2f229fdd7425af55ec92f8ca14e34131_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2f229fdd7425af55ec92f8ca14e34131_JaffaCakes118
Size

169KB
MD5

2f229fdd7425af55ec92f8ca14e34131
SHA1

ce30d51cba24a989b80bf65582ba25d91de9862a
SHA256

a4341e6e4370b8ca6ede4fce0d413dbe812aab7a553c0dc226db51dbe0d3fb4f
SHA512

879cb11f6258d82c19e564efab94409df44d3fe75b546489f78b9745c8f4dc1d2902f4b80d4a49d185170eb1451896d2df09818d7602146b37f121f9eff9dc11
SSDEEP

3072:x6YvIQxhGuFvlsNs+IYXUQGRBhdF0UeyFTrtw8Qvlt28AcxOH:NvIQZxjYE3x0WDp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f229fdd7425af55ec92f8ca14e34131_JaffaCakes118

Files

2f229fdd7425af55ec92f8ca14e34131_JaffaCakes118
.exe windows:4 windows x86 arch:x86

6c4766a94de7955d9a8e33a24e04343a

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

FindResourceA
FindResourceW
LoadResource
SizeofResource
LockResource
FreeResource
GetStringTypeExA
HeapAlloc
HeapCreate
HeapDestroy
GetProcessHeap
HeapReAlloc
HeapSize
HeapFree
UnmapViewOfFile
MapViewOfFile
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
FindFirstFileA
FindNextFileA
FindClose
FormatMessageA
GlobalUnlock
CreateThread
GetCurrentThreadId
GetCurrentThread
ResumeThread
SetThreadPriority
GetExitCodeThread
ExitThread
TerminateThread
ExpandEnvironmentStringsA
CreateEventA
SetEvent
ResetEvent
RtlUnwind
LoadLibraryA
LoadLibraryW
LoadLibraryExA
GetProcAddress
FindFirstFileW
FindNextFileW
GetFileTime
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
CreateFileW
ReadFile
WriteFile
CloseHandle
GetLocaleInfoW
GetDateFormatA
GetVersion
SetLastError
CreateMutexA
ReleaseMutex
OpenMutexA
GetFullPathNameA
DisableThreadLibraryCalls
MultiByteToWideChar
DeviceIoControl
IsDBCSLeadByte
RaiseException
SystemTimeToFileTime
GetTimeZoneInformation
GetFileAttributesW
EnumCalendarInfoA
DeleteFileW
GetFileSize
OutputDebugStringA
FileTimeToSystemTime
CompareFileTime
GetSystemDirectoryW
FileTimeToLocalFileTime
WriteConsoleA
WaitForMultipleObjects
GetModuleHandleW
GetThreadLocale
VirtualQuery
CreateFileA
GetSystemTime
ExitProcess
GlobalFree
SetErrorMode
LocalFileTimeToFileTime
GetEnvironmentStrings
GlobalHandle
GetConsoleOutputCP
FreeEnvironmentStringsW
GetCommandLineA
GetEnvironmentStringsW
GetPrivateProfileStringA
SetFileAttributesA
GetStartupInfoW
LCMapStringA
GetLocalTime
GetUserDefaultLangID
SetFilePointer
InterlockedIncrement
VirtualProtect
GetCurrentProcess
GetStringTypeW
lstrlenA
GetSystemDirectoryA
SetStdHandle
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
VirtualAlloc

msvcrt

__p__environ
wctomb
strlen
wcstoul
_acmdln
signal
memmove
fwrite
fprintf
rename
strncat
__setusermatherr
pow
_get_osfhandle
srand
fgetpos
atexit
strpbrk
_wfopen
__mb_cur_max
sscanf
atol
_stat
_write
wcsncpy
time
_XcptFilter
_snprintf
clock
fputc
setlocale
_fdopen
_open_osfhandle
_putenv
_mktemp
fopen
_isatty
fputs
_wcsicmp
_lseeki64
_mkdir
wcslen
isdigit
fgets
__getmainargs
towupper
toupper
_mbsrchr
printf
ctime
_isctype
_lseek
strcmp
__badioinfo
atof
isxdigit
_wtoi
_getch
strtol
_osver
_strnicmp
strcpy
_flsbuf
_strlwr
_mbscmp
_mbsicmp
abort
_ismbblead
isspace
_snwprintf
_lock
memcmp
malloc
wcscat
_pipe
_exit
strtoul
localtime
_pctype
_except_handler3
_adjust_fdiv
_onexit
_assert
putchar
_wtol
atoi
fflush
bsearch
wcsstr
_controlfp
_errno
rand
rewind
_dup2
_vsnprintf
tolower
wcsncmp
_read
gmtime
_wcsupr
iswdigit
_beginthreadex
isleadbyte
swprintf
towlower
iswctype
strcspn
floor
_ftol
fseek
_CIsqrt
_vsnwprintf
fgetc
strtok
memchr
__initenv
_setjmp3
strncmp
_close
_stricmp
_getpid
free
_setjmp
_itow
_wcsnicmp
memcpy
__lc_codepage
_utime
ftell
calloc
__p__fmode
__dllonexit
_filbuf
strncpy
_strdup
cos
__pioinfo
strrchr
_chmod
_unlock
fread
strspn
iswspace
__p__commode
vsprintf
_getcwd
_filelengthi64
_unlink
sprintf
clearerr
wcscspn
__p___initenv
_itoa
_c_exit
_dup
wcstol
perror
wcstombs
_fstat
_fileno
strchr
__CxxFrameHandler
realloc
fclose
strerror
_wcslwr
localeconv
_initterm
_umask
_amsg_exit
ceil
remove
swscanf
sqrt
fsetpos
ungetc
wcschr
_iob
wcscmp
log
_ultoa
_open
_cexit
getenv
_kbhit
_purecall
qsort
puts
exit
_strcmpi

