2fe27a7228cd9916c54f74466d45a84a_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2fe27a7228cd9916c54f74466d45a84a_JaffaCakes118
Size

216KB
MD5

2fe27a7228cd9916c54f74466d45a84a
SHA1

262b9b1e6aefe9184f1dc3ede0d9f3fce343c4ea
SHA256

c3ce83b231862167451915781f1c9c3e5f776ce6d0bf833d5222a11c68b89a3a
SHA512

08a1c9ce7d81a25e737c681485d84d64bf3402be9092716d956d21ceb02d335b1df3b1311e3250faa3ebdd0c8380e6f28d0b6a261dd004c411a9370bf9de7257
SSDEEP

3072:0kqxP0eH76qHjnak+YYEIZH2ZUJ5s900IhR3cTV5E:0kqJQqHjavYRIBLsa0CRsZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2fe27a7228cd9916c54f74466d45a84a_JaffaCakes118

Files

2fe27a7228cd9916c54f74466d45a84a_JaffaCakes118
.exe windows:4 windows x86 arch:x86

833dc4a2a4e06e3d8c8c4c6b52cc656f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetEndOfFile
WaitForSingleObjectEx
FindNextChangeNotification
GetModuleFileNameA
ReadConsoleInputA
GetThreadContext
WriteConsoleOutputA
FindFirstVolumeMountPointA
VirtualAlloc
GetSystemWindowsDirectoryA
IsDebuggerPresent
WriteConsoleOutputAttribute
SetFirmwareEnvironmentVariableA
GetCommandLineW
GetCommandLineA
OpenEventA
GetConsoleAliasExesA
ExitProcess
SetConsoleNumberOfCommandsA
SetSystemTimeAdjustment
GetPrivateProfileSectionA
GetNumberOfConsoleMouseButtons
SetHandleInformation
GetCurrentProcessId
GetConsoleInputExeNameA
GetProcessShutdownParameters
IsValidLanguageGroup
RequestDeviceWakeup
GlobalAlloc
ResetEvent
GlobalSize

wininet

HttpQueryInfoA
HttpOpenRequestA
InternetOpenW
InternetConnectA
InternetReadFile
HttpSendRequestA
HttpAddRequestHeadersA

user32

CreateIconIndirect
LoadKeyboardLayoutEx
GetMenuCheckMarkDimensions
DlgDirListComboBoxA
GetUpdateRect
CreateDialogIndirectParamA
UpdatePerUserSystemParameters
ChangeDisplaySettingsExA
SendMessageTimeoutW
PrivateExtractIconExA
GetCursor
GetWindowTextA
DialogBoxIndirectParamA
SendMessageCallbackA
GetTopWindow
CreateAcceleratorTableA
ToAscii
UnlockWindowStation
RegisterMessagePumpHook
UnregisterUserApiHook
RegisterWindowMessageA
GetThreadDesktop
SetWinEventHook
LoadStringA
GetWindowDC
BroadcastSystemMessageExW
ModifyMenuA
DialogBoxIndirectParamA
OpenIcon
SetWindowsHookA

Exports

Exports

Efcckvywr
OpenVtrldcqpjrl

Sections

.itext
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 204KB - Virtual size: 482KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

833dc4a2a4e06e3d8c8c4c6b52cc656f

Headers

File Characteristics

Imports

kernel32

wininet

user32

Exports

Exports

Sections

.itext Size: - Virtual size: 3KB

.text Size: 204KB - Virtual size: 482KB

.idata Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 1KB

.itext
Size: - Virtual size: 3KB

.text
Size: 204KB - Virtual size: 482KB

.idata
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 1KB