2f16752eb64b682fb58d652b5e83e680_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2f16752eb64b682fb58d652b5e83e680_JaffaCakes118
Size

146KB
MD5

2f16752eb64b682fb58d652b5e83e680
SHA1

a04e224aaef42991d46a2196a2554a3e6040874b
SHA256

7789b45891989e69acd7701b63620838432647be4927154065a0d26a561ea261
SHA512

e77e01e569de2cd50e7e4e50243ed13282c6c03fe223f636303e3d545159effed4cedbac87b2f28952dfd114e592cd47a46abba15c82f9d8ff9ac0b0bdc0eacf
SSDEEP

3072:9ijcpvNXC8e7pygIogEkT+dAOQv00TkYCiPJ:9+cl1e7pyOkuAjTei

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f16752eb64b682fb58d652b5e83e680_JaffaCakes118

Files

2f16752eb64b682fb58d652b5e83e680_JaffaCakes118
.exe windows:6 windows x86 arch:x86

5cb8d600df432e74333c7211e2963fe8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_ReplaceIcon
InitCommonControlsEx
CreatePropertySheetPageW
ImageList_SetIconSize
ImageList_Draw
PropertySheetW
CreateStatusWindowW
ImageList_Destroy
ImageList_Create

shlwapi

PathIsPrefixW
PathIsRelativeW

user32

GetForegroundWindow

kernel32

GetFileType
HeapValidate
GetUserDefaultLCID
VirtualFree
EnumResourceLanguagesA
FindNextFileW
GlobalUnlock
SetCurrentDirectoryW
SuspendThread
GetSystemWindowsDirectoryW
GetComputerNameExA
DisconnectNamedPipe
CreateNamedPipeA
SleepEx
SetSystemTime
SystemTimeToFileTime
SetPriorityClass
lstrlenW
IsBadCodePtr
SetNamedPipeHandleState
CompareFileTime
CreateEventW
CopyFileW
LockFile
FindResourceExW
HeapLock
lstrcmpW
GetUserDefaultLangID
ReleaseMutex
GetSystemInfo
FormatMessageA
GetBinaryTypeW
FreeLibrary
HeapUnlock
GlobalCompact
FindResourceW
GetCPInfo
GlobalFindAtomW
SetLastError
MoveFileA
CreateNamedPipeW
GetThreadPriority
GetModuleFileNameA
GetOEMCP
GetCommandLineW
DeleteAtom
SetThreadExecutionState
VirtualAlloc
SetErrorMode
VirtualQuery
FindNextChangeNotification
CreateWaitableTimerW
GlobalMemoryStatus
lstrcpyA
CreateSemaphoreA
GetProcAddress
OpenFile
SetEndOfFile
PulseEvent
SetFilePointer
SetHandleInformation
UnmapViewOfFile

advapi32

CryptDecrypt
RegCreateKeyW
RegEnumValueA
RegEnumKeyW
RegEnumKeyA
RegDeleteValueA
RegOpenKeyExA
CryptHashData
RegOpenKeyW
RegQueryInfoKeyA
GetLengthSid
OpenEventLogA
RegOpenKeyExW
CryptDestroyHash
CryptDeriveKey
RegQueryValueExW
RegEnumKeyExA

Exports

Exports

?BightDialog@@YGEUtext@@@Z
?FiveTialog@@YGEUtext@@@Z

Sections

.text
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.gute
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.dlop
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.wire
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.voun
Size: 18KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.cold
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.xerm
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5cb8d600df432e74333c7211e2963fe8

Headers

File Characteristics

Imports

comctl32

shlwapi

user32

kernel32

advapi32

Exports

Exports

Sections

.text Size: 68KB - Virtual size: 68KB

.gute Size: 512B - Virtual size: 28B

.dlop Size: 512B - Virtual size: 64B

.data Size: 5KB - Virtual size: 4KB

.wire Size: 18KB - Virtual size: 17KB

.voun Size: 18KB - Virtual size: 18KB

.cold Size: 9KB - Virtual size: 8KB

.xerm Size: 15KB - Virtual size: 14KB

.rsrc Size: 9KB - Virtual size: 8KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 68KB - Virtual size: 68KB

.gute
Size: 512B - Virtual size: 28B

.dlop
Size: 512B - Virtual size: 64B

.data
Size: 5KB - Virtual size: 4KB

.wire
Size: 18KB - Virtual size: 17KB

.voun
Size: 18KB - Virtual size: 18KB

.cold
Size: 9KB - Virtual size: 8KB

.xerm
Size: 15KB - Virtual size: 14KB

.rsrc
Size: 9KB - Virtual size: 8KB

.reloc
Size: 1KB - Virtual size: 1KB