2cc8b2d03ef289b8c6316fcea91365b1_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2cc8b2d03ef289b8c6316fcea91365b1_JaffaCakes118
Size

227KB
MD5

2cc8b2d03ef289b8c6316fcea91365b1
SHA1

f6f54da023640d9c9d8da4736da591f5b85ce233
SHA256

e3a36c082e072d0d19a70db20b1b61e2f6940ec27f9b17bc977e73c22a1ddd30
SHA512

f3f05ce0a1589e659077ba94c922ca676a7d7f85dd1770df91bdac9b56621a84de2bc30afeb6dc8a178040c07cbcbf0c4df724f7f381f6c64205c0b8b507f856
SSDEEP

6144:MZl4Gf0T74TcDoyfsmMQbXMeVGjf2NdPq:MZlTk4TFIXMQbXpmuNw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2cc8b2d03ef289b8c6316fcea91365b1_JaffaCakes118

Files

2cc8b2d03ef289b8c6316fcea91365b1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a0fc4c16f1a98e95af4db06c4bf9bd2f

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DrawCaption
DrawTextExA
NotifyWinEvent
LoadAcceleratorsA
UnhookWinEvent
CreateDialogParamA
GrayStringW
GetPropW
DdeQueryNextServer
IsCharAlphaA
OpenIcon
CreateMDIWindowA
TrackPopupMenu
DragDetect
IsChild
CharNextW

comdlg32

ReplaceTextW
ReplaceTextA
FindTextW

gdi32

PathToRegion
CreateMetaFileW
RectVisible
StrokeAndFillPath
LineTo
GetTextFaceA
GetTextExtentPointA
EnumEnhMetaFile
ExtFloodFill
DPtoLP
GetKerningPairsA
GetOutlineTextMetricsA
RemoveFontResourceA
SetWindowExtEx
GetGlyphOutlineA
GetObjectA
CreateHalftonePalette
SaveDC
SetArcDirection
OffsetClipRgn
CreateDIBPatternBrush
GetWorldTransform
GetObjectType
GetFontLanguageInfo

advapi32

CryptVerifySignatureW
RegEnumKeyW
AbortSystemShutdownA
LogonUserA
RegLoadKeyA
CryptSetKeyParam
RegSaveKeyW

kernel32

GetProcessHeap
TerminateProcess
GetVersionExA
HeapFree
GetEnvironmentStringsW
WriteConsoleOutputW
GetTickCount
IsValidLocale
GetCurrentThread
GetLocaleInfoW
HeapAlloc
VirtualQuery
GetTimeZoneInformation
GetStartupInfoA
SetComputerNameA
CompareStringA
HeapSize
GlobalFindAtomW
GetCommandLineA
GetDateFormatA
GlobalAlloc
IsBadWritePtr
ReadConsoleInputA
HeapReAlloc
HeapDestroy
HeapCreate
GetOEMCP
GetStdHandle
GetCommandLineW
LCMapStringW
ExitProcess
GetCurrentProcessId
VirtualAlloc
WideCharToMultiByte
LoadLibraryA
TlsFree
GetModuleFileNameA
EnumTimeFormatsA
TlsAlloc
GetLocaleInfoA
MultiByteToWideChar
GetStringTypeW
GetFileType
EnumSystemLocalesA
GetUserDefaultLCID
VirtualProtect
GetStartupInfoW
TlsSetValue
GetACP
GetLastError
GlobalHandle
GetCurrentProcess
GetSystemInfo
IsValidCodePage
GetCurrentThreadId
InitializeCriticalSection
DeleteCriticalSection
GetCPInfo
GetEnvironmentVariableA
SetLastError
GetSystemTimeAsFileTime
GetProcAddress
InterlockedExchange
TlsGetValue
VirtualFree
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetModuleFileNameW
GetTimeFormatA
GetVolumeInformationA
LCMapStringA
GetStringTypeA
SetHandleCount
EnterCriticalSection
QueryPerformanceCounter
GetEnvironmentStrings
WaitCommEvent
FreeEnvironmentStringsW
CompareStringW
GetModuleHandleA
SetConsoleCP
WriteFile
SetEnvironmentVariableA
LeaveCriticalSection
RtlUnwind

wininet

HttpEndRequestA
IsUrlCacheEntryExpiredW
IsUrlCacheEntryExpiredA
UnlockUrlCacheEntryStream
RunOnceUrlCache
SetUrlCacheEntryGroupW
InternetSetOptionExW
SetUrlCacheConfigInfoA
HttpSendRequestW
FtpCreateDirectoryA

Sections

.text
Size: 108KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 109KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a0fc4c16f1a98e95af4db06c4bf9bd2f

Headers

File Characteristics

Imports

user32

comdlg32

gdi32

advapi32

kernel32

wininet

Sections

.text Size: 108KB - Virtual size: 108KB

.data Size: 109KB - Virtual size: 115KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 108KB - Virtual size: 108KB

.data
Size: 109KB - Virtual size: 115KB

.rsrc
Size: 8KB - Virtual size: 7KB