
RtlUnwind
GetProcessHeap
SetEnvironmentVariableA
FreeLibrary
GetLocaleInfoW
TlsGetValue
SetConsoleCtrlHandler
HeapCreate
HeapSize
Sleep
FreeEnvironmentStringsA
TlsFree
SetStdHandle
GetStringTypeW
GetDateFormatA
HeapFree
GetModuleFileNameA
TerminateProcess
FreeEnvironmentStringsW
GetProcAddress
CompareStringA
OpenProcess
SetConsoleTextAttribute
CreateMutexA
InterlockedIncrement
GetCurrentThreadId
GetConsoleCP
GetFileType
InterlockedExchange
GetEnvironmentStrings
TlsAlloc
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleHandleA
OpenMutexA
IsValidCodePage
VirtualAlloc
GetACP
EnumResourceTypesA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
CompareStringW
TlsSetValue
GetStartupInfoA
GetCurrentProcess
InitializeCriticalSection
ExitProcess
CloseHandle
WriteFile
LCMapStringW
LoadLibraryA
GetLocaleInfoA
EnumSystemLocalesA
GetOEMCP
WriteConsoleA
GetVersionExA
FlushFileBuffers
GetTimeFormatA
GetCommandLineA
GetStdHandle
GetCPInfo
LeaveCriticalSection
MultiByteToWideChar
FileTimeToLocalFileTime
ReadFile
VirtualFree
SetLastError
QueryPerformanceCounter
InterlockedDecrement
DeleteCriticalSection
GetStringTypeA
GetUserDefaultLCID
VirtualQuery
IsDebuggerPresent
GlobalFix

Sections

.text
Size: 172KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 316KB - Virtual size: 316KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fc263ea833c8253809f0f93ff2099765

Headers

File Characteristics

Imports

user32

comctl32

advapi32

kernel32

Sections

.text Size: 172KB - Virtual size: 172KB

.rdata Size: 10KB - Virtual size: 14KB

.data Size: 316KB - Virtual size: 316KB

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 172KB - Virtual size: 172KB

.rdata
Size: 10KB - Virtual size: 14KB

.data
Size: 316KB - Virtual size: 316KB

.rsrc
Size: 7KB - Virtual size: 7KB