2ae0ecf52fccee542e2ca0ae5cf2d26b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2ae0ecf52fccee542e2ca0ae5cf2d26b_JaffaCakes118
Size

230KB
MD5

2ae0ecf52fccee542e2ca0ae5cf2d26b
SHA1

19cd40c3a1cdb9f80e9fbbdf865f576b2df77e40
SHA256

73ec480a643b42329b3b82d264e992bc730104400d0264b21058cc4e3e1b0bb8
SHA512

1268d61d565cb8bc790f0b8a380ef0e1b904e5cc22d15f37ab51f1fbed673e5d375bad34c93fd1b5431539919a2a9de39623f8aa539a24f777fc19c2d8c8ba3b
SSDEEP

3072:/XdN1i/k2a6k1u+cYlMUkBkP2BFW0EL+kljLCXPIFsHcpGtROtF9C:/tD/6k1u+98ePt0aRBufQyLRaF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ae0ecf52fccee542e2ca0ae5cf2d26b_JaffaCakes118

Files

2ae0ecf52fccee542e2ca0ae5cf2d26b_JaffaCakes118
.exe windows:4 windows x86 arch:x86

c7779480167a5d76e7410d24f3394246

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleHandleW
CreateFileA
GetCommandLineA
VirtualQuery
LocalAlloc
SetErrorMode
GetStringTypeW
GetFileAttributesA
HeapAlloc
GlobalAlloc
VirtualAlloc
GetProcAddress
GetModuleHandleA
GetOEMCP
GetLocalTime
GetACP
CompareStringA
GetTempPathA
GetSystemDefaultLangID
LocalReAlloc
LoadLibraryA
MulDiv
ReadFile
WaitForSingleObject
GetCurrentProcessId
GetFileSize
FreeLibrary
lstrcpyA
GetStartupInfoA
SizeofResource
IsBadHugeReadPtr
GetLocaleInfoA
SetEvent
SetLastError
GetLastError
GetVersion
GetEnvironmentStrings
GetUserDefaultLCID
GetCurrentThreadId
GetFileType
VirtualFree
EnterCriticalSection
SetEndOfFile
SetFilePointer
SetHandleCount
GetProcessHeap
GetCurrentThread
WideCharToMultiByte
GetFullPathNameA
ExitThread
lstrcatA
GetDiskFreeSpaceA

shell32

SHGetFolderPathA
DragQueryFileA
SHGetFileInfoA
SHGetSpecialFolderLocation

user32

GetScrollPos
CharUpperA
GetSysColor
GetSubMenu
GetScrollRange
GetMenu
DrawMenuBar
LoadCursorA

comdlg32

FindTextA

Exports

Exports

_dUel3r

Sections

CODE
Size: 206KB - Virtual size: 205KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ipdata
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 72B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c7779480167a5d76e7410d24f3394246

Headers

File Characteristics

Imports

kernel32

shell32

user32

comdlg32

Exports

Exports

Sections

CODE Size: 206KB - Virtual size: 205KB

DATA Size: 7KB - Virtual size: 7KB

.ipdata Size: 11KB - Virtual size: 10KB

.idata Size: 2KB - Virtual size: 1KB

.edata Size: 512B - Virtual size: 72B

.rsrc Size: 1KB - Virtual size: 1KB

CODE
Size: 206KB - Virtual size: 205KB

DATA
Size: 7KB - Virtual size: 7KB

.ipdata
Size: 11KB - Virtual size: 10KB

.idata
Size: 2KB - Virtual size: 1KB

.edata
Size: 512B - Virtual size: 72B

.rsrc
Size: 1KB - Virtual size: 1KB