c2e8650780dce959f36ce7c970002a85_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

c2e8650780dce959f36ce7c970002a85_JaffaCakes118
Size

417KB
MD5

c2e8650780dce959f36ce7c970002a85
SHA1

49f5e5f341b088611d318f38072b4abe502cb126
SHA256

2c67fac475f845453339466b9c09164902a64a248ea9a87a3c736ff000af7f63
SHA512

28ea3d276e21a8122bee11093e9b79f31baf5eaf6c759a3a05e42903f2d09ac807e670757a41486054c56d1a5791620ffa87d7d157fdc9b51bf2d99f2e05bc57
SSDEEP

6144:0LP8Z80Z5MjCCHQONLBB8moFGl7xY9b+:6Unke61D8B4BxY9q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c2e8650780dce959f36ce7c970002a85_JaffaCakes118

Files

c2e8650780dce959f36ce7c970002a85_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2bb28dd573657f2d3679c299b5a511f7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

LoadAcceleratorsA
LoadStringA
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
LoadCursorA
LoadIconA
RegisterClassExA
EndPaint
PostQuitMessage
DefWindowProcA
MessageBoxA
PostMessageA
DestroyWindow
LoadBitmapA
SendMessageA
SetFocus
CreateWindowExA
UpdateWindow
ShowWindow
BeginPaint
LoadBitmapW
GetWindowRect
InvalidateRect
SetWindowTextA
SetMenuItemInfoA
GetParent
LockWindowUpdate
GetWindowPlacement
SetDlgItemTextW
MapWindowPoints
SetMenu
GetMenuItemID
GetCursorPos
EndDeferWindowPos
EnableMenuItem
GetMenu
GetActiveWindow
DrawFocusRect
DrawFrameControl
RegisterClassA
SetWindowLongA
GetWindowTextA
GetWindowLongA
GetClassNameA
ModifyMenuA

kernel32

GetConsoleCP
FlushFileBuffers
LCMapStringEx
HeapSize
GetStringTypeW
HeapReAlloc
RtlUnwind
LoadLibraryW
OutputDebugStringW
LoadLibraryExW
IsDebuggerPresent
GetCPInfo
GetOEMCP
GetACP
IsValidCodePage
Sleep
HeapFree
GetConsoleMode
EnterCriticalSection
IsProcessorFeaturePresent
RaiseException
HeapAlloc
GetModuleHandleW
TerminateProcess
GetCurrentProcess
FlsFree
FlsSetValue
FlsGetValue
FlsAlloc
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WideCharToMultiByte
FreeEnvironmentStringsW
GetStartupInfoA
WriteFile
MapViewOfFile
CloseHandle
GetFileSize
CreateFileMappingA
CreateFileA
GetModuleHandleA
GetVersion
GetCurrentDirectoryA
SleepEx
GetSystemInfo
SetStdHandle
WriteConsoleW
SetFilePointerEx
LeaveCriticalSection
InterlockedDecrement
GetCommandLineA
GetLastError
SetLastError
InterlockedIncrement
CreateFileW
GetCurrentThreadId
EncodePointer
DecodePointer
ExitProcess
GetModuleHandleExW
GetProcAddress
MultiByteToWideChar
GetStdHandle
GetModuleFileNameW
GetProcessHeap
GetFileType
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
InitOnceExecuteOnce
GetStartupInfoW
GetModuleFileNameA
QueryPerformanceCounter
GetSystemTimeAsFileTime
GetTickCount64
GetEnvironmentStringsW

gdi32

DeleteDC
CreateCompatibleBitmap

comctl32

InitCommonControlsEx

Sections

.text
Size: 87KB - Virtual size: 87KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 73KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 123KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2bb28dd573657f2d3679c299b5a511f7

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

gdi32

comctl32

Sections

.text Size: 87KB - Virtual size: 87KB

.rdata Size: 132KB - Virtual size: 132KB

.data Size: 73KB - Virtual size: 80KB

.rsrc Size: 123KB - Virtual size: 122KB

.text
Size: 87KB - Virtual size: 87KB

.rdata
Size: 132KB - Virtual size: 132KB

.data
Size: 73KB - Virtual size: 80KB

.rsrc
Size: 123KB - Virtual size: 122KB