2a1fc6e251c87d161c9db3a62218e71a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2a1fc6e251c87d161c9db3a62218e71a_JaffaCakes118
Size

172KB
MD5

2a1fc6e251c87d161c9db3a62218e71a
SHA1

3dd83c7e41289e82264357384b919e32051e25ba
SHA256

787820e8dd913c7a71c4453335ac38881b99a0126273b9c65cca1272a20a72af
SHA512

fe82c2b2184589c652bce5f90685f2d1301898a08e0a6c4b9aca921cf74a910c5671a73a81d05e5ed91514359c0a8df2ed909907848a598a14613dc750162484
SSDEEP

3072:eDYIScJqwgVpVqLvqljd8oMc5+UYWl+wW9ttz6wWs7DRr5A+C+H:hIhtkVqTkuoMc5+TBzPWm5A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a1fc6e251c87d161c9db3a62218e71a_JaffaCakes118

Files

2a1fc6e251c87d161c9db3a62218e71a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8bb49058a7d77a508d0886f88cd469cb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

lstrcmpA
GetModuleFileNameA
GetFileAttributesA
SetTimerQueueTimer
SetConsoleScreenBufferSize
EnumUILanguagesA
GetFullPathNameA
SetMailslotInfo
GetTempPathA
UnlockFile
CompareStringA
GetQueuedCompletionStatus
GetProcessPriorityBoost
RemoveDirectoryA
GetTapeStatus
lstrcpy
SetProcessPriorityBoost
CreateFileMappingA
Thread32First
GlobalCompact
VirtualQueryEx
ClearCommError
GetThreadIOPendingFlag
GetDiskFreeSpaceA
GetSystemTimeAsFileTime
SetFileTime
lstrcatA
SizeofResource
GetProfileSectionA
FlushInstructionCache
WriteConsoleA
QueueUserWorkItem
LZDone
GetSystemTime
Module32First
SetComputerNameExA
Process32Next
DeleteTimerQueue
GetFileAttributesExA
GetDiskFreeSpaceExA
MulDiv
GetPriorityClass
lstrcpynA
GetTempFileNameA
SetConsoleNumberOfCommandsA
FillConsoleOutputCharacterA
GetConsoleTitleA
ResetWriteWatch
WriteConsoleOutputA
WritePrivateProfileStructA
ReadFileEx
GetMailslotInfo
SetLocalTime
VirtualAllocEx
PostQueuedCompletionStatus
GetProcessId
GetCommandLineA
CopyFileExW
EnumSystemLocalesA
FormatMessageA
lstrcpynA
GetModuleHandleA
GetCurrencyFormatA
GlobalAlloc
GetComPlusPackageInstallStatus
SetLastConsoleEventActive
IsSystemResumeAutomatic
PeekConsoleInputA
OpenFile
HeapSize
GetCurrentThreadId
GetThreadLocale
GetNamedPipeHandleStateA
SetTapePosition
GetSystemWindowsDirectoryA
DeleteAtom
GetShortPathNameA
GetStdHandle
WaitForSingleObject
GetProcessWorkingSetSize
FindNextVolumeMountPointW
OpenSemaphoreA
lstrcpyA
GlobalHandle
GlobalSize
GetConsoleAliasExesLengthA
FindAtomA
GetConsoleMode
DeleteTimerQueueTimer
ReplaceFile
FreeConsole
SystemTimeToFileTime

winmm

timeGetSystemTime

user32

ReuseDDElParam
RegisterClassExA
OpenIcon
GetMenuItemInfoA
LoadCursorFromFileA
MessageBoxTimeoutA
CreateWindowExA
GetWindowTextA
PrivateExtractIconExA
BeginPaint
RemovePropA
GetClassInfoExW
RegisterClipboardFormatA
SetMenuItemBitmaps
GetAltTabInfoA
GetClientRect
EqualRect
LoadKeyboardLayoutEx
TileChildWindows
DrawCaptionTempA
DefMDIChildProcA
GetMessagePos
SetWindowTextA
GetDesktopWindow
ReasonCodeNeedsComment
IsRectEmpty
CreateWindowExA
CreateWindowStationW
EnterReaderModeHelper
CreatePopupMenu
SendNotifyMessageA
GetMenuItemRect
EditWndProc
GetMonitorInfoA
DlgDirListComboBoxW
GetKeyboardLayoutNameA
LoadCursorFromFileA
InflateRect
TranslateAccelerator
EnableWindow
RealChildWindowFromPoint
SetMenu
ScrollWindowEx
SetMenuItemInfoA
GetWinStationInfo
FindWindowA
DrawTextA
GetCaretPos
BroadcastSystemMessageExA
GetDlgItemTextA
DefWindowProcA
UnregisterHotKey
GetNextDlgTabItem
SystemParametersInfoA
LockWorkStation
GetProcessDefaultLayout
GetKeyboardLayoutList
DrawTextExA
FlashWindow
IsServerSideWindow
LoadCursorFromFileW
GetMenuContextHelpId
EnumPropsExW
GetInputDesktop
LoadRemoteFonts
GetMenuItemRect
DispatchMessageA
CharLowerBuffW
GetLastActivePopup
SetDoubleClickTime
CharUpperBuffA
LoadMenuIndirectA
RegisterHotKey
MonitorFromPoint
LoadAcceleratorsA
DrawCaptionTempA
GetAltTabInfoA
MapDialogRect
GetClipboardData
DragObject
CreateDesktopA
IsChild

Exports

Exports

Khcsiwycg
Yjhlywiedb
GetNfaiadil

Sections

.idata
Size: - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.itext
Size: 156KB - Virtual size: 158KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8bb49058a7d77a508d0886f88cd469cb

Headers

File Characteristics

Imports

kernel32

winmm

user32

Exports

Exports

Sections

.idata Size: - Virtual size: 2KB

.itext Size: 156KB - Virtual size: 158KB

.idata Size: 8KB - Virtual size: 4KB

.rsrc Size: 4KB - Virtual size: 1KB

.idata
Size: - Virtual size: 2KB

.itext
Size: 156KB - Virtual size: 158KB

.idata
Size: 8KB - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 1KB