2bb013da8a39d1ab2fdc5e2d7cf02b4e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2bb013da8a39d1ab2fdc5e2d7cf02b4e_JaffaCakes118
Size

196KB
MD5

2bb013da8a39d1ab2fdc5e2d7cf02b4e
SHA1

9cc66ed6ddca93771bc7c7129bf22ca9210f4209
SHA256

a3dedddf47382e81877aa120e5f9ec604c511aae81670c7775d30bf5ac84ed40
SHA512

e396e6c01e78151c04dd0ce7bb5ab797caaae2a21f1db2fd2751d75040b4b35bd5e3ce875ad4589502a16db8e58c4b06df0b02e00b62227127ed44d76ba29e4b
SSDEEP

3072:ZiowI5NnkKMagWOtjlN3pxvn+BrF0otM0mo8cgmG:0knzgzJN3yrF0dK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2bb013da8a39d1ab2fdc5e2d7cf02b4e_JaffaCakes118

Files

2bb013da8a39d1ab2fdc5e2d7cf02b4e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

cf40c7949bb3e7d92ba8da201cb64d50

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
GetLastError
GetCurrentDirectoryA
GetDriveTypeA
SetCurrentDirectoryA
FindFirstFileA
GetLocalTime
ReleaseMutex
ReadFile
GetVersionExA
LoadLibraryA
OutputDebugStringA
GetProcAddress
FreeLibrary
ExitProcess
CloseHandle
SetFilePointer
WriteFile
CreateFileA
FindNextFileA
FindClose
GetCommandLineA
CreateMutexA
SetThreadPriority
GetEnvironmentStringsW
HeapDestroy
GetEnvironmentStrings
GetFileAttributesA
GetFullPathNameA
LCMapStringW
LCMapStringA
SetEndOfFile
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
SetStdHandle
FlushFileBuffers
CreateProcessA
GetExitCodeProcess
SetEnvironmentVariableA
GetFileSize
IsDBCSLeadByte
CreateThread
CreateEventA
WaitForSingleObject
SetEvent
Sleep
ExitThread
WaitForMultipleObjects
VirtualFree
DeleteFileA
RtlUnwind
TerminateProcess
GetCurrentProcess
GetModuleHandleA
GetStartupInfoA
GetVersion
HeapFree
HeapAlloc
HeapSize
HeapReAlloc
SetHandleCount
GetStdHandle
GetFileType
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
VirtualAlloc
HeapCreate

user32

MessageBoxA
wvsprintfA
GetClientRect
DefWindowProcA
PostQuitMessage
ShowCursor
SetCapture
wsprintfA
WaitMessage
DispatchMessageA
TranslateMessage
PeekMessageA
SetFocus
UpdateWindow
GetKeyState
PostMessageA
GetKeyboardLayoutNameA
SetCursorPos
CreateWindowExA
ReleaseCapture
ShowWindow
SetCursor
ActivateKeyboardLayout
ClientToScreen
SetRect
AdjustWindowRectEx
LoadIconA
LoadCursorA
RegisterClassExA
GetSystemMetrics

gdi32

GetStockObject
SetBkColor
SetTextColor
TextOutA
EnumFontFamiliesExA
GetTextExtentPoint32A
GetTextMetricsA
SelectObject
CreateFontIndirectA
DeleteObject
SetBkMode
GetGlyphOutlineA

ole32

CoCreateInstance
CoInitialize
CoUninitialize

ws2_32

WSAStartup
closesocket
getsockname
gethostname
recv
send
inet_addr
connect
WSAGetLastError
gethostbyname
htons
WSACleanup
WSAAsyncSelect
socket

winmm

timeGetTime

imm32

ImmAssociateContext
ImmGetConversionStatus
ImmSetConversionStatus
ImmGetCandidateListA
ImmGetCompositionStringA
ImmIsIME
ImmDestroyContext
ImmCreateContext

ddraw

DirectDrawCreateEx

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA

dsound

ord1

Sections

.text
Size: 116KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 2.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.hhqg
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

cf40c7949bb3e7d92ba8da201cb64d50

Headers

File Characteristics

Imports

kernel32

user32

gdi32

ole32

ws2_32

winmm

imm32

ddraw

advapi32

dsound

Sections

.text Size: 116KB - Virtual size: 112KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 64KB - Virtual size: 2.5MB

.hhqg Size: 4KB - Virtual size: 4KB

.text
Size: 116KB - Virtual size: 112KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 64KB - Virtual size: 2.5MB

.hhqg
Size: 4KB - Virtual size: 4KB