2b15e8b996a5e439f4bb7c9e98a2ae0e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2b15e8b996a5e439f4bb7c9e98a2ae0e_JaffaCakes118
Size

388KB
MD5

2b15e8b996a5e439f4bb7c9e98a2ae0e
SHA1

a8dd6a2388e0e75add58a86bc0b72448e969e7c5
SHA256

0349b7b5d9d720f8c454b69716f21346967bfff297ac2f6ceec40ce80747054d
SHA512

ed6e2b79df27034d2f72230db1b3c83ed1d5acdc6cdae3ce9ce456884f682a18cfe6995b7169cb6c7cca668d662d0e72b6bd971799de5e5e0e280df3d089e1d3
SSDEEP

12288:z+QA5i2ipjoMARxOJ7dLQsNeqKLGrDh/:CngLpjoMARxOJJsLLG5/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
2b15e8b996a5e439f4bb7c9e98a2ae0e_JaffaCakes118

Files

2b15e8b996a5e439f4bb7c9e98a2ae0e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

edd9e6ed48ff9ff33d70ab1f531d6c91

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetForegroundWindow
GetScrollRange
OffsetRect
BlockInput
DrawStateA
GetCapture
DrawTextA
SetMenuDefaultItem
PostMessageA
RegisterClassExW
PostMessageW
DefDlgProcA
CloseClipboard
CharNextA
FillRect
GetCursorPos
PostThreadMessageW
OemToCharBuffA
CreateDialogIndirectParamW
IsCharAlphaW
PostQuitMessage
GetProcessWindowStation
ValidateRect
GetNextDlgTabItem
TrackPopupMenu
SetWindowLongW
CharToOemA
CopyImage
SendNotifyMessageW
DdeQueryStringA
DefFrameProcW
SetMenu
TranslateAcceleratorA
AttachThreadInput
ReuseDDElParam
GetDlgItemTextA
EnableScrollBar
DeferWindowPos
GetClipboardFormatNameW
FrameRect
BringWindowToTop
SetWindowLongA
IsIconic
ChangeClipboardChain
CloseWindow
GetWindowTextLengthA
GetClipboardViewer
EnableWindow
DefWindowProcA
ModifyMenuA
EmptyClipboard
WindowFromPoint
DestroyCaret
DdeConnect
CreateWindowExW
GetMessageExtraInfo
CharLowerW
IntersectRect
CharLowerA
LoadCursorFromFileA
LoadIconA
IsCharLowerA
CreatePopupMenu
CharUpperW
GetDC
CharPrevA
CharLowerBuffA
GetMenuState
GetLastActivePopup
ClipCursor
ChildWindowFromPointEx
DdeAccessData
CharUpperBuffW
GetKeyboardLayoutList
GetMessagePos
GetKeyState
RegisterClipboardFormatA
CallMsgFilterA

advapi32

SetServiceStatus
GetServiceKeyNameA

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
_initterm
__getmainargs
_acmdln
cos
strtok
abs
_onexit
__dllonexit
_strnicoll
_setmbcp

mpr

WNetGetConnectionA
WNetUseConnectionA
WNetCancelConnectionA
WNetDisconnectDialog
MultinetGetConnectionPerformanceA

mfc42

ord3738
ord4424
ord1034
ord4080
ord3079
ord3825
ord3831
ord3830
ord3401
ord2976
ord3081
ord2985
ord3262
ord1066
ord4465
ord3259
ord1038
ord561
ord5714
ord1015
ord5307
ord4698
ord1062
ord2725
ord5302
ord1067
ord3346
ord2396
ord1007
ord1089
ord3922
ord5731
ord1058
ord2554
ord4486
ord6375
ord815
ord1056
ord2982
ord1168
ord1576

kernel32

IsProcessInJob
RtlUnwind

Sections

.text
Size: 244KB - Virtual size: 243KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 68KB - Virtual size: 685KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

edd9e6ed48ff9ff33d70ab1f531d6c91

Headers

File Characteristics

Imports

user32

advapi32

msvcrt

mpr

mfc42

kernel32

Sections

.text Size: 244KB - Virtual size: 243KB

.rdata Size: 60KB - Virtual size: 57KB

.data Size: 68KB - Virtual size: 685KB

.rsrc Size: 12KB - Virtual size: 11KB

.text
Size: 244KB - Virtual size: 243KB

.rdata
Size: 60KB - Virtual size: 57KB

.data
Size: 68KB - Virtual size: 685KB

.rsrc
Size: 12KB - Virtual size: 11KB