2bb0718344569436589d4ce30f74c366_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2bb0718344569436589d4ce30f74c366_JaffaCakes118
Size

225KB
MD5

2bb0718344569436589d4ce30f74c366
SHA1

546570c2feac5d0031a64f6e1101c755a195c8de
SHA256

e894d0b10a525e848efe24cf15caee9bc6baa0f691d8e84301123e730dce7eb0
SHA512

e176c5e2e9f808d61282dbfca744cee935695fd0e7020e1814df64d441e84d391c8f7d44ba7591bff3de08f7fd0415b97ec799f397462e254f1ab53e9a4043e2
SSDEEP

6144:ImxXY4VVDEpdEJCCY4BK/8yrEWusejr/ADwJQG:IOXY4LsioCY4BK/t+r/AUJQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2bb0718344569436589d4ce30f74c366_JaffaCakes118

Files

2bb0718344569436589d4ce30f74c366_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f9b7dab946a0bbd598132baf5b6ad888

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DrawTextA
DrawEdge
CreateMenu
GetMenuItemInfoA
GetIconInfo
MessageBoxA
BeginDeferWindowPos
FillRect
CreateIcon
GetMessagePos
CallNextHookEx
EqualRect
EnableWindow
SetWindowPos
GetClientRect
DrawFrameControl
DefWindowProcA

version

VerQueryValueA

gdi32

SetTextColor
SelectPalette
SaveDC
SelectObject
CreateFontIndirectA
GetBitmapBits
GetPaletteEntries
SetBkMode
CreatePalette

msvcrt

_acmdln
calloc
atol
sqrt
memmove
memcpy

kernel32

ExitProcess
CompareStringA
LocalAlloc
GetDiskFreeSpaceA
LoadLibraryExA
GetStdHandle
GetCurrentThreadId
LoadResource
GetOEMCP
GetFileAttributesA
LoadLibraryA
VirtualAllocEx
EnterCriticalSection
HeapDestroy
WaitForSingleObject
FindResourceA
LocalReAlloc
GetACP
GetVersionExA

advapi32

RegOpenKeyExA
RegOpenKeyA
RegQueryValueExA
GetUserNameA

ole32

GetHGlobalFromStream
CoCreateGuid
OleRun
CoFreeUnusedLibraries
CoRevokeClassObject
OleRegGetUserType
ReleaseStgMedium
StringFromIID
CoGetMalloc
CoGetContextToken

shlwapi

SHQueryValueExA
SHStrDupA
PathIsDirectoryA
SHGetValueA
SHEnumValueA
PathIsContentTypeA
SHDeleteKeyA
SHSetValueA
SHQueryInfoKeyA

Sections

.data
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 192KB - Virtual size: 191KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.init
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

INIT
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f9b7dab946a0bbd598132baf5b6ad888

Headers

File Characteristics

Imports

user32

version

gdi32

msvcrt

kernel32

advapi32

ole32

shlwapi

Sections

.data Size: 25KB - Virtual size: 24KB

.bss Size: 192KB - Virtual size: 191KB

.init Size: 4KB - Virtual size: 3KB

INIT Size: 1KB - Virtual size: 1KB

.idata Size: 2KB - Virtual size: 1KB

.data
Size: 25KB - Virtual size: 24KB

.bss
Size: 192KB - Virtual size: 191KB

.init
Size: 4KB - Virtual size: 3KB

INIT
Size: 1KB - Virtual size: 1KB

.idata
Size: 2KB - Virtual size: 1KB