2ae414fb2f2bc28269c794d67d7e5b41_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2ae414fb2f2bc28269c794d67d7e5b41_JaffaCakes118
Size

92KB
MD5

2ae414fb2f2bc28269c794d67d7e5b41
SHA1

1e47e94bd1bdc36eef4c804bbbabc54aab765e52
SHA256

c32a9a309b3d808a50523e5fbad0ae7e43c8170d73b23588dbaa99f5702e9acc
SHA512

76dac1f4703cb98471a6c29bef8ef267cfbcc96ce2f0c627f65a729ae32fb6b5d2b85f1897d6a88506b055579c52a5887a329dd47b71105a0918a813ceeb5536
SSDEEP

1536:e+Mo2kzxKxvelmqRA9V2/WXBkPp9rweO5AdRwjGMnD6hSU5sQfgYc01wS2AzgUw/:e+bzgGpyVyKeLdRMnDWSUb4M1wSBxwR1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ae414fb2f2bc28269c794d67d7e5b41_JaffaCakes118

Files

2ae414fb2f2bc28269c794d67d7e5b41_JaffaCakes118
.exe windows:5 windows x86 arch:x86

e870a704305ad056d39585d71184063a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

__dllonexit
_setmode
free
_exit
fopen
getenv
strstr
__p__fmode
_acmdln
fputc
_XcptFilter
__getmainargs
strncmp
__setusermatherr
atexit
_initterm
sqrt
_vsnprintf
__p__commode
fclose
_except_handler3
calloc
__set_app_type
_adjust_fdiv

comdlg32

GetOpenFileNameA

kernel32

VirtualQuery
GetSystemInfo
lstrcmpiA
GetSystemDirectoryW
SetStdHandle
GetModuleHandleA
SetHandleCount
GetStartupInfoA
MoveFileA
GetNumberFormatA
WaitForSingleObject
CreateProcessW
GetTickCount
lstrcpynA
WriteConsoleA

user32

MapWindowPoints
IntersectRect
ScreenToClient
GetSysColor
FrameRect
GetLastActivePopup
ShowWindow
OffsetRect
GetKeyboardType
TranslateMessage
ClientToScreen
GetWindowRect
InvalidateRect
GetSystemMetrics
SetDlgItemTextA
UpdateWindow
CallNextHookEx
GetWindowPlacement

gdi32

PatBlt
GetDCOrgEx
GetBkMode
PolyDraw
GetRgnBox
Rectangle
SetArcDirection
EnumFontFamiliesA
SelectClipRgn
GetTextCharsetInfo
TextOutW
CreateBrushIndirect

comctl32

ImageList_LoadImageW
ImageList_Add
PropertySheetW
ImageList_Destroy
ImageList_SetIconSize
PropertySheetA
ImageList_ReplaceIcon

ole32

OleRun
CoInitialize
CoInitializeEx
CreateBindCtx
IsEqualGUID
IIDFromString
CoRevokeClassObject
ProgIDFromCLSID
IsAccelerator
StgCreateDocfileOnILockBytes
CoReleaseMarshalData
CoFreeUnusedLibraries
CreateItemMoniker

advapi32

CryptDestroyHash
AdjustTokenPrivileges
DeregisterEventSource
LookupPrivilegeValueA
OpenSCManagerA
InitiateSystemShutdownA
OpenThreadToken
CheckTokenMembership
RegCloseKey
CryptHashData
RegDeleteValueA
SetSecurityDescriptorOwner
RegOpenKeyW
OpenProcessToken
SetSecurityDescriptorDacl
RegEnumKeyExA

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 9KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e870a704305ad056d39585d71184063a

Headers

File Characteristics

Imports

msvcrt

comdlg32

kernel32

user32

gdi32

comctl32

ole32

advapi32

Sections

.text Size: 5KB - Virtual size: 4KB

.data Size: 9KB - Virtual size: 46KB

.rsrc Size: 17KB - Virtual size: 88KB

.text
Size: 5KB - Virtual size: 4KB

.data
Size: 9KB - Virtual size: 46KB

.rsrc
Size: 17KB - Virtual size: 88KB