2ac0b6ea29d5901a020194c33d0db80a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2ac0b6ea29d5901a020194c33d0db80a_JaffaCakes118
Size

105KB
MD5

2ac0b6ea29d5901a020194c33d0db80a
SHA1

1e95818d51b215a6b493e2151af3be6ed68036e2
SHA256

e052dfffcdaa868079c236103110421dbac89ad434e5554c9d4547b6f37b4b40
SHA512

0a528ae2267720be752d0830ae012f0531feeefd1bf71c40e23d1e9e653a06431d806c651fcf987d6027421f6be5bda8b035cca4b5c8d16590030e9e8b49bcbf
SSDEEP

1536:HMRjAsm3sUM8+IfpPJwRhHpnLgi3TrZHhS7ymqSB6tqH0ZutQ:sR5SsZ8BfZJw7p0847DMtlh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ac0b6ea29d5901a020194c33d0db80a_JaffaCakes118

Files

2ac0b6ea29d5901a020194c33d0db80a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

26239eea29133c1e742f08b805c8105a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

msvcrt

fopen
free
atexit
_XcptFilter
__set_app_type
__p__fmode
_adjust_fdiv
signal
calloc
__setusermatherr
__p__commode
__p___initenv
fputc
atoi
_except_handler3
_vsnprintf
_controlfp
fwrite
abort
sinh
_initterm
wcslen
__getmainargs
_exit
fclose

comdlg32

GetOpenFileNameA

kernel32

GetCurrentThreadId
GetFileTime
VirtualFree
CompareFileTime
SetStdHandle
CopyFileA
GetFileAttributesW
GlobalAlloc
InterlockedIncrement
GetExitCodeProcess
GetNumberFormatA
GetDateFormatA
DeviceIoControl
SetHandleCount
MoveFileA
SetErrorMode

user32

DispatchMessageA
OemToCharA
SystemParametersInfoA
GetWindowTextA
GetDC
SetFocus
WindowFromPoint
DefWindowProcA
GetWindowRect
ShowCursor
GetMenuStringA
SetDlgItemTextA
TranslateMessage
CharNextA
IsWindowVisible
IsChild

comctl32

ImageList_SetImageCount
ImageList_ReplaceIcon
InitializeFlatSB
InitCommonControlsEx
ImageList_GetIcon
ImageList_LoadImageW
ImageList_Create
PropertySheetA
ImageList_GetImageInfo
CreatePropertySheetPageA

ole32

CoCreateInstance
CoGetClassObject
ReleaseStgMedium
CoRegisterClassObject
OleInitialize
CoGetMalloc
CoSetProxyBlanket
OleUninitialize
CreateBindCtx

gdi32

GetViewportExtEx
ExtTextOutA
PtInRegion
GetNearestColor
SetWinMetaFileBits
SetBkColor
GetTextCharsetInfo
RestoreDC
PtVisible
InvertRgn
EnumEnhMetaFile
CreateRectRgn

advapi32

DeregisterEventSource
RegSetValueExW
RegCreateKeyExA
CryptGenRandom
RegOpenKeyExA
InitializeAcl
RegSetValueExA
OpenSCManagerA
CryptReleaseContext
SetSecurityDescriptorGroup
RegQueryInfoKeyA
EqualSid
RegQueryInfoKeyW
InitializeSecurityDescriptor

Sections

.text
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

26239eea29133c1e742f08b805c8105a

Headers

File Characteristics

Imports

msvcrt

comdlg32

kernel32

user32

comctl32

ole32

gdi32

advapi32

Sections

.text Size: 2KB - Virtual size: 1KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 8KB - Virtual size: 37KB

.rsrc Size: 28KB - Virtual size: 28KB

.text
Size: 2KB - Virtual size: 1KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 8KB - Virtual size: 37KB

.rsrc
Size: 28KB - Virtual size: 28KB