2e5f298a18dbb23fa0eecbc8b8057f37_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2e5f298a18dbb23fa0eecbc8b8057f37_JaffaCakes118
Size

126KB
MD5

2e5f298a18dbb23fa0eecbc8b8057f37
SHA1

4ed46f099941bb5af233a52fba6f7144e7b89415
SHA256

dabd89679790cd9ce683f80791ad1234523ded78ef861316f52f1ff395aea530
SHA512

f014f654d0bf971e2382a3288121befefda8eef11662ad0c81dd2b20f509af34f710c627e08adaa68d9273f9f5c32c711fd38584d42daad7e6cea63bf9bda3b3
SSDEEP

3072:FjYkuL+aqSoxi1ZUZJijOVqbWizcmYehSgQmmyvk4O6oKGqAqWz:hZaqfxibUZJi6VqbWiBF8shOfKpt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e5f298a18dbb23fa0eecbc8b8057f37_JaffaCakes118

Files

2e5f298a18dbb23fa0eecbc8b8057f37_JaffaCakes118
.exe windows:4 windows x86 arch:x86

1f3cd2aa87c71b12782054e46ba68b69

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

WriteProcessMemory
CancelIo
SetFilePointer
GetConsoleCursorInfo
GlobalCompact
GetProcAddress
Sleep
CreateFileA
VirtualProtectEx
InitAtomTable
CopyFileExA
OpenEventA
AllocConsole
LockResource
WriteProfileSectionA
VirtualQueryEx
VirtualUnlock
CreateMutexA
GetNamedPipeHandleStateA
CreateDirectoryA
GetThreadContext
CancelWaitableTimer
WritePrivateProfileStringA
BeginUpdateResourceA
GetSystemDefaultUILanguage
GetConsoleCP
CloseHandle
GetLastError
ClearCommError
IsBadHugeReadPtr
GetProfileIntA
WritePrivateProfileStructA
DefineDosDeviceA
GetThreadLocale
GetLongPathNameA
IsDebuggerPresent
CreateFiber
MoveFileExA
GetProcessHeap
HeapAlloc
GetCurrentProcessId
MoveFileA
FlushConsoleInputBuffer
OpenFileMappingA
WaitForMultipleObjects
WriteProfileStringA
GetModuleFileNameA
GetCurrentThreadId
GlobalUnWire
EraseTape
GetUserDefaultLangID
OpenMutexA
OpenProcess
VirtualFree
GlobalFix
UpdateResourceA
GetCommandLineA
CallNamedPipeA
GetTickCount
GetLocalTime
GetLargestConsoleWindowSize
HeapFree
GetProcessTimes
LocalFree
GetStdHandle
GetPrivateProfileSectionNamesA
GetWindowsDirectoryA
GetLogicalDriveStringsA
GetCommConfig
GetSystemDefaultLangID
GetCPInfo
FindClose
DosDateTimeToFileTime
CreateFileMappingA
MulDiv
GetVolumeInformationA
CommConfigDialogA
GlobalFindAtomA
SetEvent
CreateIoCompletionPort
GetVersion
EndUpdateResourceA
GetCommMask
GetThreadPriority
WriteFile
GetSystemDirectoryA
LockFile
SleepEx
HeapCreate
IsProcessorFeaturePresent
LocalUnlock
ReadProcessMemory
GetPrivateProfileIntA
IsSystemResumeAutomatic
GetHandleInformation
ConnectNamedPipe
GetDiskFreeSpaceExA
GetDiskFreeSpaceA
WaitNamedPipeA
GetLogicalDrives
VirtualLock
GlobalAlloc
LocalHandle
GetFileTime
GlobalSize
GlobalFree
CreateWaitableTimerA
HeapValidate
GetFileType
FindFirstChangeNotificationA
LocalShrink
Beep
PulseEvent
GetPrivateProfileStringA
FlushFileBuffers
GetCurrentProcess
UnlockFile
DeleteFiber
GetFileInformationByHandle
FindAtomA
PeekNamedPipe
VirtualProtect
GetModuleHandleA
GlobalHandle
GetTempPathA
GetPriorityClass
LoadResource
DuplicateHandle
GetProfileStringA
GlobalLock
HeapReAlloc
ReadFile
FreeResource
GetPrivateProfileSectionA
WritePrivateProfileSectionA
MapViewOfFile
ClearCommBreak
LocalFlags
GetStartupInfoA

msvcrt

time
rand
__set_app_type
_controlfp
exit
strstr

Sections

.text
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 110KB - Virtual size: 110KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

1f3cd2aa87c71b12782054e46ba68b69

Headers

File Characteristics

Imports

kernel32

msvcrt

Sections

.text Size: 15KB - Virtual size: 15KB

.data Size: 110KB - Virtual size: 110KB

.text
Size: 15KB - Virtual size: 15KB

.data
Size: 110KB - Virtual size: 110KB