2e7a83dc2af08a6596a55a430dfb9fb1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2e7a83dc2af08a6596a55a430dfb9fb1_JaffaCakes118
Size

309KB
MD5

2e7a83dc2af08a6596a55a430dfb9fb1
SHA1

f61e3f296b79cf4c71966e0bafc27fda36ed4f42
SHA256

1929b5631681d0c5d4bc6c3238f4e0e06b2411c941b702515085d29f1a663970
SHA512

0ea3852e48e0345dea580b362518ba274bfe074250cdbc29dd96cd88e51bf07ac978ce9b5f7c41a72f81b7d53ebf369f86d2853968488652ff76187c05ee5c2b
SSDEEP

6144:e6D4lumZBHhsmGGZLwdMVnZwKQ1WTUjuhEgWCQMVBnFDWdEh0L:RmXZr0GwKQ1bjZDMz1WdL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e7a83dc2af08a6596a55a430dfb9fb1_JaffaCakes118

Files

2e7a83dc2af08a6596a55a430dfb9fb1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d4bd854af294420a2ea032bfecc35f07

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

InterlockedCompareExchange
GetCommandLineA
HeapSize
GetCPInfo
LockResource
GetCurrentProcessId
SizeofResource
FileTimeToLocalFileTime
VirtualFree
lstrlenW
VirtualQuery
GlobalUnlock
GetEnvironmentStringsW
FindNextFileW
LCMapStringA
GetConsoleCP
HeapCreate
LCMapStringW
GetLastError
LeaveCriticalSection
ExitProcess
CreateFileA
TlsSetValue
GetFileType
CreateEventA
CreateEventW
RemoveDirectoryA
WaitForMultipleObjects
FindFirstFileW
ResetEvent
lstrcpyA
GlobalFree
FindFirstFileA
lstrcmpA
CompareStringW
GetProcessHeap
GetSystemInfo
GlobalLock
SetErrorMode
GetWindowsDirectoryA
DeleteFileA
GetFileSize
GetStartupInfoA
FreeLibrary
LoadLibraryA
GetVersionExA
TlsAlloc
GetTickCount
QueryPerformanceCounter
SetEvent
LoadLibraryW
SetHandleCount
EnterCriticalSection
HeapFree
WriteConsoleW
InterlockedIncrement
GetCurrentThreadId
SetEndOfFile
GlobalAlloc
GetCurrentThread
WriteConsoleA
TerminateProcess
SetEnvironmentVariableA
MulDiv
SetUnhandledExceptionFilter
CreateThread
SetFilePointer
CreateMutexA
GetLocalTime
MultiByteToWideChar
InterlockedDecrement
UnhandledExceptionFilter
LoadLibraryExA
GetModuleFileNameA
FlushFileBuffers
HeapAlloc
IsDebuggerPresent
GetModuleFileNameW
InitializeCriticalSection
SetLastError
FormatMessageA
TlsGetValue
FindClose
LoadResource
GetEnvironmentVariableA
GetExitCodeProcess
LocalFree
GetOEMCP
SetFileAttributesA
GetStringTypeW
HeapReAlloc
GetSystemTimeAsFileTime
WriteFile
InterlockedExchange
GetStringTypeA
GetProcAddress
WideCharToMultiByte
GetTempPathA
SetStdHandle
FreeEnvironmentStringsW
LoadLibraryExW
ExpandEnvironmentStringsA
LocalAlloc
GetLocaleInfoA
GetConsoleMode
GetCurrentProcess
DeleteCriticalSection
FreeEnvironmentStringsA
GetFileAttributesW
HeapDestroy
FindNextFileA
GetDriveTypeA
WaitForSingleObject
GetFileAttributesA
FileTimeToSystemTime
ReleaseMutex
GetConsoleOutputCP
GetStdHandle
RaiseException
CompareStringA
MapViewOfFile
TlsFree
GetModuleHandleA
ReadFile
CloseHandle
lstrcpynA
GetACP
GetModuleHandleW
CreateProcessA
IsValidCodePage
UnmapViewOfFile
CreateProcessW
Sleep
FindResourceA
GetVersion
VirtualAlloc

advapi32

RegOpenKeyExA
OpenProcessToken
RegDeleteValueA
RegSetValueExA
RegQueryValueExW
RegCreateKeyExA
RegCloseKey
RegDeleteKeyA
RegCreateKeyExW
RegQueryValueExA

ole32

CoUninitialize
CoTaskMemFree
CoInitialize

oleaut32

SysAllocString
VariantClear

gdi32

SetBkColor
DeleteObject
GetDeviceCaps
GetStockObject
SetBkMode
SelectObject

user32

SetForegroundWindow
PostQuitMessage
SetWindowPos
IsWindow
SetCursor
ReleaseDC
CallWindowProcA
GetClientRect
SendMessageA
InvalidateRect
IsWindowVisible
GetSysColor
MessageBoxA
SetDlgItemTextA
GetFocus
EndDialog
GetDesktopWindow
LoadIconA
ClientToScreen
GetDlgItem
DispatchMessageA
CheckMenuItem
SetWindowTextA
SetWindowLongA
GetWindowRect
GetSystemMetrics
DefWindowProcA
BeginPaint
PeekMessageA
SetFocus
FillRect
CreateWindowExA
GetWindowLongA
RegisterClassA
GetWindow
IsWindowEnabled
TranslateMessage
EnableWindow
UpdateWindow
GetMessageA
DestroyWindow
ScreenToClient
GetCursorPos
GetDC

Sections

.text
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 279KB - Virtual size: 278KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d4bd854af294420a2ea032bfecc35f07

Headers

File Characteristics

Imports

kernel32

advapi32

ole32

oleaut32

gdi32

user32

Sections

.text Size: 11KB - Virtual size: 10KB

.rdata Size: 14KB - Virtual size: 14KB

.data Size: 279KB - Virtual size: 278KB

.rsrc Size: 4KB - Virtual size: 3KB

.text
Size: 11KB - Virtual size: 10KB

.rdata
Size: 14KB - Virtual size: 14KB

.data
Size: 279KB - Virtual size: 278KB

.rsrc
Size: 4KB - Virtual size: 3KB