2ece68d4898c7f18bc49cb69951d742a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2ece68d4898c7f18bc49cb69951d742a_JaffaCakes118
Size

188KB
MD5

2ece68d4898c7f18bc49cb69951d742a
SHA1

05c3111498a99cc008885e99466f285b90676212
SHA256

c8335d36d0a6a4057fdd1305c253a18e879bdd28a0f319378db4a9673f1c458d
SHA512

3642fe51a72dd7ed59ce1d0abd1f47ab983201e664b57ee459604440d489b90adf94b382c306eef0ea1b06e56a85b305109c04788293528230e01cdb66f4b153
SSDEEP

3072:+/KdQAMCR2QHsodcGNQQ1euMVm+Fcfot3:+6NRf1V17M02jt3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ece68d4898c7f18bc49cb69951d742a_JaffaCakes118

Files

2ece68d4898c7f18bc49cb69951d742a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

3bb882cdf0b478a689fbe9a632fd9ee5

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

EscapeCommFunction
SetCommTimeouts
CreateFileA
GetProcAddress
LoadLibraryA
GetVersion
FreeLibrary
MultiByteToWideChar
GetLastError
WritePrivateProfileStringA
GetPrivateProfileStringA
lstrcpynA
SetEvent
CreateThread
ClearCommError
WaitForSingleObject
CreateEventA
GetOverlappedResult
ReadFile
WriteFile
FlushFileBuffers
SetStdHandle
GetOEMCP
GetACP
SetFilePointer
GetCommState
GetCPInfo
TlsGetValue
SetLastError
TlsAlloc
TlsSetValue
GetFileType
GetStdHandle
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
LCMapStringW
LCMapStringA
WideCharToMultiByte
RtlUnwind
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetStringTypeW
GetStringTypeA
SetCommState
lstrcpyA
GetExitCodeThread
GetModuleFileNameA
Sleep
CloseHandle
GetCurrentThreadId
GetTickCount
GlobalAlloc
ExitProcess
GetCommandLineA
HeapFree
HeapAlloc
InterlockedDecrement
InterlockedIncrement
GetModuleHandleA
GetStartupInfoA

user32

GetDC
ReleaseDC
InvalidateRect
ShowWindow
CreateDialogParamA
GetDlgItem
SystemParametersInfoA
SetWindowPos
CallNextHookEx
GetFocus
FindWindowA
GetMessageA
TranslateMessage
DispatchMessageA
CreateWindowExA
LoadCursorA
RegisterClassA
wsprintfA
DestroyIcon
SendDlgItemMessageA
EndDialog
IsDlgButtonChecked
GetWindow
SetWindowTextA
SetDlgItemTextA
CheckDlgButton
SetFocus
DestroyWindow
SetForegroundWindow
PostQuitMessage
GetCursorPos
PostMessageA
DefWindowProcA
SetWindowsHookExA
TrackPopupMenu
DestroyMenu
UnhookWindowsHookEx
LoadMenuA
ModifyMenuA
DrawMenuBar
GetSubMenu
DialogBoxParamA
LoadImageA
GetDesktopWindow
GetWindowRect
GetSystemMetrics
AppendMenuA
CreatePopupMenu
MessageBoxA
EnableWindow

gdi32

TextOutA
DeleteObject
GetTextExtentPoint32A

advapi32

RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegEnumKeyExA
RegCloseKey
RegDeleteValueA

shell32

Shell_NotifyIconA

Sections

.text
Size: 52KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 32KB - Virtual size: 85KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

3bb882cdf0b478a689fbe9a632fd9ee5

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

Sections

.text Size: 52KB - Virtual size: 50KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 32KB - Virtual size: 85KB

.rsrc Size: 92KB - Virtual size: 92KB

.text
Size: 52KB - Virtual size: 50KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 32KB - Virtual size: 85KB

.rsrc
Size: 92KB - Virtual size: 92KB