2e0623c631beb3369ed5c113921fc52e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2e0623c631beb3369ed5c113921fc52e_JaffaCakes118
Size

108KB
MD5

2e0623c631beb3369ed5c113921fc52e
SHA1

dc0d4617d392af859480ebd7cd4bfbb3830f85e0
SHA256

bff392efa2c52e1c7b0d8c09e72703efcf65d0d9fc8c1690a3c0690b1883b8f0
SHA512

6ac89ed1bb864bf977b9b2d3f84b7ecb682d8cf70e470b453faebfeb190385c057d1ca3e4cc66a815880d1456bf8253b6a07d292398819befd08f0c38cc3f3e2
SSDEEP

1536:VYWZrRmC/uO5eT3oT1zq8YSeD9U2XGOr1LYWhfd6g/K/GBGLJbibg1hlJXT:1ZgC/uOY3G1dYzZZ3JfAg/UhQshlxT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e0623c631beb3369ed5c113921fc52e_JaffaCakes118

Files

2e0623c631beb3369ed5c113921fc52e_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a8e468a8ffa4106d76f4d41e04d39fd6

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

OutputDebugStringA
GetCurrentThreadId
InterlockedIncrement
InterlockedDecrement
DeleteFileA
CreateProcessA
Sleep
CloseHandle
OpenEventA
lstrlenW
GetModuleHandleA
MultiByteToWideChar
lstrlenA
GetModuleFileNameA
GetLastError
WideCharToMultiByte
FreeLibrary
SizeofResource
LoadResource
CreateDirectoryA
LoadLibraryExA
lstrcmpiA
lstrcpynA
IsDBCSLeadByte
FlushFileBuffers
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
FindResourceA
InterlockedExchange
ExitProcess
RtlUnwind
GetFileType
CreateFileA
HeapFree
HeapAlloc
ReadFile
WriteFile
SetFilePointer
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapReAlloc
GetStartupInfoA
GetCommandLineA
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetHandleCount
GetStdHandle
SetStdHandle
SetEndOfFile
GetProcAddress
TerminateProcess
GetCurrentProcess
HeapDestroy
HeapCreate
VirtualFree
HeapSize
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
LoadLibraryA
GetOEMCP
GetCPInfo

user32

DestroyWindow
DefWindowProcA
CharNextA

advapi32

RegCloseKey
RegSetValueExA
RegEnumKeyExA
RegQueryInfoKeyA
RegDeleteKeyA
RegOpenKeyExA
RegDeleteValueA
RegCreateKeyExA

ole32

CoTaskMemRealloc
CoInitialize
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
CoUninitialize

oleaut32

VarUI4FromStr

comctl32

InitCommonControlsEx

Sections

.text
Size: 68KB - Virtual size: 66KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

a8e468a8ffa4106d76f4d41e04d39fd6

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

comctl32

Sections

.text Size: 68KB - Virtual size: 66KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 19KB

.rsrc Size: 20KB - Virtual size: 40KB

.text
Size: 68KB - Virtual size: 66KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 19KB

.rsrc
Size: 20KB - Virtual size: 40KB