2d5faff79a74b2709535513c2b8258c3_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2d5faff79a74b2709535513c2b8258c3_JaffaCakes118
Size

390KB
MD5

2d5faff79a74b2709535513c2b8258c3
SHA1

4e654e7b069688608dd8a748c4a38ad68d3220b0
SHA256

f186fd210f23ab13e2c49c54cee1e4399c5eed239fce5a9d67cc37b0495a703a
SHA512

574ccd1e8c401d8e56b350b6d3389f775fcd13c24b1a09ec945035f788ca6ae3a3e297f081969432a7f664b865ebd43facb73a8310dbef418f1e2002fb4c64d6
SSDEEP

6144:bAugtoJ4NHZA3XqW+uTGMPjwTJh8ZkrgLXHuWtjamUvoDojHPUMTjGo3:Rg2J4N16VPjwdh8G+OWhBeoAvZTD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d5faff79a74b2709535513c2b8258c3_JaffaCakes118

Files

2d5faff79a74b2709535513c2b8258c3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

9a4d6a397dec5de0bdb2fa6250fd429b

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetProcessHeap
ResumeThread
CreateFileA
LoadLibraryA
GetLastError
VirtualFree
VirtualAlloc
GetModuleHandleA
GetSystemTime
Sleep
ReadFile
FlushViewOfFile
MapViewOfFile
GetFileSize
GlobalFree
LocalAlloc
WriteFile
GlobalAlloc
FindClose
FindNextFileA
FreeLibrary
EndUpdateResourceA
UpdateResourceA
SizeofResource
BeginUpdateResourceA
LockResource
LoadResource
HeapAlloc
SuspendThread
FreeResource
VirtualProtect
GetProcAddress
SetLastError
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
MultiByteToWideChar
SetFilePointer
FlushFileBuffers
GetOEMCP
GetACP
GetCPInfo
RtlUnwind
GetFileType
GetStdHandle
SetHandleCount
SetStdHandle
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
UnhandledExceptionFilter
ExitProcess
CreateThread
CloseHandle
HeapFree
CopyFileA
WaitForMultipleObjects
GetCurrentProcess
TerminateProcess
HeapReAlloc
HeapCreate
HeapDestroy
GetVersion
GetCommandLineA
GetStartupInfoA

user32

CreateWindowExA
GetClientRect
DefWindowProcA
GetIconInfo
GetDC
GetDesktopWindow
IsWindow
ShowWindow
UpdateWindow
LoadIconA
LoadCursorA
RegisterClassExA
CopyImage
DrawIcon
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
LoadStringA
LoadAcceleratorsA
ReleaseDC

gdi32

CreatePenIndirect
CreateCompatibleBitmap
GetDIBits
GetObjectA
DeleteObject

ole32

CoCreateInstance
CoUninitialize

lz32

GetExpandedNameA

pdh

PdhAddCounterA
PdhOpenQueryA
PdhCollectQueryData

Sections

.text
Size: 48KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 172KB - Virtual size: 692KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.sdata
Size: 142KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9a4d6a397dec5de0bdb2fa6250fd429b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

ole32

lz32

pdh

Sections

.text Size: 48KB - Virtual size: 47KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 172KB - Virtual size: 692KB

.rsrc Size: 4KB - Virtual size: 3KB

.sdata Size: 142KB - Virtual size: 142KB

.text
Size: 48KB - Virtual size: 47KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 172KB - Virtual size: 692KB

.rsrc
Size: 4KB - Virtual size: 3KB

.sdata
Size: 142KB - Virtual size: 142KB