2d8d081b4be1526ac75c79592c7e0e4e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2d8d081b4be1526ac75c79592c7e0e4e_JaffaCakes118
Size

242KB
MD5

2d8d081b4be1526ac75c79592c7e0e4e
SHA1

62d0c33748baf80bb55d88698d84e7d537ad990c
SHA256

69a5d0007451ffd0eb4ab4743ee99717fe9797825cdfeb5ef217558f37052d22
SHA512

9cffa0843ebf1aa959a86da924f1bc3d2b6642f03b6a66cb66dc5545754ccab852cdaf6ff358f57b400423e17f6d9c9ba7cdecfef3ad0489ccc8597726af60c3
SSDEEP

6144:Bc7h+7eqDNO4FJnMmdRXnycUliJ+X/M+/fqz3qZVsKTlLwRz:wqogndd0K+/7RLwRz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d8d081b4be1526ac75c79592c7e0e4e_JaffaCakes118

Files

2d8d081b4be1526ac75c79592c7e0e4e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

73afcec9f599bcae9f448cdfc94d6c34

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

crypt32

CryptHashPublicKeyInfo

ole32

OleUninitialize
OleSetClipboard
OleFlushClipboard
StringFromGUID2
CoTaskMemFree
CoTaskMemRealloc
RevokeDragDrop
RegisterDragDrop
CoCreateInstance
CoTaskMemAlloc
CoRegisterClassObject
CoRegisterMessageFilter
CoRevokeClassObject
OleGetClipboard

advapi32

RegEnumKeyExA
RegDeleteKeyA
RegQueryValueExW
RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExW
RegDeleteValueA
RegQueryInfoKeyA

msvcrt

_wtoi
free
_mbsrchr
wcslen
_XcptFilter
__setusermatherr
wcscmp
_wcsnicmp
_c_exit
__p__commode
_ismbblead
__dllonexit
__CxxFrameHandler
__p__fmode
__getmainargs
_adjust_fdiv
swscanf
memset
_acmdln
_onexit
_cexit
_CxxThrowException
_exit
exit
malloc
_initterm
??1type_info@@UAE@XZ
_vsnwprintf
_amsg_exit
realloc
_controlfp
__set_app_type
_except_handler3

wintrust

WTHelperGetProvCertFromChain
WTHelperGetProvSignerFromChain
WinVerifyTrust
WTHelperProvDataFromStateData

kernel32

DeleteCriticalSection
IsDBCSLeadByte
SetLastError
GetProcessVersion
FreeLibrary
MultiByteToWideChar
VirtualProtect
AddAtomA
SizeofResource
InitializeCriticalSection
GetModuleHandleW
InterlockedIncrement
RaiseException
TerminateProcess
lstrcpynA
GetFileSize
ExitProcess
GetSystemTimeAsFileTime
GetVersionExA
SetEvent
GetProcAddress
LocalFree
GetCurrentThreadId
QueryPerformanceCounter
LoadLibraryExW
lstrlenA
ExitProcess
GetVersion
Sleep
GetThreadLocale
CloseHandle
WaitForSingleObject
GetCommandLineW
CreateThread
LoadLibraryExA
WideCharToMultiByte
FindResourceA
SetErrorMode
SetUnhandledExceptionFilter
OutputDebugStringA
GetCurrentProcess
VirtualAlloc
GetTickCount
UnhandledExceptionFilter
InterlockedExchange
GetLastError
lstrlenW
LoadResource
GetModuleFileNameA
InterlockedDecrement
GetACP
FormatMessageA
LoadLibraryW
GetModuleFileNameW
GetSystemDirectoryW
CreateEventA
GetLocaleInfoA
GetModuleHandleA
GetFileAttributesW
LoadLibraryA
lstrcmpiA
LocalAlloc
GetCurrentProcessId
GetStartupInfoA

user32

LoadAcceleratorsA
TranslateAcceleratorA
IsWindow
GetMessageW
PostThreadMessageA
IsIconic
BeginPaint
EndPaint
SetCursor
PeekMessageA
GetAsyncKeyState
GetMessageA
CharNextA
SetTimer
LoadCursorA
GetParent
GetClassNameA
GetCursorPos
MessageBeep
GetClientRect
SetWindowLongA
OffsetRect
MessageBoxW
LoadIconA
SetWindowPos
UpdateWindow
DestroyWindow
GetActiveWindow
ShowWindow
RegisterWindowMessageA
KillTimer
MessageBoxA
EnumWindowStationsA
SetRect
DispatchMessageA
SystemParametersInfoA
WaitMessage
TranslateMessage
SendMessageA
GetSystemMetrics
FillRect
GetWindowPlacement
GetWindowLongA
GetWindowRect
MoveWindow
DestroyIcon
PostQuitMessage
SetFocus
EnableWindow
GetFocus

Sections

.text
Size: 112KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 138KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

73afcec9f599bcae9f448cdfc94d6c34

Headers

File Characteristics

Imports

crypt32

ole32

advapi32

msvcrt

wintrust

kernel32

user32

Sections

.text Size: 112KB - Virtual size: 112KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 110KB - Virtual size: 110KB

.rsrc Size: 13KB - Virtual size: 138KB

.text
Size: 112KB - Virtual size: 112KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 110KB - Virtual size: 110KB

.rsrc
Size: 13KB - Virtual size: 138KB