2889baa135b5a981078eeb78ec095c74_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2889baa135b5a981078eeb78ec095c74_JaffaCakes118
Size

165KB
MD5

2889baa135b5a981078eeb78ec095c74
SHA1

7dd85bcd06845e12f92149d0db109dda0c2a990c
SHA256

f95c99af839675e4fff1ad10d39542925397ab9de6fa0ca41b79f09fdf9b9a51
SHA512

2f67c5da523f9a5e5ef77680c42a1240ca3d7e944f62e2b18db07ade8e0077fcdaf500c91c5fdc7f37a07ac2c79b13d2f77e0b03ca096bbfbaffc77ce308d9e1
SSDEEP

3072:2NijqAxxyL3UgLJM9ERRIeymZJChptwrTgnsm+HaHA:2YALNa9YRYOJChpwp6HA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2889baa135b5a981078eeb78ec095c74_JaffaCakes118

Files

2889baa135b5a981078eeb78ec095c74_JaffaCakes118
.exe windows:4 windows x86 arch:x86

0ccc9b6fb63721e2c7de7742cd305e8d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

mprapi

MprConfigServerConnect
MprConfigServerDisconnect
MprConfigGetFriendlyName

user32

GetSystemMetrics
LoadStringW
MessageBoxW
DestroyWindow
LoadIconA
CharNextA
LoadImageA
UnregisterClassA
CharNextW

kernel32

InterlockedCompareExchange
LoadLibraryW
CreateProcessA
EnterCriticalSection
LeaveCriticalSection
HeapSize
GetCurrentThreadId
lstrlenW
TerminateProcess
MoveFileW
GetCalendarInfoW
GetLocaleInfoA
SizeofResource
GetCurrentProcess
lstrcpynW
GetTickCount
OutputDebugStringW
GetModuleHandleA
GetProcessHeap
LocalAlloc
HeapFree
GetCurrentProcessId
lstrcmpiA
GetSystemTime
HeapReAlloc
QueryPerformanceCounter
GetModuleFileNameW
GetSystemTimeAsFileTime
GetModuleFileNameA
GetACP
GetLastError
GetVersionExA
FindResourceExA
CreateFileW
GetThreadLocale
UnmapViewOfFile
LoadLibraryExW
LoadResource
VirtualAlloc
GetFileAttributesW
EnumResourceNamesA
InterlockedExchange
GetFileAttributesA
SystemTimeToFileTime
GetStartupInfoA
FreeEnvironmentStringsA
VirtualFree
Sleep
SetUnhandledExceptionFilter
LockResource
MultiByteToWideChar
FindResourceA
lstrlenA
UnhandledExceptionFilter
CloseHandle
ReleaseMutex
RaiseException
CreateDirectoryW
WriteFile
WideCharToMultiByte
GetUserDefaultUILanguage
IsDebuggerPresent
GetStdHandle
GetEnvironmentVariableA
HeapDestroy
HeapAlloc
SetEvent

shlwapi

PathAddBackslashW

ole32

CoGetMalloc
CoTaskMemRealloc
StringFromGUID2
CoCreateInstance
OleInitialize
CoTaskMemAlloc
IIDFromString
CoInitializeSecurity
CoTaskMemFree
StringFromCLSID
OleUninitialize

Sections

.text
Size: 93KB - Virtual size: 93KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 67KB - Virtual size: 66KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 100KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0ccc9b6fb63721e2c7de7742cd305e8d

Headers

File Characteristics

Imports

mprapi

user32

kernel32

shlwapi

ole32

Sections

.text Size: 93KB - Virtual size: 93KB

.rdata Size: 3KB - Virtual size: 2KB

.bss Size: 67KB - Virtual size: 66KB

.rsrc Size: 1024B - Virtual size: 100KB

.text
Size: 93KB - Virtual size: 93KB

.rdata
Size: 3KB - Virtual size: 2KB

.bss
Size: 67KB - Virtual size: 66KB

.rsrc
Size: 1024B - Virtual size: 100KB