2f343040948d554255733af74f1ea8ad_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2f343040948d554255733af74f1ea8ad_JaffaCakes118
Size

252KB
MD5

2f343040948d554255733af74f1ea8ad
SHA1

ad46b1b1fa80452c3c35930089d69d34bcbfddbc
SHA256

11d7d78b61ae07a418a539a036726eea3c6a5d5b481d6f60684fa5f6ec09737d
SHA512

1a0c567092deaef44bf024984c08e7f497fc10c239db458ef776ae2a47f617d84033785c7061f4668f12e8962519edf85123a6d16f39e5f0898a563f56d9b33a
SSDEEP

6144:fgKMPS9hQXnFopU9Fe6pAWXdEWS5YaRPfuU0GOBp7yONlll1KSR4xs/:fxMPUhQXFoiFeFWXaR5YaRHF0GOBp7yk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f343040948d554255733af74f1ea8ad_JaffaCakes118

Files

2f343040948d554255733af74f1ea8ad_JaffaCakes118
.exe windows:4 windows x86 arch:x86

022ebd9dc057a179ad7b6399840fe743

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

wininet

ShowClientAuthCerts
InternetFindNextFileW
CreateUrlCacheContainerW

advapi32

RegEnumKeyA
RegNotifyChangeKeyValue
RegCreateKeyExW
CreateServiceA
CryptContextAddRef
RegDeleteKeyA
RegEnumKeyW
CryptExportKey
DuplicateTokenEx
CryptSetHashParam
ReportEventA
RegEnumKeyExA
RegReplaceKeyA
RegQueryMultipleValuesW
CryptGenKey

gdi32

GetLogColorSpaceW
GetCurrentObject
Rectangle
GetGlyphOutlineA
UpdateColors
CombineRgn
MoveToEx
SetWindowExtEx
GetBrushOrgEx
EnumFontsW
ExtTextOutW
SetBitmapBits
PlayEnhMetaFileRecord
OffsetViewportOrgEx
DescribePixelFormat

comdlg32

ChooseColorW
PageSetupDlgW
GetFileTitleA
PrintDlgA
GetSaveFileNameW
LoadAlterBitmap
GetSaveFileNameA

kernel32

FreeEnvironmentStringsA
MultiByteToWideChar
SetWaitableTimer
SetConsoleActiveScreenBuffer
GetCommandLineA
VirtualFree
HeapAlloc
SetConsoleCursorInfo
GetOEMCP
ExitProcess
GetFileType
RtlUnwind
TerminateProcess
FindResourceExW
GetStringTypeW
GetEnvironmentVariableW
GetCPInfo
TlsAlloc
HeapReAlloc
HeapDestroy
GetCurrentThread
OpenFileMappingW
LoadLibraryA
CreateMailslotW
FreeEnvironmentStringsW
RtlMoveMemory
GetTimeZoneInformation
GetACP
LCMapStringA
QueryPerformanceCounter
HeapFree
GetEnvironmentStrings
GetCurrentProcessId
GlobalReAlloc
LocalCompact
GetStartupInfoA
GetEnvironmentStringsW
UnhandledExceptionFilter
GetProcAddress
GetModuleFileNameA
WideCharToMultiByte
InterlockedExchange
IsBadWritePtr
VirtualAlloc
GetLastError
ReleaseMutex
GetPriorityClass
GetSystemTimeAsFileTime
UnlockFileEx
SetHandleCount
GetTickCount
GetConsoleTitleW
TlsGetValue
SuspendThread
GetVersion
GetStdHandle
WaitNamedPipeA
LeaveCriticalSection
WriteFile
EnterCriticalSection
TlsFree
GetCurrentProcess
HeapCreate
GetStringTypeA
InitializeCriticalSection
TlsSetValue
GetCurrentThreadId
DeleteCriticalSection
GetLocaleInfoW
SetLastError
GetDriveTypeW
MoveFileW
VirtualQuery
GetModuleHandleA
LCMapStringW
GetSystemDirectoryA

Sections

.text
Size: 137KB - Virtual size: 136KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 106KB - Virtual size: 106KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

022ebd9dc057a179ad7b6399840fe743

Headers

File Characteristics

Imports

wininet

advapi32

gdi32

comdlg32

kernel32

Sections

.text Size: 137KB - Virtual size: 136KB

.data Size: 106KB - Virtual size: 106KB

.rsrc Size: 8KB - Virtual size: 7KB

.text
Size: 137KB - Virtual size: 136KB

.data
Size: 106KB - Virtual size: 106KB

.rsrc
Size: 8KB - Virtual size: 7KB