2bc61cb27665b73e5678cb09183fbf8e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2bc61cb27665b73e5678cb09183fbf8e_JaffaCakes118
Size

213KB
MD5

2bc61cb27665b73e5678cb09183fbf8e
SHA1

73e5f2e47612d5ece63c194f65aa497a1dbcd403
SHA256

ae01492c994f887e3da467435b411cca499ef69d5ab08c2d57fe0f88bc6756a0
SHA512

8ff6f5b3f30cf097dcd8f15be4643948da45c9a91bfdb90f966ebea8775e27ff14efa31f3f2af8cbd759ffdbca8485dfe101409633b6536c55025d7fb32471a8
SSDEEP

6144:EHiRhw1e9cNru4e1vzK0g2EoyMFzuUi9uHaknmVq:k1e9cB2qo7Taed

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2bc61cb27665b73e5678cb09183fbf8e_JaffaCakes118

Files

2bc61cb27665b73e5678cb09183fbf8e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

8fd4b200339f424f30b569a6ec9ab72f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_DEBUG_STRIPPED

Imports

imagehlp

ImageNtHeader
ImageGetDigestStream
ImageRvaToVa
ImageDirectoryEntryToData

kernel32

SetFileAttributesA
RemoveDirectoryA
CloseHandle
MoveFileW
GetProcessHeap
DebugBreak
QueryPerformanceCounter
LoadLibraryExA
CreateFileA
BeginUpdateResourceW
RemoveDirectoryW
CreateFiberEx
GetCurrentThreadId
_lread
GetFullPathNameW
CreateDirectoryA
MapViewOfFile
_llseek
GetFileSize
InitializeCriticalSection
FindFirstFileA
_lclose
HeapSize
InterlockedExchange
CreateFileMappingA
lstrlenA
FormatMessageW
SetUnhandledExceptionFilter
GlobalFree
GetSystemDirectoryA
ReadFile
LockResource
DeleteFileW
EndUpdateResourceW
AreFileApisANSI
LoadLibraryA
GetVersionExA
CreateDirectoryW
EscapeCommFunction
IsDebuggerPresent
LeaveCriticalSection
GetACP
FindNextFileA
GetTickCount
Sleep
GetFileAttributesA
InterlockedIncrement
LoadLibraryExW
DeleteFileA
FindFirstFileW
DeleteCriticalSection
GetStringTypeExW
lstrlenW
CopyFileA
lstrcmpiA
MultiByteToWideChar
EnumResourceNamesW
CreateFileW
_lwrite
HeapFree
GetEnvironmentVariableA
InterlockedDecrement
WideCharToMultiByte
UnmapViewOfFile
FindResourceW
SetFilePointer
ExitProcess
EnumResourceNamesA
OutputDebugStringA
HeapDestroy
UpdateResourceW
GetSystemTimeAsFileTime
HeapAlloc
GetLastError
FreeLibrary
GetVersionExW
GetOEMCP
GetFullPathNameA
FatalExit
GetProcAddress
GlobalAlloc
FreeResource
UnhandledExceptionFilter
GetFileAttributesW
GetCurrentProcessId
FindClose
GetThreadLocale
HeapReAlloc
GetCurrentDirectoryW
EnterCriticalSection
LoadResource
GetTempFileNameW
FindResourceExW
SetLastError
LocalFree
GetFileInformationByHandle
SizeofResource
GlobalUnlock
SetEndOfFile
GlobalLock
GetVersion
RaiseException
GetModuleHandleW
GetCurrentProcess
WriteFile
SetFileAttributesW
EnumResourceLanguagesW
InterlockedCompareExchange
FindNextFileW
EnumResourceTypesW
GetCommandLineW
TerminateProcess
GetTempPathW
GetLocaleInfoA
CopyFileW
lstrcpyA

advapi32

CryptCreateHash
CryptAcquireContextA
CryptHashData
CryptGetHashParam
CryptReleaseContext
CryptDestroyHash

shell32

CommandLineToArgvW

msvfw32

ICInfo

user32

MonitorFromWindow
wsprintfW
CharNextA
CharNextW

psapi

GetProcessMemoryInfo

Sections

.text
Size: 190KB - Virtual size: 189KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.lib
Size: 512B - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8fd4b200339f424f30b569a6ec9ab72f

Headers

File Characteristics

Imports

imagehlp

kernel32

advapi32

shell32

msvfw32

user32

psapi

Sections

.text Size: 190KB - Virtual size: 189KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 17KB - Virtual size: 17KB

.lib Size: 512B - Virtual size: 88KB

.text
Size: 190KB - Virtual size: 189KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 17KB - Virtual size: 17KB

.lib
Size: 512B - Virtual size: 88KB