2b03dbc5297f23c8916b8a0ba6dbace2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2b03dbc5297f23c8916b8a0ba6dbace2_JaffaCakes118
Size

437KB
MD5

2b03dbc5297f23c8916b8a0ba6dbace2
SHA1

8adcd3ad9db0e86c3740121f495f14338e1be6ec
SHA256

d9e91a7f3f3d51ff5b84bae4c478c427983a3edb61db592a7a6aca0602bff448
SHA512

4258d236eaaf6893862553cf7927669693999a2fcd87e6145d0f2d2f55f508e82c455933f6c57d54b0d3e543a950df540c62e45092fa86f05c924214cf3ca5e1
SSDEEP

12288:m2Wqq3vy4Hp40tFRbtCBYZB2rULtiU3us3a2e3m5mlhdPHTD5:s2qlPusK2e0mjN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b03dbc5297f23c8916b8a0ba6dbace2_JaffaCakes118

Files

2b03dbc5297f23c8916b8a0ba6dbace2_JaffaCakes118
.exe windows:4 windows x86 arch:x86

435cd13b3a074f477539bfe8e0e6befd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

HeapCreate
IsValidCodePage
LCMapStringA
TlsSetValue
GetProcAddress
LCMapStringW
HeapReAlloc
VirtualFree
FreeLibrary
GetTimeZoneInformation
GetCurrentProcessId
WriteFile
CompareStringW
GetLocaleInfoA
Sleep
GetModuleHandleA
LeaveCriticalSection
GetConsoleCP
GetLogicalDrives
SetUnhandledExceptionFilter
GetOEMCP
InterlockedDecrement
GetCPInfo
InitializeCriticalSectionAndSpinCount
SetConsoleCtrlHandler
CompareStringA
GetStringTypeW
TryEnterCriticalSection
SetEnvironmentVariableW
ExitProcess
GetTickCount
SetHandleCount
WideCharToMultiByte
HeapFree
GetEnvironmentStrings
GetModuleFileNameA
HeapDestroy
LoadLibraryA
QueryPerformanceCounter
GetDateFormatA
VirtualAlloc
DeleteFileW
GetACP
VirtualQuery
GetCurrentProcess
TerminateProcess
GetCurrentThreadId
RtlUnwind
GetEnvironmentStringsW
GetLocaleInfoW
GetStdHandle
TlsAlloc
DuplicateHandle
IsValidLocale
GetCommandLineA
GetSystemTimeAsFileTime
GetFileType
EnumSystemLocalesA
GetThreadPriorityBoost
GetLastError
GetModuleHandleW
EnterCriticalSection
TlsGetValue
SetEnvironmentVariableA
HeapSize
DeleteCriticalSection
GetStartupInfoA
TlsFree
FindNextFileW
IsDebuggerPresent
UnhandledExceptionFilter
GetStringTypeA
SetThreadAffinityMask
InterlockedExchange
GetUserDefaultLCID
GetTimeFormatA
GetCurrentThread
SetLastError
FreeEnvironmentStringsW
FreeEnvironmentStringsA
MultiByteToWideChar
InterlockedIncrement
HeapAlloc

advapi32

CryptHashSessionKey
RegEnumKeyA
RegNotifyChangeKeyValue
RegQueryMultipleValuesA
RegQueryValueExW
LogonUserW
LookupPrivilegeNameW
CryptSetProviderExA
CryptDuplicateHash
CryptCreateHash
RegQueryInfoKeyA
RegDeleteValueW
RegEnumValueW
RegRestoreKeyW
CryptSetProviderW
InitializeSecurityDescriptor
RegSetValueA
RegSetValueExW
DuplicateToken
CryptGenRandom

Sections

.text
Size: 149KB - Virtual size: 149KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 275KB - Virtual size: 275KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

435cd13b3a074f477539bfe8e0e6befd

Headers

File Characteristics

Imports

kernel32

advapi32

Sections

.text Size: 149KB - Virtual size: 149KB

.data Size: 275KB - Virtual size: 275KB

.rsrc Size: 11KB - Virtual size: 10KB

.text
Size: 149KB - Virtual size: 149KB

.data
Size: 275KB - Virtual size: 275KB

.rsrc
Size: 11KB - Virtual size: 10KB