2e5abdd27671a6e9b1665236ce7fd115_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2e5abdd27671a6e9b1665236ce7fd115_JaffaCakes118
Size

154KB
MD5

2e5abdd27671a6e9b1665236ce7fd115
SHA1

3d9d30000413c947c4f16286cf4631066d6b84c3
SHA256

d9b3ec7910c2e9bf88545b58f1034e509d7d49793147ea13744ebf2977cc22f4
SHA512

ee27b375a6b71f10f7d1c77eb18ff8b6b68791dad74e0469db32559a4efaa815d242aea386c57a154a05e3a05fdc64229ea3e610bd5d077e5afee5560b9b4092
SSDEEP

3072:qRG65JX/nDJy8lzqG2M78Bu2gaEs8B7jbu1qHeifxi2boezpIJbkN5MU86IIIIIC:t65JX/nDJy8lzqEKg7ji0HeOi2bsJwNt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e5abdd27671a6e9b1665236ce7fd115_JaffaCakes118

Files

2e5abdd27671a6e9b1665236ce7fd115_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b2cad10aa2c2282cc918f1ae74a04428

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetTickCount
VirtualFree
GetModuleHandleA
ExitProcess
GetModuleFileNameW
GetLastError
GetCommandLineA
GetCurrentProcess
VirtualAlloc
GetModuleHandleA
GetCommandLineA
VirtualFree
VirtualAlloc
GetLastError
CreateMutexW
GetCurrentProcess
ExitProcess
GetTickCount
GetDriveTypeW

msvcrt

wcscpy

ole32

CoCreateFreeThreadedMarshaler
CoFreeUnusedLibraries
CoTaskMemAlloc
OleRegGetMiscStatus
OleSaveToStream
CoInitialize
CoUninitialize

gdi32

RealizePalette
StartPage
SetViewportOrgEx
CreateFontIndirectW
GetObjectW
CreateCompatibleBitmap
CreateSolidBrush
RestoreDC
StartPage

version

VerQueryValueA
GetFileVersionInfoA

user32

GetWindowLongW
CharUpperA
CheckRadioButton
PeekMessageA
FindWindowW
WinHelpW
GetMessageW
GetDlgItemTextW
GetMenuItemCount
DestroyMenu

ntdll

RtlFreeUnicodeString
RtlTimeToTimeFields
NtQueryValueKey
NtQuerySymbolicLinkObject
NtPowerInformation

advapi32

RegQueryValueExA
RegCloseKey

Sections

.text
Size: 9KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 49KB - Virtual size: 370KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 48KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b2cad10aa2c2282cc918f1ae74a04428

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

ole32

gdi32

version

user32

ntdll

advapi32

Sections

.text Size: 9KB - Virtual size: 10KB

.data Size: 21KB - Virtual size: 26KB

.bss Size: 49KB - Virtual size: 370KB

.edata Size: 48KB - Virtual size: 77KB

.rsrc Size: 26KB - Virtual size: 26KB

.text
Size: 9KB - Virtual size: 10KB

.data
Size: 21KB - Virtual size: 26KB

.bss
Size: 49KB - Virtual size: 370KB

.edata
Size: 48KB - Virtual size: 77KB

.rsrc
Size: 26KB - Virtual size: 26KB