2b1468180e42ef782a0f33c3c2792a8e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2b1468180e42ef782a0f33c3c2792a8e_JaffaCakes118
Size

166KB
MD5

2b1468180e42ef782a0f33c3c2792a8e
SHA1

11a872a3dfa50a4fd3b8665d8c114c951ddfe49e
SHA256

dfe222e91e1d178c04dfa002938bd9b1d138b81fc9343d623f6cf967cb576453
SHA512

aa55d128a2ba9eef562c103b1f1dca647d513e1bf4350139f6832ca98a686a4b74e300d71e1d6f3e9ec0525d89aad110e0d036b425195d664be55866eef74096
SSDEEP

3072:CQvvFYUHUYvjylwYSz0M6bmO+2XrhfSti93A+UKR:BHbUYvjrT5XO+8rFSta4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b1468180e42ef782a0f33c3c2792a8e_JaffaCakes118

Files

2b1468180e42ef782a0f33c3c2792a8e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ebd635c9b8c4077f503256a6d5fd028c

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

SHSetValueA
PathIsDirectoryA
SHEnumValueA

advapi32

RegEnumKeyExA
RegEnumValueA

msvcrt

_acmdln
wcstol
memcpy
calloc
memmove
srand
atol
tolower
wcsncmp
memset
sqrt
clock

user32

GetClientRect
IsChild
CheckMenuItem
DrawFrameControl
GetSysColorBrush
EnumWindows
CharToOemA
GetCapture
GetDCEx
HideCaret
GetDlgItem
SystemParametersInfoA
DrawEdge
GetClipboardData
CallNextHookEx
CharNextA
GetDesktopWindow
EnableMenuItem
GetMenuStringA
BeginPaint
CreateWindowExA
GetCursorPos
SetWindowLongA
DrawIcon
EnableScrollBar
GetSubMenu
ShowWindow
CallWindowProcA
DrawIconEx
RegisterClassA
CharLowerBuffA
GetMenuState
EnableWindow
SetCursor
GetScrollRange
GetParent
CharLowerA
CreateMenu
GetPropA
DefMDIChildProcA
GetKeyNameTextA
GetMenu
GetFocus
DefFrameProcA
GetScrollInfo
GetDC
FillRect
GetSysColor
GetLastActivePopup
IsWindowEnabled
CreatePopupMenu
IsDialogMessageA
EnumChildWindows
DeferWindowPos
GetClassInfoA
GetMessagePos
ShowScrollBar
EndPaint
ClientToScreen
BeginDeferWindowPos
GetCursor
SetWindowTextA
GetIconInfo
EnumThreadWindows
GetMenuItemCount
FindWindowA

kernel32

GlobalAddAtomA
GetACP
DeleteCriticalSection
DeleteFileA
CreateThread
GetFullPathNameA
FreeLibrary
EnterCriticalSection
GetProcAddress
lstrcmpiA
GetFileAttributesA
GetThreadLocale
GetUserDefaultLCID
WriteFile
HeapAlloc
GetStringTypeW
LoadLibraryExA
GetCurrentThread
GetModuleHandleA
Sleep
GetDiskFreeSpaceA
CompareStringA
MulDiv
SetFilePointer
EnumCalendarInfoA
InitializeCriticalSection
SetErrorMode
LoadResource
RaiseException
lstrcpynA
GetProcessHeap
MoveFileExA
HeapFree
WaitForSingleObject
GetCurrentProcessId
GetOEMCP
GetTickCount
CreateEventA
GetCurrentThreadId
GetLocalTime
GetStartupInfoA
GetStringTypeA
WideCharToMultiByte
GetVersionExA
LocalAlloc
VirtualAllocEx
GetCommandLineA
FindFirstFileA
ReadFile
FreeResource
GetLocaleInfoA
LocalFree
VirtualAlloc
lstrlenA
GetVersion
GetCurrentProcess
GlobalDeleteAtom
ExitProcess
ExitThread
SetHandleCount
FindClose
HeapDestroy

ole32

CoCreateGuid
OleRun
CoUninitialize
MkParseDisplayName
StgOpenStorage
CoRegisterClassObject
CLSIDFromProgID
OleRegGetUserType
CoGetMalloc

ntdll

NtWaitForSingleObject
RtlDeleteCriticalSection

shell32

SHGetFolderPathA
Shell_NotifyIconA
SHGetDiskFreeSpaceA
SHFileOperationA

version

VerInstallFileA
GetFileVersionInfoA

comctl32

ImageList_Create
ImageList_Destroy
ImageList_GetBkColor

comdlg32

GetOpenFileNameA
ChooseColorA
GetFileTitleA
GetSaveFileNameA
FindTextA

gdi32

CreateBitmap
GetCurrentPositionEx

Sections

.text
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.bss
Size: 122KB - Virtual size: 209KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.init
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 512B - Virtual size: 230B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ebd635c9b8c4077f503256a6d5fd028c

Headers

File Characteristics

Imports

shlwapi

advapi32

msvcrt

user32

kernel32

ole32

ntdll

shell32

version

comctl32

comdlg32

gdi32

Sections

.text Size: 34KB - Virtual size: 34KB

.bss Size: 122KB - Virtual size: 209KB

.init Size: 6KB - Virtual size: 6KB

.rdata Size: 512B - Virtual size: 230B

.tls Size: 2KB - Virtual size: 1KB

.text
Size: 34KB - Virtual size: 34KB

.bss
Size: 122KB - Virtual size: 209KB

.init
Size: 6KB - Virtual size: 6KB

.rdata
Size: 512B - Virtual size: 230B

.tls
Size: 2KB - Virtual size: 1KB