2e7a494f891e7ff4040d1f396f3e381d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2e7a494f891e7ff4040d1f396f3e381d_JaffaCakes118
Size

226KB
MD5

2e7a494f891e7ff4040d1f396f3e381d
SHA1

a1725cfca03afad3fc95822b3b3626c3c06023c7
SHA256

a2517e7e2b122353ff5adc170c9777f506286adfc992ea3d91b48b584885da69
SHA512

80b6a5a9f5c2cc6939679c0e0582d8d6d9da88641e8cc4cf9515e9d19cd2d6a38d284c6f8754a5a135c3f5d9469a2dd7fa4ebdf88a5532c5b3ba694807c252a6
SSDEEP

6144:T+RpnIeWpBpJABKLRhSOrNEmaIq84R7EojY:TgI7pBrd7JUT8+go8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e7a494f891e7ff4040d1f396f3e381d_JaffaCakes118

Files

2e7a494f891e7ff4040d1f396f3e381d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

470c3e7fcf6dd52ddb21f339c0b30bfa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsBadStringPtrW
RemoveDirectoryA
ReplaceFileW
GetLongPathNameA
EnumCalendarInfoA
lstrcpynA
SetLocaleInfoA
GetMailslotInfo
GetStartupInfoA
lstrcpyA
IsDebuggerPresent
GetProcAddress
lstrcmpi
GetDateFormatW
GetLocalTime
LoadLibraryExA
GetUserDefaultLCID
GetThreadPriority
FatalAppExitW
SetEvent
GetProcessHeap
GetCurrentThread
RaiseException
GetSystemDefaultLCID
IsValidCodePage

user32

WinHelpW
SendDlgItemMessageW
SendDlgItemMessageA
GetClassInfoA
GetScrollPos
mouse_event
LoadMenuW
wvsprintfW
ShowWindow
wsprintfA
MonitorFromPoint
RegisterClassExW
MessageBeep
IsIconic
GetDlgItemInt
CharLowerW
InsertMenuItemW
OpenClipboard
CreateMenu
SetParent
GetDCEx
CopyRect
FindWindowW
SetTimer
CharUpperA
GetMenuItemID
ActivateKeyboardLayout
GetDlgItemTextA
InvalidateRgn
GetActiveWindow
DefWindowProcW
LoadCursorW
CharUpperW
GetSubMenu
InvalidateRect
RegisterClassW
GetMenuInfo
CharPrevA
SetDlgItemInt
MoveWindow
CreateAcceleratorTableW
EndDialog
WinHelpA
GetWindowRgn
PostMessageW
FindWindowA
SetFocus
CreateWindowExA
PostQuitMessage
RegisterClassA
SetForegroundWindow
PeekMessageA
SetDlgItemTextW
GetMenuStringW
SetDlgItemTextA
GetKeyboardType
InsertMenuItemA
IsChild

gdi32

ExtCreateRegion
CreateFontA
CreateFontW
SetMetaFileBitsEx
CreateFontIndirectExW
CreatePen
RemoveFontResourceW
GetObjectType
CreateICW
CreateBrushIndirect
GdiGetBatchLimit

advapi32

RegQueryMultipleValuesA
RegCreateKeyExW
RegEnumKeyExA
RegReplaceKeyA
RegDeleteValueW
RegEnumValueA
RegQueryInfoKeyA
RegSaveKeyA
RegSetValueW
RegOpenKeyW
RegCloseKey
RegSetValueA
RegRestoreKeyA
RegEnumKeyW

shell32

StrNCmpIW
FreeIconList
Shell_NotifyIconA
StrCmpNA
StrChrIW

shlwapi

PathUnmakeSystemFolderA
StrCatW
AssocQueryStringByKeyA
PathFindOnPathA
UrlEscapeW
StrTrimA
PathAppendW
StrStrNW
SHRegGetUSValueA
PathIsUNCA
SHQueryValueExW
SHCreateStreamOnFileEx
SHSkipJunction
PathRelativePathToW
PathUndecorateA

Sections

.KF
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.Udef
Size: 1KB - Virtual size: 213KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ryx
Size: 512B - Virtual size: 213KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tve
Size: 86KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ynS
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.JrsvQ
Size: 1KB - Virtual size: 269KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.zTCvMY
Size: 3KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xXRq
Size: 83KB - Virtual size: 82KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.I
Size: 13KB - Virtual size: 350KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zFjQ
Size: 5KB - Virtual size: 227KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

470c3e7fcf6dd52ddb21f339c0b30bfa

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

shlwapi

Sections

.KF Size: 2KB - Virtual size: 1KB

.Udef Size: 1KB - Virtual size: 213KB

.ryx Size: 512B - Virtual size: 213KB

.tve Size: 86KB - Virtual size: 85KB

.ynS Size: 13KB - Virtual size: 13KB

.JrsvQ Size: 1KB - Virtual size: 269KB

.zTCvMY Size: 3KB - Virtual size: 51KB

.xXRq Size: 83KB - Virtual size: 82KB

.I Size: 13KB - Virtual size: 350KB

.zFjQ Size: 5KB - Virtual size: 227KB

.rsrc Size: 7KB - Virtual size: 6KB

.reloc Size: 1024B - Virtual size: 1024B

.KF
Size: 2KB - Virtual size: 1KB

.Udef
Size: 1KB - Virtual size: 213KB

.ryx
Size: 512B - Virtual size: 213KB

.tve
Size: 86KB - Virtual size: 85KB

.ynS
Size: 13KB - Virtual size: 13KB

.JrsvQ
Size: 1KB - Virtual size: 269KB

.zTCvMY
Size: 3KB - Virtual size: 51KB

.xXRq
Size: 83KB - Virtual size: 82KB

.I
Size: 13KB - Virtual size: 350KB

.zFjQ
Size: 5KB - Virtual size: 227KB

.rsrc
Size: 7KB - Virtual size: 6KB

.reloc
Size: 1024B - Virtual size: 1024B