2b956c82749ce38633f3ebcb7cc726bd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2b956c82749ce38633f3ebcb7cc726bd_JaffaCakes118
Size

238KB
MD5

2b956c82749ce38633f3ebcb7cc726bd
SHA1

1450a2598830c04ed5f6be94404361af9f519c06
SHA256

5d4f3cffc772e609b6cf417a4a2f225f5d5e6a511cd64f5c0b14ab49c82c8a7f
SHA512

297dc60746437a8a46676af4429894908eeef001caf74b7e58b54d7728bb5a4edcab9f5f0770e4a73ff43e473314f70bebc3617508d1e983be05644c8b214413
SSDEEP

3072:mnPxbGYQX9ioH/z87y7AFEaEsz6QgfJgTY3B9nTH+xB21wmNZXVCPyBQQAj1I7Ee:eQzME3EgvjTHg2yylCPxpI7AKBlp5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b956c82749ce38633f3ebcb7cc726bd_JaffaCakes118

Files

2b956c82749ce38633f3ebcb7cc726bd_JaffaCakes118
.exe windows:4 windows x86 arch:x86

86c467caa3a650a16484cb96a5737517

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

advapi32

RegEnumValueW
RegCreateKeyExW

user32

ReleaseCapture
BeginPaint
TrackPopupMenu
GetAsyncKeyState
SetCapture
OpenClipboard
EnumWindows
GetSubMenu
DefFrameProcW
UnregisterClassW
SendMessageW
CallWindowProcW
GetDC
EnumClipboardFormats
GetMessagePos
GetUpdateRect
GetWindowTextLengthW
GetClassNameW
GetMenuItemCount
CopyRect
TranslateMessage
GetWindowTextW
RegisterClassW
RedrawWindow
DefWindowProcW
RegisterHotKey
CloseClipboard
LoadBitmapW
SetCursorPos
SystemParametersInfoW
MessageBeep
CreateWindowExW
InsertMenuItemW
SetParent
SetWindowPos
SetCursor
SetWindowTextW
BeginDeferWindowPos
DestroyCursor
GetMenuItemInfoW
PostMessageW

kernel32

InterlockedDecrement
InterlockedIncrement
VirtualAlloc
HeapReAlloc
GetCPInfo
HeapAlloc
GetACP
GetOEMCP
LCMapStringA
MultiByteToWideChar
GetProcAddress
LoadLibraryA
GetStringTypeA
LCMapStringW
GetStringTypeW
GetLastError
SetLastError
TlsGetValue
TlsSetValue
GetCurrentThreadId
TlsAlloc
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetFileType
GetStdHandle
GetStartupInfoA
VirtualFree
HeapDestroy
HeapCreate
GetModuleHandleA
GetEnvironmentVariableA
GetVersionExA
InitializeCriticalSection
WriteFile
HeapFree
RtlUnwind
LeaveCriticalSection
EnterCriticalSection
FreeEnvironmentStringsW
GetModuleFileNameA
FreeEnvironmentStringsA
TerminateProcess
ExitProcess
GetCurrentProcess
UnhandledExceptionFilter
GetVersion
CreateThread
GetCommandLineA
TerminateThread
CreateFiber

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

86c467caa3a650a16484cb96a5737517

Headers

File Characteristics

Imports

advapi32

user32

kernel32

Sections

.text Size: 36KB - Virtual size: 35KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 82KB

.rsrc Size: 4KB - Virtual size: 1KB

.text
Size: 36KB - Virtual size: 35KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 82KB

.rsrc
Size: 4KB - Virtual size: 1KB