2d1a7c74c3a0023e2c14d5189375b4c7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2d1a7c74c3a0023e2c14d5189375b4c7_JaffaCakes118
Size

2.2MB
MD5

2d1a7c74c3a0023e2c14d5189375b4c7
SHA1

108f0535b804d91ad6f2705748e16b23ae565bb3
SHA256

e4a8265e6bc181f5263fecb2eb320420b86e2077185b07fd9863f57edd178be9
SHA512

855c0296811128d7d59cb5ec4ac82d55de33af2f5237a9e0e044406abb992ef1332e4c7da8937d8be24158f8e6ce0a766546d8a1e9dca475d905916945651f89
SSDEEP

49152:QgkptsPe0sRcty4hoHbSegohIlHGAnXOLRpLtZ1eJPgQ3UXYt9:jkptQsqxhgXgo+HGAneFhtLuPgSUXY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d1a7c74c3a0023e2c14d5189375b4c7_JaffaCakes118

Files

2d1a7c74c3a0023e2c14d5189375b4c7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

30f3b83b47785ec528633fae3acbd111

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

ExitProcess
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameA
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
LoadLibraryA
RtlUnwind
InterlockedExchange
VirtualQuery
HeapReAlloc
HeapAlloc
HeapFree
VirtualAlloc
CreateTapePartition
SetLocaleInfoW
Process32Next
DeleteAtom
GlobalReAlloc
GetStringTypeW
GetWindowsDirectoryW
SetConsoleActiveScreenBuffer
GetProfileIntW
PeekConsoleInputA
lstrcpyA
WriteConsoleOutputW
VirtualUnlock
SetEndOfFile
ExpandEnvironmentStringsA
FlushViewOfFile
Module32First
GetDiskFreeSpaceExW
VirtualLock
LoadLibraryExW
GetCurrentDirectoryA
FindResourceExW
GetComputerNameA
GetNumberFormatW
GetNamedPipeHandleStateA
GetThreadLocale
GetShortPathNameA
EraseTape
GetPrivateProfileIntA
GetLogicalDriveStringsW
WritePrivateProfileStringW
GlobalSize
GetWriteWatch
GetFileAttributesW
GetFileAttributesExW
ReadFileScatter
EnumDateFormatsExW
SetConsoleCtrlHandler
CreateNamedPipeA
WriteProfileSectionW
GlobalMemoryStatus
SetComputerNameW
FoldStringW
SetLocalTime
Heap32First
GetConsoleMode
CopyFileA
EnumSystemLocalesW
InitAtomTable
HeapCreate
MapViewOfFileEx
ReadConsoleW
SetConsoleCP
FindClose
FreeConsole
EnumDateFormatsA
GetFullPathNameA
GlobalUnWire
GetPriorityClass
GetConsoleCursorInfo
GetProfileSectionA
GlobalGetAtomNameW
GetDateFormatW
ReadConsoleA
LockResource
SetCurrentDirectoryW
Thread32Next
ReleaseMutex
WaitNamedPipeA
FindFirstFileA
CreateToolhelp32Snapshot
CreateRemoteThread
SetFileAttributesW
SetEnvironmentVariableW
OpenFile
GlobalFix
EnumDateFormatsExA
InterlockedIncrement
GlobalFindAtomW
CompareStringA
SetThreadAffinityMask
DebugActiveProcess
GetAtomNameW
WritePrivateProfileSectionW
DeleteFiber
FileTimeToSystemTime
OpenMutexW
