2bd8d26b416d880298b40bdc56f8e556_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2bd8d26b416d880298b40bdc56f8e556_JaffaCakes118
Size

250KB
MD5

2bd8d26b416d880298b40bdc56f8e556
SHA1

b2632dfae5079a300979a7f54f01628c85b2ba03
SHA256

dd91b203e78545186f3e33b531d6b6dbcd2c7faae92aaab1d78ebf71505935e9
SHA512

c2c5617c29aa0c1c8b27c77b761774f1812d7ba94d3c9a2e6bf8e30a47b6c4f643a9f3b729685be46f7a3d13fb2ab5a1ad29b233f9295fab577907c2cc69e442
SSDEEP

6144:I37PAtE7eaUYgEC9Cl1gfFlO1HNM7DKe4bvLFDCO:SAIg+l1gwNMfKZbvLRt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2bd8d26b416d880298b40bdc56f8e556_JaffaCakes118

Files

2bd8d26b416d880298b40bdc56f8e556_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5f24f36d7ee4f0e77c67eeed9e99d8f9

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceA
GetFullPathNameA
GetVersionExA
GlobalAddAtomA
LoadLibraryA
SetHandleCount
FindClose
Sleep
GetLastError
LocalReAlloc
HeapFree
GetProcAddress
HeapAlloc
ResetEvent
lstrcmpA
DeleteFileA
SetEvent
GetACP
lstrlenA
VirtualAllocEx
GetStdHandle
FindFirstFileA
GetLocaleInfoA
SetLastError
GetCurrentProcess
EnterCriticalSection
GetModuleHandleA
GetTickCount
GetLocalTime
GetStartupInfoA
ExitProcess
DeleteCriticalSection
ExitThread
GlobalAlloc
RaiseException
SetThreadLocale
FreeResource
GetCurrentProcessId
CloseHandle
SetEndOfFile
VirtualAlloc
LocalAlloc
LoadResource
GetCurrentThread
GlobalFindAtomA
GetFileAttributesA
CreateThread
GetCommandLineA
GetCPInfo
VirtualQuery
GetEnvironmentStrings
GetCurrentThreadId
lstrcatA
GetProcessHeap
LoadLibraryExA
GetVersion
InitializeCriticalSection
CompareStringA
GetOEMCP
GetStringTypeA
GetStringTypeW
WriteFile
lstrcpyA
MulDiv
SetFilePointer
ReadFile

comdlg32

GetFileTitleA

user32

CreatePopupMenu
BeginDeferWindowPos
GetPropA
SystemParametersInfoA
BeginPaint
GetSysColorBrush
EnableScrollBar
CharNextA
DeferWindowPos
GetWindow
FindWindowA
RegisterClassA
CharLowerBuffA
GetKeyState
FrameRect
CharToOemA
GetSubMenu
CharLowerA
DefWindowProcA
EndPaint
GetMenuItemID
DispatchMessageW
DefMDIChildProcA
ShowWindow
SetTimer
GetLastActivePopup
MessageBoxA
IsWindowVisible
CreateMenu
DispatchMessageA
IsWindowEnabled
GetFocus
ShowScrollBar

shlwapi

SHStrDupA
PathFileExistsA
SHDeleteValueA
SHQueryValueExA

comctl32

ImageList_DrawEx
ImageList_Add
ImageList_Draw
ImageList_Create
ImageList_DragShowNolock
ImageList_Write
ImageList_Destroy

msvcrt

malloc
memmove
memcpy
calloc
tan
strcmp

version

GetFileVersionInfoA
GetFileVersionInfoSizeA

ole32

StringFromIID
CreateOleAdviseHolder
CoDisconnectObject
CoRevokeClassObject
OleRegGetUserType
OleRun
MkParseDisplayName
CoTaskMemFree
OleCreateStaticFromData

Sections

.text
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 193B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 204KB - Virtual size: 203KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5f24f36d7ee4f0e77c67eeed9e99d8f9

Headers

File Characteristics

Imports

kernel32

comdlg32

user32

shlwapi

comctl32

msvcrt

version

ole32

Sections

.text Size: 45KB - Virtual size: 44KB

.tls Size: 512B - Virtual size: 193B

DATA Size: 204KB - Virtual size: 203KB

.text
Size: 45KB - Virtual size: 44KB

.tls
Size: 512B - Virtual size: 193B

DATA
Size: 204KB - Virtual size: 203KB