2f119a579a5d7b4f17092e52e4a93d5e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2f119a579a5d7b4f17092e52e4a93d5e_JaffaCakes118
Size

76KB
MD5

2f119a579a5d7b4f17092e52e4a93d5e
SHA1

30ff69084c169410a5d5f39babd6cc6a3e05a496
SHA256

d9e42049202b21bcbe88208d985a138b89ca80692ad4b3ce89a631a099fb4e38
SHA512

b65dade09199dcad68e01ccd249e953e8a7ec11c9b7a609a6893f25eda48df593ef486b32c09922502d4d4ebd28409ee918ecea506889e871efb4e1335c93772
SSDEEP

1536:8ZXi5sLp8J0BSQNbWjwRevq+XC/CjIOVnToIfG7j:jop8J0MSbWjwoT2CF9TBfG7j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f119a579a5d7b4f17092e52e4a93d5e_JaffaCakes118

Files

2f119a579a5d7b4f17092e52e4a93d5e_JaffaCakes118
.exe windows:4 windows x64 arch:x64

71dba333846b6e714c8e14bc8c2017d4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_LARGE_ADDRESS_AWARE

Imports

msvcrt

memset
strncmp
memmove
strncpy
strlen
strcpy
strcmp
strcat
memcpy
malloc
free

kernel32

GetModuleHandleA
HeapCreate
SetConsoleCtrlHandler
GetTempFileNameA
GetFullPathNameA
GetSystemDirectoryA
RemoveDirectoryA
HeapDestroy
ExitProcess
GetCommandLineA
HeapAlloc
HeapFree
GetCurrentThreadId
GetCurrentProcessId
CloseHandle
InitializeCriticalSection
GetModuleFileNameA
GetEnvironmentVariableA
SetEnvironmentVariableA
GetCurrentProcess
DuplicateHandle
CreatePipe
GetStdHandle
CreateProcessA
WaitForSingleObject
EnterCriticalSection
LeaveCriticalSection
GetExitCodeProcess
GetCurrentDirectoryA
GetTempPathA
LoadLibraryA
GetProcAddress
FreeLibrary
SetFileAttributesA
DeleteFileA
SetCurrentDirectoryA
CreateDirectoryA
MoveFileA
FindFirstFileA
GetLastError
FindClose
FindNextFileA
WriteFile
CreateFileA
SetFilePointer
GetFileSize
ReadFile
MultiByteToWideChar
HeapReAlloc
DeleteCriticalSection
Sleep
WideCharToMultiByte

ole32

CoInitialize

shell32

ShellExecuteExA

shlwapi

PathRenameExtensionA
PathAddBackslashA
PathQuoteSpacesA
PathGetArgsA

user32

DefWindowProcA
GetWindowLongPtrA
GetWindowTextLengthA
GetWindowTextA
EnableWindow
DestroyWindow
UnregisterClassA
LoadIconA
LoadCursorA
RegisterClassExA
IsWindowEnabled
GetSystemMetrics
CreateWindowExA
SetWindowLongPtrA
SendMessageA
SetFocus
CreateAcceleratorTableA
SetForegroundWindow
BringWindowToTop
GetMessageA
TranslateAcceleratorA
TranslateMessage
DispatchMessageA
DestroyAcceleratorTable
MessageBoxA
GetWindowThreadProcessId
IsWindowVisible
GetForegroundWindow
EnumWindows
SetWindowPos

gdi32

GetStockObject

comctl32

InitCommonControlsEx

Sections

.code
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 14KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.pdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

71dba333846b6e714c8e14bc8c2017d4

Headers

File Characteristics

Imports

msvcrt

kernel32

ole32

shell32

shlwapi

user32

gdi32

comctl32

Sections

.code Size: 11KB - Virtual size: 11KB

.text Size: 42KB - Virtual size: 41KB

.rdata Size: 14KB - Virtual size: 14KB

.pdata Size: 2KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 8KB

.code
Size: 11KB - Virtual size: 11KB

.text
Size: 42KB - Virtual size: 41KB

.rdata
Size: 14KB - Virtual size: 14KB

.pdata
Size: 2KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 8KB