user32

GetMenuState
IntersectRect
SetScrollRange
LoadCursorA
CallNextHookEx
OffsetRect
InvalidateRect
ScrollWindow
DrawMenuBar
DestroyWindow
IsWindowEnabled
GetScrollInfo
BeginPaint
SetActiveWindow
RemoveMenu
GetSysColor
GetMessageA
SetWindowsHookExA
IsWindow
CreatePopupMenu
GetPropA
SetTimer
GetWindowTextA
GetDlgItem
ShowWindow
ShowCursor
GetCapture
DefWindowProcA
IsWindowVisible
SetWindowPos
InsertMenuA
ScreenToClient
TrackPopupMenu
TranslateMessage
GetTopWindow
GetSystemMetrics
GetLastActivePopup
GetWindowDC
SetCapture
IsZoomed
IsChild
EnableWindow
DrawIconEx
IsRectEmpty
OemToCharA
GetScrollPos
WaitMessage
WinHelpA
MessageBoxA
CallWindowProcA
GetSystemMenu
ReleaseDC
GetWindowPlacement
SetScrollInfo
EmptyClipboard
DialogBoxParamA
GetWindowThreadProcessId
SetClipboardData
FillRect
GetIconInfo
DestroyMenu
FindWindowA
GetWindowRect
GetSysColorBrush
PostQuitMessage
DrawIcon
GetMenu
GetKeyState
RegisterClipboardFormatA
RedrawWindow
GetMenuStringA
UpdateWindow
SetMenu
IsDialogMessageA
KillTimer
FrameRect
EnableMenuItem
DispatchMessageA
DrawTextA
EnumWindows
GetMenuItemCount
OpenClipboard
CharNextA
GetScrollRange
GetClientRect
DrawFrameControl
DrawEdge
GetForegroundWindow
SendMessageA
GetDCEx
SetCursor
RegisterWindowMessageA
EqualRect
SetForegroundWindow
GetMessagePos
IsIconic
GetDesktopWindow
SetFocus
wsprintfA
GetClassNameA
SetScrollPos
MapWindowPoints
EndDialog
PeekMessageA
RemovePropA
LoadBitmapA
EnumThreadWindows
ReleaseCapture
GetMenuItemID
MessageBeep
CloseClipboard
UnhookWindowsHookEx
DestroyCursor
ShowOwnedPopups
CharLowerA
AdjustWindowRectEx
SetWindowLongA
CreateWindowExA
SetPropA
GetSubMenu
EndPaint
InflateRect
GetWindowLongA
ClientToScreen
DestroyIcon
LoadIconA
SystemParametersInfoA
PtInRect
GetWindow
CheckMenuItem
GetParent
GetClassInfoA
LoadStringA
InsertMenuItemA
DeleteMenu
WindowFromPoint
SetWindowTextA
PostMessageA
GetCursorPos
UnregisterClassA

Sections

.text
Size: 55KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6c4766a94de7955d9a8e33a24e04343a

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

Sections

.text Size: 55KB - Virtual size: 55KB

.rdata Size: 10KB - Virtual size: 10KB

.data Size: 79KB - Virtual size: 78KB

.rsrc Size: 24KB - Virtual size: 24KB

.text
Size: 55KB - Virtual size: 55KB

.rdata
Size: 10KB - Virtual size: 10KB

.data
Size: 79KB - Virtual size: 78KB

.rsrc
Size: 24KB - Virtual size: 24KB