2d92ca1abdab8276054c6688deffabf7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2d92ca1abdab8276054c6688deffabf7_JaffaCakes118
Size

186KB
MD5

2d92ca1abdab8276054c6688deffabf7
SHA1

eacc001b0098e306c0eedb41a60933d4b5d27775
SHA256

1ad37b66c76ecbd7292110b92b738bda00c3d6be650f8a23bc64b1f537238dfe
SHA512

2b528e07c1169efeabdb9c376906f9c654d5c8fc00889c2c488a4cc3cf6f315fd690aaeda02de1c8393bbfc3d5a70ce68c4f418b6fac7a33ded894cea4e942ac
SSDEEP

3072:8qzAn63bSO+P4H8vKf+6w2BPLy8txAqV9sg9nJHsU6tSo0mmva1Fa:8KtmO+vlnUPLy8jA8fsN4vaH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d92ca1abdab8276054c6688deffabf7_JaffaCakes118

Files

2d92ca1abdab8276054c6688deffabf7_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d1f59c70413f0a504b9970ce37113b37

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_BYTES_REVERSED_HI

Imports

user32

KillTimer
GetActiveWindow
GetCapture

advapi32

RegQueryValueExA
RegLoadKeyA
RegOpenKeyExA

gdi32

CreateCompatibleDC
CreatePalette
SetTextColor
CreateCompatibleBitmap
CopyEnhMetaFileA

kernel32

GetModuleHandleA
VirtualAllocEx
LoadLibraryExA
VirtualAlloc
GetProcAddress
GetCommandLineA
GlobalAlloc
GetModuleHandleW
lstrlenA
ExitProcess
IsBadHugeReadPtr
GetCommandLineW
ExitThread
LoadLibraryA
GetVersionExA

Sections

CODE
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

DATA
Size: 151KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RES56
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RES20
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

RES96
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

RES52
Size: 1KB - Virtual size: 109KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

RES25
Size: 1024B - Virtual size: 540B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RES95
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

RES75
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

RES42
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d1f59c70413f0a504b9970ce37113b37

Headers

File Characteristics

Imports

user32

advapi32

gdi32

kernel32

Sections

CODE Size: 18KB - Virtual size: 18KB

DATA Size: 151KB - Virtual size: 151KB

RES56 Size: 1KB - Virtual size: 1KB

RES20 Size: 2KB - Virtual size: 1KB

RES96 Size: 1KB - Virtual size: 1KB

RES52 Size: 1KB - Virtual size: 109KB

RES25 Size: 1024B - Virtual size: 540B

RES95 Size: 2KB - Virtual size: 1KB

RES75 Size: 1KB - Virtual size: 1KB

RES42 Size: 1KB - Virtual size: 1KB

.rsrc Size: 2KB - Virtual size: 2KB

CODE
Size: 18KB - Virtual size: 18KB

DATA
Size: 151KB - Virtual size: 151KB

RES56
Size: 1KB - Virtual size: 1KB

RES20
Size: 2KB - Virtual size: 1KB

RES96
Size: 1KB - Virtual size: 1KB

RES52
Size: 1KB - Virtual size: 109KB

RES25
Size: 1024B - Virtual size: 540B

RES95
Size: 2KB - Virtual size: 1KB

RES75
Size: 1KB - Virtual size: 1KB

RES42
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 2KB - Virtual size: 2KB