2f0b2d6f340c84787268fdeae08079bf_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2f0b2d6f340c84787268fdeae08079bf_JaffaCakes118
Size

100KB
MD5

2f0b2d6f340c84787268fdeae08079bf
SHA1

81d0ebbd0183784dfb30a5b63200abf414c27ec6
SHA256

f87a3a36ecc704676929cdfd06fc9995c44c81c9d2bd7b59466acc3fa1e3d28d
SHA512

2d3b3a7d8ce749796871a4aedf25e14f8c19e7d4695262fa067b7a5292d4cf8e92c792d587fa1d71f1808c73a29154f4d4ff81de348cd6914cd414185e47329e
SSDEEP

1536:ef54jSWet63rznp/79SJUVETv8s984IEg72PmUvRwQukakzp/KlYvwG+c/:emfeM3fnRUJUfxjY6pkakzQlY4G+c/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f0b2d6f340c84787268fdeae08079bf_JaffaCakes118

Files

2f0b2d6f340c84787268fdeae08079bf_JaffaCakes118
.exe windows:4 windows x86 arch:x86

86d148b727acb0f48c7c737b39c44dd3

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

shlwapi

SHDeleteKeyA
SHDeleteValueA
SHGetValueA
SHSetValueA

shell32

SHGetSpecialFolderPathA

kernel32

CreateRemoteThread
GetProcAddress
LoadLibraryA
OpenProcess
MultiByteToWideChar
lstrlenA
SetPriorityClass
FindClose
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
WaitForSingleObject
GetLastError
GetModuleFileNameA
GetModuleHandleA
FindFirstFileA
HeapFree
HeapAlloc
GetProcessHeap
WriteFile
SetFilePointer
ReadFile
GetFileSize
CreateFileA
GetWindowsDirectoryA
GetVersionExA
DeleteFileA
SetFileAttributesA
GetShortPathNameA
WideCharToMultiByte
lstrlenW
UnmapViewOfFile
MapViewOfFile
OpenFileMappingA
GetSystemDirectoryA
GetTempPathA
SetFileAttributesW
TerminateProcess
FindNextFileA
GetFullPathNameA
GetLongPathNameA
ResumeThread
SuspendThread
CloseHandle
InterlockedExchange
DeleteCriticalSection
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
RtlUnwind
FreeLibrary
InterlockedIncrement
HeapReAlloc
RaiseException
GetCurrentProcess
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetFileType
GetCurrentThreadId
TlsSetValue
TlsAlloc
SetLastError
TlsGetValue
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
LCMapStringA
LCMapStringW
VirtualAlloc
IsBadWritePtr
HeapSize
SetUnhandledExceptionFilter
GetCPInfo
GetACP
GetOEMCP
IsBadReadPtr
IsBadCodePtr
GetStringTypeA
GetStringTypeW
SetStdHandle
FlushFileBuffers
Sleep
RemoveDirectoryA
InterlockedDecrement

user32

IsWindow
PostMessageA
GetWindowThreadProcessId
EnumWindows

advapi32

RegQueryValueExA
RegDeleteValueA
RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
RegEnumValueA
RegDeleteKeyA
RegEnumKeyExA

ole32

CoInitialize
CoUninitialize

Sections

.text
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

86d148b727acb0f48c7c737b39c44dd3

Headers

File Characteristics

Imports

shlwapi

shell32

kernel32

user32

advapi32

ole32

Sections

.text Size: 68KB - Virtual size: 65KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 16KB - Virtual size: 40KB

.text
Size: 68KB - Virtual size: 65KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 16KB - Virtual size: 40KB