2a81822c339b0f19ffa315fb660991bc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2a81822c339b0f19ffa315fb660991bc_JaffaCakes118
Size

91KB
MD5

2a81822c339b0f19ffa315fb660991bc
SHA1

4531928706981124c959706e8ed29eb9adc65df8
SHA256

cdac2304771ca4b26b8c99e374558a106d76cdf46d7372424a86eee14688c0aa
SHA512

a28ec0071ace0616fcc8c8253acb5ce7ecd1e172c42fc06e39aadda5397e00743b46704f1db5e71ba8cdec044a406fc975f550fa0d26f6d81fc28dd419e74a2d
SSDEEP

1536:WiPpcEqq2cJkmRUiytiGRzUBU0F6guC78QHF4Rh6hTD2jE6Y5FaJLcqf8uvOWWO:xpScJ/Rysl6LC78QHF4RhIAEPMv9vOY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a81822c339b0f19ffa315fb660991bc_JaffaCakes118

Files

2a81822c339b0f19ffa315fb660991bc_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c15fdae27396e1993934053557078da0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegQueryValueExA
InitializeSecurityDescriptor
RegOpenKeyW
RegSetValueExA
RegSetValueExW
RegCreateKeyExW
RegEnumKeyExA
RegOpenKeyExA
RegDeleteValueA
RegCloseKey
OpenServiceW

kernel32

TlsAlloc
FindFirstFileA
EnterCriticalSection
WriteConsoleW
PulseEvent
GetStartupInfoA
GetModuleFileNameA
lstrcmpA
CompareStringA
RaiseException
GetSystemDefaultLangID
lstrlenA
CreateFileA
VirtualFree
GetVolumeInformationA
CreateFileMappingA
FlushFileBuffers
SetHandleCount
RtlUnwind
InitializeCriticalSection
SetErrorMode
TlsSetValue
GetConsoleOutputCP
GetOEMCP
CopyFileA
CreateThread
VirtualAlloc
GetCommandLineA
SetEvent
GetConsoleMode
LeaveCriticalSection
WaitForSingleObject
GetProcessHeap
ExitProcess
GetTempPathA
GetVersionExA
FreeEnvironmentStringsW
GetCPInfo
GetEnvironmentStringsW
GetCurrentDirectoryA
GetCurrentThreadId
SetUnhandledExceptionFilter
GetStdHandle
IsValidCodePage
HeapReAlloc
FindResourceA
CompareStringW
lstrcatA
FreeEnvironmentStringsA
GetFileSize
DeviceIoControl
GetSystemTime
MapViewOfFile
OpenEventA
InterlockedIncrement
IsDebuggerPresent
GetFileType
HeapSize
LoadLibraryExW
WideCharToMultiByte
CreateDirectoryA
SetThreadPriority
DeleteCriticalSection
SetStdHandle
GlobalLock
GetStringTypeW
LCMapStringW
GlobalUnlock
InitializeCriticalSectionAndSpinCount
InterlockedDecrement
CloseHandle
GetLocaleInfoA
SetFilePointer
VirtualQuery
QueryDosDeviceA
FreeResource
TryEnterCriticalSection
SizeofResource
UnhandledExceptionFilter
GetEnvironmentVariableA
GetStringTypeA
FindClose
GetProcAddress
FindNextFileA
CreateTimerQueueTimer
DeleteFileA
Sleep
HeapCreate
MultiByteToWideChar
CreateProcessA
LCMapStringA
GetCurrentProcess
HeapAlloc
TlsFree
HeapFree
CreateMutexA
GetSystemDirectoryA
GetConsoleCP
lstrcmpiA
ReadFile
OpenMutexA
DefineDosDeviceA
GetCurrentProcessId
TlsGetValue
GetACP
GetSystemTimeAsFileTime
LoadResource
TerminateProcess
GetEnvironmentStrings
SetFileAttributesA
GetTickCount
GetFileAttributesA
DeleteTimerQueueTimer
GetLastError
ResumeThread
lstrcpyA
LoadLibraryA
SetLastError
SetEnvironmentVariableA
QueryPerformanceCounter
CreateEventA
WriteFile
WriteConsoleA
SystemTimeToFileTime
GetModuleHandleW
SetEndOfFile
ReleaseMutex
UnmapViewOfFile

ws2_32

WSASocketA
getaddrinfo
freeaddrinfo

user32

IsDlgButtonChecked
GetParent
GetForegroundWindow
wsprintfA
DefWindowProcW
OffsetRect
ScreenToClient
LoadIconW
PostQuitMessage
GetWindow
WindowFromPoint
GetCursorPos
OpenClipboard
SetPropA
GetWindowRect
DispatchMessageA
SendMessageA

ole32

CoUninitialize
CoCreateInstance
CoInitialize

msvcrt

memmove
_vsnwprintf
_wcsicmp
strncmp
_controlfp
_onexit
??3@YAXPAX@Z

aclui

CreateSecurityPage

wininet

InternetSetOptionA

shell32

SHGetFolderPathA
SHGetSpecialFolderPathA

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 238KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 160B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c15fdae27396e1993934053557078da0

Headers

DLL Characteristics

File Characteristics

Imports

advapi32

kernel32

ws2_32

user32

ole32

msvcrt

aclui

wininet

shell32

Sections

.text Size: 45KB - Virtual size: 44KB

.rdata Size: 23KB - Virtual size: 23KB

.data Size: 18KB - Virtual size: 238KB

.rsrc Size: 3KB - Virtual size: 3KB

.reloc Size: 512B - Virtual size: 160B

.text
Size: 45KB - Virtual size: 44KB

.rdata
Size: 23KB - Virtual size: 23KB

.data
Size: 18KB - Virtual size: 238KB

.rsrc
Size: 3KB - Virtual size: 3KB

.reloc
Size: 512B - Virtual size: 160B