2cafb0ba73f3d9264e2f0c0ea0118a9d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2cafb0ba73f3d9264e2f0c0ea0118a9d_JaffaCakes118
Size

466KB
MD5

2cafb0ba73f3d9264e2f0c0ea0118a9d
SHA1

6ac517b2900f19f5a0c73cb71703bc32df7a474d
SHA256

a73dda9a62a506a1ad7f6334e2cd3c1d745ff8ca5c5a688e4f1eb7d384502c55
SHA512

8c6817364c90ec3be005083a237f80a13395af37e042d802392e83b0e3c31a02292bc56d275fbc00f01efe49b971ddd5080b51d39e0a2b7b0d3d5cb73a09fd94
SSDEEP

12288:fAX77YVGQ82loiOIqsfIuoHa2TaK6DJD14U:fAX77YVGWxHqsfIuo62TaKADmU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2cafb0ba73f3d9264e2f0c0ea0118a9d_JaffaCakes118

Files

2cafb0ba73f3d9264e2f0c0ea0118a9d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

30d09cea597f476b737eb3f8490f5dbe

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

WaitForSingleObject
FreeEnvironmentStringsA
GetLastError
CloseHandle
SetFileAttributesA
GetEnvironmentStrings
GetCurrentDirectoryA
GetModuleFileNameA
RemoveDirectoryA
CreateProcessA
SetCurrentDirectoryA
HeapReAlloc
FileTimeToLocalFileTime
FileTimeToSystemTime
CompareStringW
CompareStringA
SetEndOfFile
FlushFileBuffers
GetStringTypeW
GetStringTypeA
LoadLibraryA
GetProcAddress
IsBadCodePtr
IsBadReadPtr
SetUnhandledExceptionFilter
GetEnvironmentStringsW
FreeEnvironmentStringsW
UnhandledExceptionFilter
GetLocalTime
GetSystemTime
GetTimeZoneInformation
SetStdHandle
CreateFileA
LCMapStringW
LCMapStringA
MultiByteToWideChar
WideCharToMultiByte
SetFilePointer
GetFileType
SetHandleCount
ReadFile
GetOEMCP
GetACP
GetCPInfo
GetStdHandle
WriteFile
RtlUnwind
ExitProcess
TerminateProcess
GetCurrentProcess
HeapFree
HeapAlloc
GetTempPathA
HeapSize
SetEnvironmentVariableA
GetFullPathNameA
GetDriveTypeA
FindFirstFileA
FindNextFileA
FindClose
IsBadWritePtr
GetStartupInfoA
DeleteFileA
GetFileAttributesA
CreateDirectoryA
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
GetModuleHandleA
GetCommandLineA
GetVersion
RaiseException
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc

user32

MessageBoxA
LoadStringA
DispatchMessageA
TranslateMessage
LoadIconA
LoadCursorA
RegisterClassA
GetMessageA
GetWindowTextA
CreateDialogParamA
GetDesktopWindow
GetWindowRect
ShowWindow
SetActiveWindow
GetClientRect
CreateWindowExA
UpdateWindow
DefWindowProcA
PostQuitMessage
DestroyWindow
DialogBoxParamA
EndDialog
SetWindowPos
SetFocus
GetDlgItem
SetWindowTextA
SendMessageA
PeekMessageA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey

shell32

FindExecutableA
ShellExecuteA
SHBrowseForFolderA
SHGetPathFromIDListA

Sections

.text
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 418KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

30d09cea597f476b737eb3f8490f5dbe

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

Sections

.text Size: 52KB - Virtual size: 50KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 8KB - Virtual size: 418KB

.rsrc Size: 12KB - Virtual size: 9KB

.text
Size: 52KB - Virtual size: 50KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 8KB - Virtual size: 418KB

.rsrc
Size: 12KB - Virtual size: 9KB