CreateFileA
EscapeCommFunction
EnumResourceTypesA
ExitThread
FindAtomA
Heap32Next
FreeResource
GlobalCompact
DosDateTimeToFileTime
AddAtomA
GlobalUnfix
GetCurrencyFormatA
GetStartupInfoA
OpenProcess
ReleaseSemaphore
EnumCalendarInfoW
LocalLock
SetVolumeLabelW
GetModuleFileNameW
WritePrivateProfileStringA
EnumTimeFormatsW
LocalCompact
WriteProfileStringA
FlushInstructionCache
GetQueuedCompletionStatus
SetFilePointer
TlsAlloc
GetVersion
SetFileAttributesA
GetCompressedFileSizeW
ResumeThread
GetConsoleScreenBufferInfo
lstrcat
GetNumberOfConsoleMouseButtons
WriteFileEx
EnumCalendarInfoExW
EnumSystemLocalesA
TerminateThread
SetLastError
GetNamedPipeInfo
RtlZeroMemory
LocalUnlock
WinExec
Heap32ListNext
SetConsoleCursorPosition
VirtualAllocEx
ReadConsoleOutputCharacterW
WriteFileGather
GetCalendarInfoW
DefineDosDeviceW
GetWindowsDirectoryA
VirtualQueryEx
ReadFileEx
IsDebuggerPresent
DebugBreak
WaitForMultipleObjects
GetUserDefaultLCID
GetVolumeInformationA
lstrcpynA
GetFileSize
GetNumberFormatA
HeapLock
SetHandleCount
HeapWalk
UnmapViewOfFile
CreateSemaphoreA
CreateConsoleScreenBuffer
GetConsoleOutputCP
GetThreadTimes
GetFileAttributesExA
PeekNamedPipe
SetConsoleOutputCP
LocalFlags
HeapValidate
UnhandledExceptionFilter
CreateProcessA
FormatMessageW
GetLocaleInfoA
WriteProcessMemory
WaitForDebugEvent
LocalFileTimeToFileTime
VirtualFreeEx
GetTimeFormatA
LockFile
GlobalFree
GetProfileSectionW
CreateDirectoryExA
GetPrivateProfileIntW
GlobalDeleteAtom
DeleteCriticalSection
ReadConsoleOutputW
WriteConsoleW
FillConsoleOutputCharacterA
LocalReAlloc
GetFileTime
GetTimeZoneInformation
CreateDirectoryExW
GlobalFlags
GetFileType
WideCharToMultiByte
GetProcessAffinityMask
SearchPathA
WritePrivateProfileStructA
GetProfileStringW
HeapSize
GetLocalTime
LoadResource
GetTempPathA
Thread32First
TransactNamedPipe
GetThreadPriorityBoost
OpenFileMappingA
SetThreadPriority
WriteProfileStringW
GetConsoleCP
GetStartupInfoW
OpenSemaphoreW
UpdateResourceA
LocalAlloc
GetLogicalDrives
GetCompressedFileSizeA
DuplicateHandle
FreeLibrary
OpenMutexA
GetProcessTimes
lstrcmpiA
WriteConsoleOutputA
FindFirstFileExA
GetComputerNameW
RemoveDirectoryW
GetStringTypeExA
TlsGetValue
SetVolumeLabelA
GetTempPathW
GetPrivateProfileStructA
WriteConsoleA
SetThreadContext
GetNumberOfConsoleInputEvents
FindNextFileW
IsValidCodePage
GetConsoleTitleW
FindResourceA
SetComputerNameA
GetConsoleTitleA
ResetWriteWatch
DisableThreadLibraryCalls
GlobalLock
GetTempFileNameW
HeapDestroy
ReadConsoleOutputA
EnumResourceNamesW

