2e6d60d1528481800f86a8df647d6dfe_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2e6d60d1528481800f86a8df647d6dfe_JaffaCakes118
Size

126KB
MD5

2e6d60d1528481800f86a8df647d6dfe
SHA1

cb37ad765cfe7fcf9c1a744c704f33ead3efe6b8
SHA256

e9150990213be1ab4d8524119c97b422cb68b7c2bc57c3e9653e40da54a62539
SHA512

c09516d09bbd2f5b60ee12bedcd7c6cb47dbccdda64410cc458a85a86aaf0236d963410560bab35b2da24c977f5487c8668a6a42560a11185b7b93802e267645
SSDEEP

3072:43txAtBDSwA5KWHqJKDWpy0AKSuzJ28b6UWqjdZ0ZCWD:atqSr5KW08WDrbAGdZQC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e6d60d1528481800f86a8df647d6dfe_JaffaCakes118

Files

2e6d60d1528481800f86a8df647d6dfe_JaffaCakes118
.exe windows:5 windows x86 arch:x86

010832644173ae0eafbc18df1fd16096

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

PathIsURLW
PathIsDirectoryW
PathSkipRootW
PathGetDriveNumberW
PathAddBackslashW
PathIsUNCW
PathFindExtensionW
SHDeleteKeyW
StrRChrW

ole32

CoCreateFreeThreadedMarshaler
CoCreateGuid
CreateStreamOnHGlobal
StgCreateDocfileOnILockBytes
CoGetMalloc
StringFromCLSID
WriteClassStm
CoCreateInstance
StgIsStorageFile
CLSIDFromString
CreateDataAdviseHolder
StgCreateDocfile

version

VerQueryValueW
GetFileVersionInfoA

user32

SetForegroundWindow
GetClientRect
MapWindowPoints
GetWindowDC
IsZoomed
SetRect
GetWindowLongA
IsWindowVisible
GetMessagePos
CreateWindowExW
CalcMenuBar
GetDC
TranslateMessage
GetActiveWindow
LoadStringW
DialogBoxParamW
GetAsyncKeyState
CharUpperA
GetFocus
ChangeMenuA
RegisterClipboardFormatW
GetParent
GetWindow
SetWindowLongW

msvcrt

free
__set_app_type
_wtol
__p__fmode
fflush
_XcptFilter
__setusermatherr
__p__commode
_strdup
isdigit
_wcsdup
_lock

kernel32

GetCurrentProcessId
SetEvent
GetStdHandle
OpenMutexW
FindResourceW
Sleep
GetModuleHandleW
FindNextFileW
ExitProcess
CreateProcessA
lstrcmpW
GlobalLock
GetProcAddress
GetFileType
GetFileSize
VirtualAlloc
SetLastError
GetProcessHeap
IsBadWritePtr
GetCurrentThreadId
IsBadReadPtr
WriteConsoleW

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 41KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 42KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 496B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

010832644173ae0eafbc18df1fd16096

Headers

File Characteristics

Imports

shlwapi

ole32

version

user32

msvcrt

kernel32

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 41KB - Virtual size: 41KB

.data Size: 42KB - Virtual size: 152KB

.idata Size: 37KB - Virtual size: 37KB

.reloc Size: 512B - Virtual size: 496B

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 41KB - Virtual size: 41KB

.data
Size: 42KB - Virtual size: 152KB

.idata
Size: 37KB - Virtual size: 37KB

.reloc
Size: 512B - Virtual size: 496B