2a5e164b7494af9dd7ffddaa2b4be242_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2a5e164b7494af9dd7ffddaa2b4be242_JaffaCakes118
Size

236KB
MD5

2a5e164b7494af9dd7ffddaa2b4be242
SHA1

e18243840454fc9d8d719bb7d260c78bfb9868a7
SHA256

e64685d43582ae9a95be4f949c9bf885c131f06fb47442885ff843ef82369258
SHA512

bf8014387969fe62bbe1d566995f3c6f35bb8ecb6a66dc6599152d4bae21429d003a4bbf95985cf049de5ffee7784bb863b30abaa7ace664cd3f6e19b036dc31
SSDEEP

6144:6hC28ww7HXLXsX8jJRuDQTcertdPAgBKthT8S6zrX+UJcCLCI:aCw0VgcpthAgBizAzJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a5e164b7494af9dd7ffddaa2b4be242_JaffaCakes118

Files

2a5e164b7494af9dd7ffddaa2b4be242_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b9c990018aa802168bb7d75b2152b366

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EnterCriticalSection
FreeLibrary
SetUnhandledExceptionFilter
SetLastError
CloseHandle
TerminateProcess
LocalFree
GetEnvironmentVariableA
LCMapStringW
LoadLibraryA
OutputDebugStringW
MoveFileExW
GetTickCount
GetModuleHandleA
TlsSetValue
MulDiv
CreateEventW
WriteFile
FindClose
FileTimeToLocalFileTime
WaitForSingleObject
lstrcmpW
QueryPerformanceCounter
lstrcpyW
FormatMessageA
IsDebuggerPresent
IsValidLocale
VirtualProtect
ResetEvent
VirtualFree
InterlockedDecrement
SystemTimeToFileTime
GetCurrentProcessId
InitializeCriticalSectionAndSpinCount
HeapSize
GetSystemTimeAsFileTime
GetVersionExA
TlsGetValue
GetProcessHeap
GetLocaleInfoW
lstrcmpiW
GlobalAlloc
LoadResource
GetStringTypeA
FormatMessageW
lstrcpynW
GetVersion
SizeofResource
DisableThreadLibraryCalls
WaitForMultipleObjects
GetCurrentProcess
GetOEMCP
FileTimeToSystemTime
DebugBreak
lstrlenW
LeaveCriticalSection
HeapReAlloc
FreeEnvironmentStringsA
GetUserDefaultLCID
GetLastError
GetCurrentThreadId
FindResourceA
GetProcAddress
UnhandledExceptionFilter
HeapCreate
GetStringTypeW
LCMapStringA
FlushFileBuffers
GetACP
CreateThread
Sleep
lstrcpyA
GetEnvironmentStringsW
HeapDestroy
GetFileSize
CreateFileW
GetCommandLineA
InitializeCriticalSection
SetHandleCount
LocalAlloc
DeleteCriticalSection
HeapFree
FindFirstFileW
GetFileType
LockResource
GetModuleHandleW
InterlockedExchange
GetModuleFileNameA
SetErrorMode
FindNextFileW

user32

SetWindowRgn
InflateRect
IsWindowVisible
GetSysColorBrush
DrawEdge
GetDC
DispatchMessageA
LoadIconW
LoadStringW
ScreenToClient
TrackPopupMenu
IsDialogMessageW
SetScrollPos
GetWindowLongW
DeleteMenu
GetClassNameA
GetParent
DefWindowProcW
DestroyWindow
BeginPaint
DestroyMenu
GetSystemMetrics
PeekMessageW
GetSubMenu
GetMessageTime
CreatePopupMenu
GetWindowDC
EnumChildWindows
GetClientRect
DrawTextW
GetPropA
TranslateMessage
FindWindowA
CheckMenuItem
SetForegroundWindow

gdi32

SaveDC
SetViewportOrgEx
GetPixel
CreatePen

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 50KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b9c990018aa802168bb7d75b2152b366

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 50KB - Virtual size: 54KB

.data Size: 512B - Virtual size: 15KB

.reloc Size: 512B - Virtual size: 64B

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 50KB - Virtual size: 54KB

.data
Size: 512B - Virtual size: 15KB

.reloc
Size: 512B - Virtual size: 64B

.rsrc
Size: 3KB - Virtual size: 2KB