2ea7b69910152a7acd482e10c8a975a0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2ea7b69910152a7acd482e10c8a975a0_JaffaCakes118
Size

103KB
MD5

2ea7b69910152a7acd482e10c8a975a0
SHA1

734558c1f71b11f41705bb8df5ad54367df6c794
SHA256

153538bd6b97ac9d29fbef49d3434a6865c0ce936b91b312c5d66a84ca9cc94d
SHA512

92b4e8cf34e99f283db05dd5260ea084189c3b2066da456ba19d02709e2cde9f31ec58eceb4fec3b0e213773d0a62a1ce7f0550cf2d7da281ee2dad0c770af65
SSDEEP

1536:cy+U6NQClP86crwlELzYkmhaJxzYlqfCvk0gS7RNHs1wZ7bdOkdKThiwT+ISMslv:QU6tPVHEJmMJlCDDKSBkCKFiGPSMsW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ea7b69910152a7acd482e10c8a975a0_JaffaCakes118

Files

2ea7b69910152a7acd482e10c8a975a0_JaffaCakes118
.exe windows:5 windows x86 arch:x86

afda5c6806d80e9d08e9f99767478521

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

IsDBCSLeadByte
lstrcmpA
LoadLibraryW
GetStartupInfoA
GetVersion
DeleteFileW
GetDriveTypeW
QueryPerformanceCounter
CloseHandle
GetLocaleInfoW
SetEvent
InitializeCriticalSectionAndSpinCount
GlobalLock
FreeEnvironmentStringsW
RtlUnwind
GetPrivateProfileStringA
LoadResource
GetFileAttributesW
SetLastError
UnhandledExceptionFilter
GetVersionExA
GetProcessHeap
OpenProcess
GetCommandLineW
DisableThreadLibraryCalls
CreateFileMappingA
SetHandleCount
VirtualProtect
DeleteCriticalSection
Sleep
TlsGetValue
InterlockedIncrement
CreateFileA
InterlockedCompareExchange
GetSystemTimeAsFileTime
GetThreadLocale
GetModuleFileNameA
CreateEventA
ReadFile
SizeofResource
DuplicateHandle
UnmapViewOfFile
OpenEventW
HeapDestroy
WideCharToMultiByte
GetLocaleInfoA
GetCurrentProcessId
LeaveCriticalSection
GetTickCount
GetCurrentProcess
GetOEMCP
TerminateProcess
LoadLibraryA
GetCurrentThreadId
LocalFree
FreeLibrary
SetEndOfFile
TlsSetValue
SetFileTime
GetFileSize
HeapFree
GetACP
InitializeCriticalSection
GetFileType

msvcrt

_initterm
_iob
_wtoi
_exit
_amsg_exit
memset
realloc
_adjust_fdiv
_XcptFilter
??0exception@@QAE@XZ

ole32

CoTaskMemFree
SetDocumentBitStg
CoCreateInstance
CLSIDFromProgID

user32

BeginPaint
SetWindowPlacement
GetSubMenu
GetSystemMetrics
GetClientRect
UnhookWindowsHookEx
MessageBoxW
SetPropA
UpdateWindow
EndPaint
PeekMessageW
GetWindowLongW
GetWindowRect
SetWindowTextW
SetFocus
EnableMenuItem
DeleteMenu
GetCapture
CallWindowProcA
PtInRect

Sections

.text
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 18KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

afda5c6806d80e9d08e9f99767478521

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

ole32

user32

Sections

.text Size: 78KB - Virtual size: 77KB

.rdata Size: 3KB - Virtual size: 6KB

.data Size: 18KB - Virtual size: 40KB

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 78KB - Virtual size: 77KB

.rdata
Size: 3KB - Virtual size: 6KB

.data
Size: 18KB - Virtual size: 40KB

.rsrc
Size: 2KB - Virtual size: 2KB