2d8aaf3ce4ca111ecf27ed142c3d18c1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2d8aaf3ce4ca111ecf27ed142c3d18c1_JaffaCakes118
Size

165KB
MD5

2d8aaf3ce4ca111ecf27ed142c3d18c1
SHA1

3cc87a5a83aa687ff43e67b9c8927417a36a410a
SHA256

698e01b4c21e660549588002406e911e15696e3d12553d620f8ddc9c7efc7846
SHA512

e8d3ea7bc0a3ab8961a03076d4ce9b2a806ecb39f3ffef75043a2e2ebf0e0f7eea4a6aa75f8d008b46ab5b2e54ff47a628a302127562f8a99a5b8fa88c113f02
SSDEEP

1536:dfVw3MvWkvL94tqi3rJsKDdeUomLIwIZ56sZR:dfVw8vr94tqi3rJsueDjzZ56sZR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d8aaf3ce4ca111ecf27ed142c3d18c1_JaffaCakes118

Files

2d8aaf3ce4ca111ecf27ed142c3d18c1_JaffaCakes118
.exe windows:5 windows x86 arch:x86

3e4ae16dacf663f6d1a9dc3a3018d33c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CreateMutexA
CreateSemaphoreW
DeleteFileA
DeleteFileW
ExitProcess
FindClose
FindFirstFileA
FindNextFileA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetACP
GetCPInfo
GetCommandLineA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetDiskFreeSpaceA
GetEnvironmentStrings
GetEnvironmentStringsW
GetFileSize
GetFileType
GetLastError
GetLocalTime
GetLocaleInfoA
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetOEMCP
GetShortPathNameW
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemInfo
GetSystemTime
GetSystemTimeAsFileTime
GetTickCount
GetVersionExA
GetVersionExW
CreateFileMappingA
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
InterlockedExchange
IsDBCSLeadByteEx
LCMapStringA
LCMapStringW
MapViewOfFile
MultiByteToWideChar
QueryPerformanceCounter
ReleaseMutex
RtlUnwind
SetEndOfFile
SetFilePointer
SetHandleCount
SetUnhandledExceptionFilter
SystemTimeToFileTime
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
UnmapViewOfFile
VirtualFree
VirtualProtect
VirtualQuery
WaitForSingleObject
WideCharToMultiByte
WriteFile
lstrcatW
lstrcmpA
lstrcmpiA
lstrcpynA
lstrlenA
lstrlenW
CreateFileA
CreateDirectoryA
CloseHandle
LoadLibraryW
CreateFileW
LoadLibraryA
GetProcAddress
VirtualAlloc
HeapAlloc

user32

DefWindowProcW
DeleteMenu
DestroyCaret
DialogBoxParamW
DispatchMessageW
DrawEdge
DrawIcon
DrawMenuBar
EmptyClipboard
EnableScrollBar
EnableWindow
EndDialog
EndPaint
EnumClipboardFormats
EqualRect
FillRect
FindWindowW
GetActiveWindow
GetCapture
GetClassInfoExW
GetClientRect
GetClipboardData
GetCursorPos
GetDC
GetDesktopWindow
GetDialogBaseUnits
GetDlgItem
GetDlgItemTextW
GetKeyboardLayout
GetKeyboardLayoutList
GetParent
GetWindow
GetWindowLongW
GetWindowRect
GetWindowTextW
HideCaret
IntersectRect
InvalidateRect
InvertRect
IsIconic
IsWindow
IsWindowEnabled
IsWindowVisible
IsZoomed
MessageBeep
MessageBoxW
OffsetRect
OpenClipboard
PeekMessageW
PostMessageW
PtInRect
RegisterClassExW
RegisterClipboardFormatW
ReleaseCapture
ReleaseDC
ScreenToClient
SendMessageW
SetActiveWindow
SetCapture
SetCaretPos
SetClipboardData
SetCursor
SetDlgItemTextW
SetFocus
SetForegroundWindow
SetRect
SetRectEmpty
SetScrollInfo
SetWindowLongW
SetWindowTextW
ShowCaret
ShowScrollBar
TranslateMessage
UnionRect
UpdateWindow
WinHelpW
wsprintfW
CreateWindowExW
CreateCaret
CopyRect
CloseClipboard
BeginPaint
ActivateKeyboardLayout
GetSystemMetrics
GetSysColor
ClientToScreen

advapi32

RegEnumKeyExA
RegOpenKeyA
RegOpenKeyExA
RegOverridePredefKey
RegQueryInfoKeyA
RegQueryValueExA
RegSetValueExA
RegCloseKey

msvcrt

memcpy

Sections

.text
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata3
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata2
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 42KB - Virtual size: 42KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata4
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text3
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text2
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3e4ae16dacf663f6d1a9dc3a3018d33c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

msvcrt

Sections

.text Size: 57KB - Virtual size: 57KB

.rdata3 Size: 2KB - Virtual size: 2KB

.rdata2 Size: 13KB - Virtual size: 12KB

.rdata Size: 42KB - Virtual size: 42KB

.data Size: 5KB - Virtual size: 4KB

.rdata4 Size: 2KB - Virtual size: 2KB

.text3 Size: 28KB - Virtual size: 27KB

.text2 Size: 3KB - Virtual size: 3KB

.rsrc Size: 9KB - Virtual size: 9KB

.text
Size: 57KB - Virtual size: 57KB

.rdata3
Size: 2KB - Virtual size: 2KB

.rdata2
Size: 13KB - Virtual size: 12KB

.rdata
Size: 42KB - Virtual size: 42KB

.data
Size: 5KB - Virtual size: 4KB

.rdata4
Size: 2KB - Virtual size: 2KB

.text3
Size: 28KB - Virtual size: 27KB

.text2
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 9KB - Virtual size: 9KB