2cf841187fad9cafe40705dff7488729_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2cf841187fad9cafe40705dff7488729_JaffaCakes118
Size

3.5MB
MD5

2cf841187fad9cafe40705dff7488729
SHA1

1fc166b5472d02d933a670d4790ec5bd3591fa1a
SHA256

2c38b1ae6fbb90862e2b1ec8a6b8d7a47ece53c3011dd2740484334f5aec8e28
SHA512

a5a8b8913568d5f40d5a940d5a926a92ed839e8079a865333d5e36702d81a80eccb7c6125f5d8bd22c0f496214aae95252176e795aba338e76a307caa2f01175
SSDEEP

24576:KLvdNp14O3OHb2LY4d/fVX1cvoev+XKDki4mXoXEI6OlgK6+NG:e4y80Sz30rO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2cf841187fad9cafe40705dff7488729_JaffaCakes118

Files

2cf841187fad9cafe40705dff7488729_JaffaCakes118
.exe windows:5 windows x86 arch:x86

4585af4c4c1cf57176a8b08d8fd6f762

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

gdi32

GetNearestColor
GdiAlphaBlend
GetEnhMetaFileBits
GetDeviceGammaRamp
CreateBrushIndirect

kernel32

VirtualAllocEx
GetEnvironmentStringsW
CreateFiberEx
GetLastError
CloseHandle
lstrlenW
CreateMutexW
CreateProcessW
EnumResourceLanguagesW
GetDriveTypeW
GetDiskFreeSpaceW
MoveFileWithProgressW
GetACP
GetOEMCP
GetCPInfo
GetStringTypeW
GetModuleHandleA
GetStartupInfoW
GetVersion
ExitProcess
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameW
FreeEnvironmentStringsA
MultiByteToWideChar
FreeEnvironmentStringsW
GetEnvironmentStrings
GetCommandLineW
GetCommandLineA
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
VirtualAlloc
HeapReAlloc
GetProcAddress
LoadLibraryA
InterlockedDecrement
InterlockedIncrement
WideCharToMultiByte
LCMapStringA
LCMapStringW
GetStringTypeA

psapi

GetModuleBaseNameW
GetModuleFileNameExW
GetMappedFileNameW
EnumDeviceDrivers
GetProcessImageFileNameW
GetDeviceDriverFileNameW

user32

GetMenuItemInfoW
GetDC
GetWindowTextLengthW
CreatePopupMenu

Sections

.text
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 6.2MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rw49
Size: 1.3MB - Virtual size: 1.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.peayah
Size: 1.9MB - Virtual size: 1.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 188KB - Virtual size: 187KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4585af4c4c1cf57176a8b08d8fd6f762

Headers

File Characteristics

Imports

gdi32

kernel32

psapi

user32

Sections

.text Size: 54KB - Virtual size: 53KB

.data Size: 14KB - Virtual size: 6.2MB

.idata Size: 2KB - Virtual size: 2KB

.rw49 Size: 1.3MB - Virtual size: 1.3MB

.peayah Size: 1.9MB - Virtual size: 1.9MB

.rsrc Size: 188KB - Virtual size: 187KB

.text
Size: 54KB - Virtual size: 53KB

.data
Size: 14KB - Virtual size: 6.2MB

.idata
Size: 2KB - Virtual size: 2KB

.rw49
Size: 1.3MB - Virtual size: 1.3MB

.peayah
Size: 1.9MB - Virtual size: 1.9MB

.rsrc
Size: 188KB - Virtual size: 187KB