2a7f46cda9e582ebef90754b63332b22_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2a7f46cda9e582ebef90754b63332b22_JaffaCakes118
Size

247KB
MD5

2a7f46cda9e582ebef90754b63332b22
SHA1

6331a532e590e9ab24ec254ed54d1f92f24db16e
SHA256

7d8eae870dc3ac0833d60873e5e30dd8075c392ee874d58969f1decd5fe89f15
SHA512

4c8611afad95f8483bee658c411d069c396c89715802562e54e67d579954a448788bc9234b9e89a5440b0919e8adeccc32bb0f45f2a1d0fb20c56ac823d0b764
SSDEEP

3072:oWpnItvWLF6q5RLjcmmiGV00aND2DilH1XM7Nu85DB/sWnz47QazB:ZateLF/Xhxl0MamsaWz47QQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a7f46cda9e582ebef90754b63332b22_JaffaCakes118

Files

2a7f46cda9e582ebef90754b63332b22_JaffaCakes118
.exe windows:6 windows x86 arch:x86

3f05c97675415751db4f59206311b717

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

espexe.pdb

Imports

kernel32

VirtualAlloc
CreateEventA
FreeLibrary
GetProcAddress
GetLastError
GetCurrentProcessId
SetThreadPriority
CreateThread
GetProfileStringA
GetProfileIntA
HeapSetInformation
WaitForMultipleObjects
CloseHandle
ExitThread
LocalAlloc
WriteProfileStringA
LoadLibraryA
LocalFree
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
SetUnhandledExceptionFilter
RtlUnwind
GetStartupInfoA
InterlockedCompareExchange
Sleep
InterlockedExchange

gdi32

MoveToEx
LineTo
DeleteObject
SetBkColor
GetStockObject
CreateFontA

user32

GetCursorPos
PostQuitMessage
DestroyIcon
MessageBoxA
GetWindowTextLengthA
SetFocus
GetFocus
DialogBoxParamA
InvalidateRect
DrawIcon
ShowWindow
GetClientRect
SetWindowPos
CheckMenuItem
GetSystemMetrics
GetMenu
LoadIconA
DestroyAcceleratorTable
DestroyWindow
DispatchMessageA
MapWindowPoints
TranslateAcceleratorA
GetMessageA
LoadAcceleratorsA
CreateDialogParamA
FillRect
BeginPaint
EndDialog
SetDlgItemTextA
SendMessageA
SendDlgItemMessageA
GetWindowTextA
EnableWindow
GetDlgItem
IsIconic
GetWindowRect
GetClassNameA
GetWindow
GetDlgItemTextA
PostMessageA
ReleaseCapture
SetCapture
LoadCursorA
SetCursor
EnableMenuItem
TranslateMessage
SetWindowTextA
EndPaint

msvcrt

_amsg_exit
__setusermatherr
__p__commode
__p__fmode
_initterm
?terminate@@YAXXZ
_controlfp
_acmdln
exit
_ismbblead
_XcptFilter
_exit
_cexit
__getmainargs
strstr
_stricmp
_vsnprintf
__set_app_type

rpcrt4

I_RpcExceptionFilter
RpcStringFreeA
RpcBindingFromStringBindingA
RpcStringBindingComposeA
NdrClientCall2
RpcBindingFree

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 219KB - Virtual size: 360KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3f05c97675415751db4f59206311b717

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

gdi32

user32

msvcrt

rpcrt4

Sections

.text Size: 24KB - Virtual size: 24KB

.data Size: 3KB - Virtual size: 4KB

.rsrc Size: 219KB - Virtual size: 360KB

.text
Size: 24KB - Virtual size: 24KB

.data
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 219KB - Virtual size: 360KB