2c991a7ccddef309415c33d999f85f3e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2c991a7ccddef309415c33d999f85f3e_JaffaCakes118
Size

3.4MB
MD5

2c991a7ccddef309415c33d999f85f3e
SHA1

03515cb7f1df5fa3992f296190871978f0a03124
SHA256

f54e3018570ca481901a796ce764df01653f4f5297a9137566fe51db6034d1a5
SHA512

a9fd2d9893ae55c24fe7e2432037ad3a07d28e6182ab7a5824cdb6ec2d8260df823d3f519990a941003a1a92b2ddbcb9960b8d9c1ed9ae6b404f27a0c23869f7
SSDEEP

24576:ezUK3xvRSYzXJcoCcBWAM5BUWoZiMt+C3deuB3b9nUoN:c9RSYx5P4bSrUu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c991a7ccddef309415c33d999f85f3e_JaffaCakes118

Files

2c991a7ccddef309415c33d999f85f3e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

c6ff2f7786c63e3007256e373049a61e

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ole32

CoTaskMemFree
CLSIDFromProgID
StringFromCLSID

user32

ScrollWindowEx
ScrollWindow
GetWindowDC
UpdateWindow
GetMenuItemCount
DrawMenuBar
AdjustWindowRectEx
GetCursorPos
InflateRect
SetParent
DefWindowProcW
GetTopWindow
SetWindowsHookExW
LoadCursorW
SetScrollInfo
DdeQueryConvInfo
DdeImpersonateClient
GetSystemMetrics
GetDlgItemInt
GetDlgItem
CreateDialogParamW
IsZoomed
DeferWindowPos
SetWindowPos
DestroyWindow
IsWindow
RegisterClassW
DdeCreateStringHandleW

msvcrt

_controlfp
_except_handler3
__set_app_type
__p__fmode
__p__commode
_adjust_fdiv
__setusermatherr
__wgetmainargs
_wcmdln
exit
_XcptFilter
_exit
memset
_initterm

shlwapi

AssocCreate
PathCreateFromUrlW
UrlCanonicalizeW
PathIsUNCW
PathFindNextComponentW
PathFindFileNameW
PathAppendW
SHStrDupW
StrRetToBufW
StrStrIW
StrStrW

kernel32

GetModuleHandleW
GetFileAttributesW
GetStartupInfoW
GetProfileIntW
GetModuleFileNameW
GetSystemTimeAsFileTime
MulDiv
FlushFileBuffers
IsDebuggerPresent
FreeEnvironmentStringsW
VirtualFree
VirtualAlloc
GlobalUnlock
GlobalAlloc

wintrust

CryptCATAdminCalcHashFromFileHandle

Sections

.text
Size: 22KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 5.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ulhyd
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 731KB - Virtual size: 730KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c6ff2f7786c63e3007256e373049a61e

Headers

File Characteristics

Imports

ole32

user32

msvcrt

shlwapi

kernel32

wintrust

Sections

.text Size: 22KB - Virtual size: 22KB

.data Size: 1024B - Virtual size: 5.4MB

.idata Size: 2KB - Virtual size: 1KB

.ulhyd Size: 2.7MB - Virtual size: 2.7MB

.rsrc Size: 731KB - Virtual size: 730KB

.text
Size: 22KB - Virtual size: 22KB

.data
Size: 1024B - Virtual size: 5.4MB

.idata
Size: 2KB - Virtual size: 1KB

.ulhyd
Size: 2.7MB - Virtual size: 2.7MB

.rsrc
Size: 731KB - Virtual size: 730KB