c2a96dc80059595590dba96cf0cfdd29_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c2a96dc80059595590dba96cf0cfdd29_JaffaCakes118
Size

608KB
MD5

c2a96dc80059595590dba96cf0cfdd29
SHA1

a7d31dcc71aebb1cdf4aed7701ffc75d5ce724b2
SHA256

650892f11f13279cc29f8ff7115723c40fe01d6e8abfd1797785d1ed0f1826f4
SHA512

a592ebc9330f5fff7db1023850924c3bddf1efe6b8c5cb7d46acbafa7ffcc2e849988281f9f149d3da13d1b7e3777cf3c5e3981f6ab971d2eef952a7b9812e3b
SSDEEP

12288:X77W55IyN+CIjSCOeUidHEz6mOfI1aclt16P5TD:L3ynIjSC5SfOg1acT4h

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c2a96dc80059595590dba96cf0cfdd29_JaffaCakes118

Files

c2a96dc80059595590dba96cf0cfdd29_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8b51fa4e0b2b2d6a3271f6c5b06dd167

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

e:\exhyfvtg\suqa\leoeet

Imports

kernel32

LocalShrink
SetEnvironmentVariableA
CloseHandle
GetModuleHandleA
CreateFileMappingA
SetConsoleCtrlHandler
InterlockedIncrement
GetStartupInfoA
GetProcAddress
VirtualQuery
MultiByteToWideChar
SetLastError
GetEnvironmentStringsW
GetSystemTime
GetSystemTimeAsFileTime
GetDateFormatA
GlobalSize
WriteFile
lstrcmpA
HeapDestroy
TlsSetValue
IsDebuggerPresent
IsValidCodePage
GetVolumeInformationA
IsValidLocale
HeapValidate
TlsGetValue
GetCurrentProcess
MoveFileA
GetCompressedFileSizeW
GetStringTypeA
HeapAlloc
SetCriticalSectionSpinCount
OpenMutexA
SetHandleCount
WritePrivateProfileStringW
GetStringTypeW
GetACP
HeapCreate
FillConsoleOutputCharacterA
VirtualQueryEx
SetUnhandledExceptionFilter
QueryPerformanceCounter
HeapReAlloc
GetTimeZoneInformation
GetModuleFileNameW
GetConsoleOutputCP
WriteConsoleW
GetCPInfo
DeleteCriticalSection
RtlZeroMemory
WriteConsoleA
GetExitCodeProcess
GetTimeFormatA
LeaveCriticalSection
GetCurrentThread
WaitNamedPipeW
GetLastError
EnumCalendarInfoExA
GetTickCount
SetPriorityClass
DebugActiveProcess
CreatePipe
CompareStringW
WritePrivateProfileSectionW
GetPrivateProfileSectionW
LoadLibraryA
GlobalDeleteAtom
EnumSystemLocalesA
GetCurrentThreadId
WriteProfileSectionW
TlsAlloc
HeapFree
AddAtomA
MoveFileW
HeapSize
FlushFileBuffers
GetLogicalDrives
RtlFillMemory
InterlockedDecrement
CreateFileA
GetCommandLineW
GetPrivateProfileSectionNamesA
GetCurrentProcessId
WideCharToMultiByte
SetFilePointer
UnhandledExceptionFilter
LoadLibraryExW
WaitForSingleObjectEx
SetVolumeLabelW
GetSystemDefaultLangID
FindAtomW
Sleep
VirtualAlloc
TerminateProcess
ReadFile
GetModuleHandleW
SetStdHandle
WriteConsoleOutputCharacterA
FreeLibrary
GetStartupInfoW
GetUserDefaultLCID
GetCurrentDirectoryA
GetShortPathNameA
InterlockedExchange
LCMapStringW
SetConsoleWindowInfo
GetFileType
InitializeCriticalSectionAndSpinCount
CreateDirectoryExW
FindFirstFileW
VirtualProtectEx
SetLocalTime
SetCurrentDirectoryA
GetOEMCP
GetProcessHeap
VirtualFree
GetLocaleInfoW
GetLocaleInfoA
CreateThread
EnterCriticalSection
LCMapStringA
CreateMutexA
UnlockFile
GetStdHandle
EnumCalendarInfoA
GetProcessHeaps
GetVersionExW
TlsFree
EnumSystemCodePagesA
SetConsoleCP
CompareStringA
lstrcat
EnumResourceLanguagesW
FreeEnvironmentStringsW
ExitProcess
GetConsoleCP
GetThreadPriority
FreeLibraryAndExitThread
GetConsoleMode
GetCommandLineA
FreeResource
GetModuleFileNameA
RtlUnwind

user32

GetWindowRect
ExitWindowsEx
RegisterClassExW
GetDesktopWindow
CreatePopupMenu
GetNextDlgGroupItem
GetKeyNameTextA
CreateMDIWindowA
EnumWindows
CallMsgFilter
DlgDirSelectComboBoxExW
LoadMenuA
BlockInput
UnhookWindowsHookEx
MessageBoxA
GetCursorPos
CharUpperBuffW
CreateWindowExA
DefWindowProcW
DdeConnect
WaitForInputIdle
ReleaseDC
SetClassLongW
ShowWindow
DrawEdge
ReleaseCapture
ClipCursor
GetMessageExtraInfo
TrackPopupMenu
RegisterClassA
KillTimer
RegisterClassExA
DestroyWindow
GetWindowTextA
RemovePropW
GetClipboardFormatNameW

comctl32

DrawStatusText
InitCommonControlsEx
ImageList_GetImageRect
DrawStatusTextA
ImageList_GetFlags
ImageList_SetFlags
DestroyPropertySheetPage
ImageList_SetOverlayImage
ImageList_SetFilter
CreatePropertySheetPageW
ImageList_Create

Sections

.text
Size: 168KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 264KB - Virtual size: 262KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8b51fa4e0b2b2d6a3271f6c5b06dd167

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

comctl32

Sections

.text Size: 168KB - Virtual size: 164KB

.rdata Size: 264KB - Virtual size: 262KB

.data Size: 116KB - Virtual size: 128KB

.rsrc Size: 56KB - Virtual size: 54KB

.text
Size: 168KB - Virtual size: 164KB

.rdata
Size: 264KB - Virtual size: 262KB

.data
Size: 116KB - Virtual size: 128KB

.rsrc
Size: 56KB - Virtual size: 54KB