2b53a881109db56de5afe2dfc350ee87_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2b53a881109db56de5afe2dfc350ee87_JaffaCakes118
Size

168KB
MD5

2b53a881109db56de5afe2dfc350ee87
SHA1

2bfe8874d896e3903d8c3a7a385b5033fc0a21ba
SHA256

0dbffc711c4e025119f99a004a391beb892dc8eb20d0d1d28190e95ba8a2a3c1
SHA512

fd7bec5a064ee9a21385e0de2f85ab53d4c7cd3e5d3b711e908adc2ededfcbf718c6a647870b0f158be5cbd4f6f7a20d376e14abf88032dc58ffdb549e5cfc47
SSDEEP

3072:wOFFpMNU+but/10YxLVndmBY4Bz7+SQwlqzyO6d/W:THsU+kPdaBfzKJS4lw/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2b53a881109db56de5afe2dfc350ee87_JaffaCakes118

Files

2b53a881109db56de5afe2dfc350ee87_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ba88d2e25b26bf8443bdcba6e265087f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

SHDeleteValueA
SHQueryInfoKeyA
SHStrDupA
SHGetValueA
PathFileExistsA
PathIsContentTypeA
SHEnumValueA
SHSetValueA
SHQueryValueExA

msvcrt

wcsncmp
rand
memmove
swprintf
wcstol
mbstowcs
wcscspn
wcschr
tolower
memcpy
sqrt
atol
_acmdln
clock
memset
sprintf
exit
calloc
time
malloc
srand

kernel32

lstrcpynA
SetLastError
GetStringTypeA
ExitProcess
FormatMessageA
GetFileAttributesA
GetACP
GlobalFindAtomA
WideCharToMultiByte
GetThreadLocale
CreateThread
VirtualFree
GetCurrentProcessId
GetLastError
WaitForSingleObject
GetLocalTime
GetCommandLineA
DeleteCriticalSection
GetFullPathNameA
HeapAlloc
GlobalDeleteAtom
VirtualQuery
GetVersionExA
GetProcessHeap
FindClose
GlobalAddAtomA
GetEnvironmentStrings
GetDateFormatA
LocalReAlloc
WriteFile
LoadLibraryExA
CreateEventA
GetStdHandle
SizeofResource
SetFilePointer
GetVersion
MulDiv
VirtualAlloc
GetSystemDefaultLangID
lstrcpyA

user32

IsWindowVisible
DefWindowProcA
GetCursor
GetMenuStringA
DefFrameProcA
EnableScrollBar
GetWindow
GetMenuItemInfoA
GetPropA
ClientToScreen
GetScrollInfo
GetClipboardData
DispatchMessageW
GetParent
DrawEdge
GetDCEx
FillRect
CheckMenuItem
EnumChildWindows
IsMenu
GetKeyState
ShowScrollBar
EnumThreadWindows
CreatePopupMenu
GetLastActivePopup
GetWindowTextA
DefMDIChildProcA
SystemParametersInfoA
CharLowerBuffA
FindWindowA
DispatchMessageA
IsDialogMessageA
CharLowerA
ShowWindow
GetDC
EndPaint
GetActiveWindow
BeginDeferWindowPos
EnableWindow
GetSubMenu
GetFocus
DrawIcon
SetWindowTextA
GetClassLongA
GetMenu
HideCaret
CreateWindowExA
SetTimer
EnableMenuItem
DrawIconEx
GetKeyNameTextA
IsWindowEnabled
DrawTextA
EndDeferWindowPos
CallNextHookEx
IsChild
TrackPopupMenu
CallWindowProcA
CharToOemA
CreateMenu
DrawFrameControl
FrameRect
GetDesktopWindow
CreateIcon
GetIconInfo
GetScrollRange
GetSysColor
EnumWindows
GetDlgItem
GetClassInfoA
GetForegroundWindow
GetScrollPos
DeferWindowPos
RegisterClassA
CharNextA
SetWindowLongA
GetMenuItemID
BeginPaint
GetMenuItemCount
GetMenuState
GetMessagePos
SetWindowPos
GetCapture
SetCursor
GetCursorPos
GetSysColorBrush

Sections

BSS
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 123KB - Virtual size: 123KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 5KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.init
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ba88d2e25b26bf8443bdcba6e265087f

Headers

File Characteristics

Imports

shlwapi

msvcrt

kernel32

user32

Sections

BSS Size: 36KB - Virtual size: 36KB

DATA Size: 123KB - Virtual size: 123KB

.edata Size: 5KB - Virtual size: 84KB

.init Size: 2KB - Virtual size: 1KB

BSS
Size: 36KB - Virtual size: 36KB

DATA
Size: 123KB - Virtual size: 123KB

.edata
Size: 5KB - Virtual size: 84KB

.init
Size: 2KB - Virtual size: 1KB