shell32

ShellExecuteExA
SHAddToRecentDocs
SHFileOperation
SHInvokePrinterCommandW
FindExecutableA
SheGetDirA
SHFreeNameMappings
SHGetFileInfoW
SHGetFileInfo
SHGetDataFromIDListA
DragAcceptFiles
DragQueryFileAorW
SheChangeDirA
SHChangeNotify
SHEmptyRecycleBinA
DragQueryPoint
SHGetMalloc
SHBrowseForFolderA
ShellExecuteEx
SHQueryRecycleBinA
SHBrowseForFolderW
ShellAboutW
InternalExtractIconListW
SHGetPathFromIDListA
SHGetInstanceExplorer
SHGetSpecialFolderPathA
SHFormatDrive
DuplicateIcon
SHGetSpecialFolderPathW
RealShellExecuteW
SHGetPathFromIDListW
SHGetDesktopFolder
ExtractAssociatedIconExA
DragFinish
RealShellExecuteExA

gdi32

SetTextJustification
EndPage
SetWorldTransform
GetSystemPaletteUse
GetCharacterPlacementA
SetBitmapBits
CreateMetaFileA
GetLogColorSpaceA
SetDIBColorTable
CloseFigure
EqualRgn
OffsetViewportOrgEx
FrameRgn
GetKerningPairsA
PolyPolygon
GetCharWidthFloatA
EnumICMProfilesA
SetTextCharacterExtra
PatBlt
GetTextMetricsA
GetViewportOrgEx
GetRgnBox
GetTextCharset
CreateDIBSection
GetTextExtentPoint32A
PolyTextOutW
CopyEnhMetaFileA
SetViewportOrgEx
GetICMProfileA
GetCharWidthW
SetRectRgn
SetICMProfileA
SetMetaRgn
CreateEllipticRgnIndirect
GetGlyphOutlineA
EnumICMProfilesW
SetMapMode
SwapBuffers
GetTextMetricsW
AbortPath
gdiPlaySpoolStream
SetColorAdjustment
Polyline
GetBoundsRect
SetWinMetaFileBits
GdiFlush
UpdateICMRegKeyW
SelectPalette
GetEnhMetaFileA
RemoveFontResourceW
EnumFontFamiliesExA
SetDeviceGammaRamp
ModifyWorldTransform
CreatePolygonRgn
GetDeviceCaps
RemoveFontResourceA
CloseEnhMetaFile
GetObjectType
StretchDIBits
GetWorldTransform
GetLayout
Chord
CreateCompatibleBitmap
CreateDCA
SetTextAlign
EnumFontFamiliesA
CreateRoundRectRgn
OffsetRgn
ResetDCW
FloodFill
GetNearestColor
CreateDiscardableBitmap
Arc
GetEnhMetaFileDescriptionA
PlayMetaFile
CombineRgn
ColorCorrectPalette
SetBrushOrgEx
SetWindowExtEx
GetTextExtentPointW
SetViewportExtEx
GetCharABCWidthsFloatW
CreateHalftonePalette
GetMetaRgn
GetPixel
CreatePen
Ellipse
CreateEllipticRgn
GetRasterizerCaps
CreateDCW
GdiPlayDCScript
DeleteObject
RealizePalette
SetMapperFlags
EnumObjects
GetStockObject
OffsetWindowOrgEx
SetWindowOrgEx
SetMetaFileBitsEx
DeleteMetaFile
CreateDIBitmap
SetAbortProc
GetEnhMetaFileHeader
GetBitmapBits
DescribePixelFormat
GetRegionData
MoveToEx
GetAspectRatioFilterEx
EnumFontFamiliesW
GetStretchBltMode
CreatePatternBrush
PolylineTo
PlayMetaFileRecord
RectVisible
PolyTextOutA
CreateICW
DeleteColorSpace
EnumFontsA
ResizePalette
CreateFontW
PathToRegion
DeleteEnhMetaFile
GetGlyphOutlineW
SetMiterLimit
EnumFontFamiliesExW
GetTextFaceA
PlayEnhMetaFile
FillPath
GetCurrentObject
WidenPath
CreateEnhMetaFileW
CancelDC
SetBkColor
GetBkMode

user32

DefWindowProcA
SetForegroundWindow
GetScrollPos
DdeAbandonTransaction
BroadcastSystemMessage
DdeQueryStringW
GetUserObjectSecurity
ClipCursor
DeferWindowPos
GetUserObjectInformationA
SetCapture
ExitWindowsEx
PeekMessageW
LoadCursorA
GetProcessWindowStation
UnhookWindowsHookEx
GetWindowPlacement
DialogBoxIndirectParamW
IsIconic
CreateDialogParamA
SetWindowTextW
GetClipboardData
GetClassInfoA
DispatchMessageW
LockWindowUpdate
SetWindowRgn
LoadMenuW
CreateIcon
GetWindowTextLengthA
DdeSetUserHandle
GetDialogBaseUnits
OpenDesktopA
DdeUninitialize
GetWindowWord
GetWindowTextA
SendDlgItemMessageW
LookupIconIdFromDirectoryEx
GetCursorPos
SetScrollInfo
GetScrollRange
TranslateAcceleratorW
LoadCursorFromFileA
GetShellWindow
DestroyCaret
IsCharAlphaA
SetCaretPos
GetKeyNameTextW
SetDlgItemTextW
WaitForInputIdle
CharPrevExA
CloseWindowStation
EnumDisplaySettingsExW
DdeDisconnectList
InsertMenuItemA
TabbedTextOutW
IntersectRect
ShowScrollBar
SetDebugErrorLevel
GetScrollInfo
DestroyAcceleratorTable
ReleaseDC
GetDCEx
SwitchToThisWindow
GetWindowContextHelpId
SetWindowPos
EnumWindows
DrawCaption
CopyAcceleratorTableW
SetWindowsHookA
CharLowerBuffA
SystemParametersInfoW
GetMessageExtraInfo

comdlg32

ReplaceTextA
LoadAlterBitmap
ChooseColorW
GetFileTitleA
PageSetupDlgW
GetSaveFileNameW
ReplaceTextW
PrintDlgW
PrintDlgA
ChooseFontW

Sections

.text
Size: 114KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 263KB - Virtual size: 263KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

30f3b83b47785ec528633fae3acbd111

Headers

File Characteristics

Imports

kernel32

shell32

gdi32

user32

comdlg32

Sections

.text Size: 114KB - Virtual size: 114KB

.data Size: 263KB - Virtual size: 263KB

.reloc Size: 14KB - Virtual size: 14KB

.bss Size: 1.8MB - Virtual size: 1.8MB

.text
Size: 114KB - Virtual size: 114KB

.data
Size: 263KB - Virtual size: 263KB

.reloc
Size: 14KB - Virtual size: 14KB

.bss
Size: 1.8MB - Virtual size: 1.8MB