2a802c71a651e75d011179b86be379e2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2a802c71a651e75d011179b86be379e2_JaffaCakes118
Size

276KB
MD5

2a802c71a651e75d011179b86be379e2
SHA1

b92e816a1ae385cfe18f79ef249f56fb259b0432
SHA256

dccc17aab516340e028d58104723aa3584e097a6b0eb4d329cf0da249ca1bae0
SHA512

339d1396331f01c344df756c4650817abd4c1b7b0ea2758085a9f9ad498b06cd110757b2ae449427fddfc362616c6eae00eca79d033903e975e1df767b1ee41f
SSDEEP

6144:KhTKQqnaLEqZDqSJIb549zZPRk+z8FbkdCrim/TT3sNr/Tzvh:K8aAqRqOpzlu+o8C2mLLsNrn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a802c71a651e75d011179b86be379e2_JaffaCakes118

Files

2a802c71a651e75d011179b86be379e2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

81f70ecea9038dc909a696d661fdba35

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetThreadExecutionState
HeapDestroy
InitializeCriticalSection
GetPrivateProfileStringA
SetNamedPipeHandleState
TlsFree
GetModuleFileNameA
GetACP
lstrcmpiW
GetTempFileNameA
WaitForMultipleObjectsEx
PulseEvent
GetTimeZoneInformation
FindResourceA
OutputDebugStringW
WideCharToMultiByte
EnumCalendarInfoA
lstrcatW
IsDBCSLeadByteEx
GlobalFree
GlobalSize
Process32FirstW
EnumSystemLocalesA
LoadLibraryExW
AddAtomA
SetThreadLocale
GetModuleFileNameW
IsDBCSLeadByte
GetCurrentProcessId
MultiByteToWideChar
ExpandEnvironmentStringsW
GetStringTypeW
GetProcessTimes
GlobalAddAtomW
SetCurrentDirectoryW
UnhandledExceptionFilter
GetModuleHandleA
GetVersion
ExitProcess
GetProcAddress
GetStartupInfoW
TlsSetValue
SetLastError
TlsGetValue
RtlUnwind
TerminateProcess
GetCurrentProcess
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetStdHandle
GetFileType
GetEnvironmentVariableA
GetVersionExA
HeapCreate
VirtualFree
WriteFile
InterlockedDecrement
LeaveCriticalSection
HeapAlloc
GetCPInfo
GetOEMCP
HeapReAlloc
LoadLibraryA
GetStringTypeA
LCMapStringA
LCMapStringW
CreateMutexW
GetLastError
SetHandleCount
FindNextFileW
CreateSemaphoreA
ResetEvent
LoadLibraryExA
MoveFileW
MoveFileExW
_lopen
WritePrivateProfileStringA
SetPriorityClass
CreateFileMappingW
GetThreadLocale
GetSystemTimeAsFileTime
SystemTimeToFileTime
IsBadCodePtr
GetDriveTypeA
CompareFileTime
InterlockedIncrement
EnterCriticalSection
OpenEventW
TlsAlloc
GetSystemInfo
GetVolumeInformationA
CreateThread
SetEndOfFile
CreateEventW
lstrcmpW
GetFullPathNameA
GetUserGeoID
GetFileTime
CreateEventA
LocalUnlock
ReleaseMutex
GetExitCodeProcess
GlobalAddAtomA
VirtualQueryEx
HeapFree
GlobalHandle
GetStartupInfoA
VerSetConditionMask
GlobalReAlloc
GetCommandLineA
lstrlenA
GetCurrentThreadId
VirtualAlloc

gdi32

IntersectClipRect
ExtEscape
CopyMetaFileA
GetTextFaceA
SetViewportOrgEx
GetTextCharsetInfo
CreateFontIndirectW
SetViewportExtEx
CreateICA
SelectPalette
GetCharWidthA
GetBkMode
EnumFontsA
CreatePalette
RectVisible
DPtoLP
Pie
Arc
GetFontData
SetMetaFileBitsEx
InvertRgn
GdiFlush
GetBrushOrgEx
RealizePalette
CreateDCW
GetObjectA

user32

HideCaret
EnumThreadWindows
OemToCharA

advapi32

AdjustTokenPrivileges
LookupAccountNameW
SetEntriesInAclW
EqualSid
GetSidLengthRequired
FreeSid
RegDeleteKeyA
OpenProcessToken
CryptAcquireContextA
RegQueryInfoKeyA
SetSecurityInfo
InitializeSid
GetSidIdentifierAuthority
InitializeSecurityDescriptor
CheckTokenMembership

comctl32

ImageList_GetIcon
ImageList_EndDrag
ImageList_GetBkColor

comdlg32

GetOpenFileNameA

shell32

CommandLineToArgvW
ShellExecuteExW
SHGetPathFromIDListW
SHGetMalloc
SHBrowseForFolderW

oleaut32

VariantClear

ole32

GetHGlobalFromILockBytes
CoRevokeClassObject
CoGetClassObject
OleCreateLink
OleQueryLinkFromData
WriteClassStg
CoFreeUnusedLibraries
OleCreateLinkFromData
CoGetInterfaceAndReleaseStream
ReleaseStgMedium
OleCreateFromFile
MkParseDisplayName

shlwapi

PathRemoveFileSpecW

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
GetFileVersionInfoSizeW

Sections

.text
Size: 216KB - Virtual size: 212KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 600B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

81f70ecea9038dc909a696d661fdba35

Headers

File Characteristics

Imports

kernel32

gdi32

user32

advapi32

comctl32

comdlg32

shell32

oleaut32

ole32

shlwapi

version

Sections

.text Size: 216KB - Virtual size: 212KB

.data Size: 52KB - Virtual size: 49KB

.rsrc Size: 4KB - Virtual size: 600B

.text
Size: 216KB - Virtual size: 212KB

.data
Size: 52KB - Virtual size: 49KB

.rsrc
Size: 4KB - Virtual size: 600B