2f1b01746a92acff63b140fd21f796aa_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2f1b01746a92acff63b140fd21f796aa_JaffaCakes118
Size

212KB
MD5

2f1b01746a92acff63b140fd21f796aa
SHA1

898fe731449a7a6f42306ddea971bebe905c83be
SHA256

d3c895f1155908b47b23a42733a98c7bc11afdc4f1e34d77548664d0985f27f6
SHA512

6b2cf70b495a3499aa6465bc19d557c28367bdb5bbf6a9a7deaca047a432c11adfd193b0aeb6bb26d0890dcf43aead401b09e92c6f10b5f3c9f5f4b3e21bff94
SSDEEP

3072:bCdEIa7PYJe+gXBkhLOIGbyHZxXHui28ujRGCpLJeb8iPkif/Urs0h2xHDdLDnye:bCC7PGe+cBk1fJ5xXHzujvpUdoj6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f1b01746a92acff63b140fd21f796aa_JaffaCakes118

Files

2f1b01746a92acff63b140fd21f796aa_JaffaCakes118
.exe windows:4 windows x86 arch:x86

23216f681254e77f8c2f14dcdcb184db

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

comctl32

ImageList_DrawEx
ImageList_EndDrag
ImageList_SetBkColor
ImageList_SetDragCursorImage

user32

CharNextA
DrawFrameControl
DrawIconEx
EqualRect
FillRect
GetClassInfoA
GetClassNameA
GetDesktopWindow
GetMenu
GetMenuItemID
GetSysColorBrush
GetWindow
IsRectEmpty
LoadBitmapA
PtInRect
RegisterClipboardFormatA
RegisterWindowMessageA
RemovePropA
ScrollWindow
SetClipboardData
SetForegroundWindow
SetWindowLongA
TrackPopupMenu

kernel32

CreateEventA
CreateProcessA
ExitProcess
FindClose
FreeEnvironmentStringsW
GetCommandLineA
GetCurrentProcess
GetEnvironmentVariableA
GetFileSize
GetShortPathNameA
GetTickCount
GetTimeZoneInformation
GlobalLock
InterlockedCompareExchange
IsBadWritePtr
LeaveCriticalSection
LoadLibraryExW
LocalAlloc
LockResource
ResetEvent
SystemTimeToFileTime
TlsFree
TlsSetValue
lstrcmpiW
lstrlenW

shell32

DragQueryFile
DragQueryFileA
ExtractIconW
SHAppBarMessage
SHBrowseForFolder
SHBrowseForFolderA
SHChangeNotify
SHCreateDirectoryExA
SHGetDesktopFolder
SHGetFileInfo
SHGetFileInfoW
SHGetFolderLocation
SHGetFolderPathA
SHGetFolderPathW
SHGetMalloc
SHGetPathFromIDList
SHGetPathFromIDListA
SHGetSettings
SHGetSpecialFolderPathA
ShellExecuteEx
ShellExecuteW
Shell_NotifyIconA

gdi32

CreateDIBitmap
DPtoLP
EndPath
EnumFontFamiliesW
EnumFontsA
GetTextColor
GetViewportExtEx
IntersectClipRect
RemoveFontResourceA
SetTextAlign

Sections

.text
Size: 89KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 99KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 18KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

9aVFBNDn
Size: 2KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

23216f681254e77f8c2f14dcdcb184db

Headers

File Characteristics

Imports

comctl32

user32

kernel32

shell32

gdi32

Sections

.text Size: 89KB - Virtual size: 88KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 99KB - Virtual size: 99KB

.rsrc Size: 18KB - Virtual size: 17KB

9aVFBNDn Size: 2KB - Virtual size: 120KB

.text
Size: 89KB - Virtual size: 88KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 99KB - Virtual size: 99KB

.rsrc
Size: 18KB - Virtual size: 17KB

9aVFBNDn
Size: 2KB - Virtual size: 120KB