2f5a52cbcf9ff4d0dd9b9afa0fab2fae_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2f5a52cbcf9ff4d0dd9b9afa0fab2fae_JaffaCakes118
Size

28KB
MD5

2f5a52cbcf9ff4d0dd9b9afa0fab2fae
SHA1

4ab7325ce24c37a5cf76757e982d3cf210c634b5
SHA256

3ee2d9247a1b6bb69e7b11c043de9bb28f674c1756f55508d7e808ac985c2473
SHA512

f6c3c1cdaa1962d6b6df26da12520bdf2d6d0d6cd506e7b29e8cce775428f855a9b44d683928e0987c195444da9d968e8c572412d24abcb6e05fb48cc12704dd
SSDEEP

768:d6eRCesLiZQqBSVhSovToKQz83xLH3/job2Xszt:k1Lo8VhNvTf7xbsb2u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f5a52cbcf9ff4d0dd9b9afa0fab2fae_JaffaCakes118

Files

2f5a52cbcf9ff4d0dd9b9afa0fab2fae_JaffaCakes118
.exe windows:4 windows x86 arch:x86

30c73fd959eb8748498034ccfb4123e0

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
CreateIoCompletionPort
CreateFileW
SetLastError
GetFileAttributesW
PostQueuedCompletionStatus
SetThreadPriority
GetThreadPriority
ReadDirectoryChangesW
GetQueuedCompletionStatus
GetCurrentThread
DeleteFileW
Sleep
GetCommandLineW
GetVersion
CreateThread
lstrcpyW
lstrcatW
GetLastError
lstrlenW
SetFileAttributesW
CreateDirectoryW
SetFileTime
GetFileTime
GetSystemDirectoryW
GetModuleFileNameW
ExitProcess
CreateProcessW
CopyFileW
lstrcmpW
GetWindowsDirectoryW
GetVolumeInformationW
GetDiskFreeSpaceExW
GetDriveTypeW
GetLogicalDrives
GetFileSize
RemoveDirectoryW
ResetEvent
FreeLibrary
GetModuleHandleW
CreateEventW
SetEvent
CloseHandle
WaitForSingleObject
InterlockedDecrement
InterlockedIncrement
GetEnvironmentVariableW

user32

PostThreadMessageW
PeekMessageW
wsprintfW
IsWindow
DestroyWindow
RegisterClassW
DefWindowProcW
CreateWindowExW
PostMessageW
TranslateMessage
GetMessageW
MsgWaitForMultipleObjects
DispatchMessageW
GetForegroundWindow
GetWindowTextW

gdi32

GetStockObject

advapi32

RegOpenKeyExW
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegCloseKey
RegSetValueExW

ole32

CoInitialize
CoCreateInstance

mfc42u

ord668
ord5679
ord4197
ord2756
ord537
ord922
ord2606
ord2910
ord5568
ord356
ord2762
ord2773
ord4053
ord3173
ord3176
ord5706
ord1972
ord547
ord3806
ord825
ord823
ord800
ord538
ord540
ord940
ord942
ord535
ord3579
ord543
ord803
ord6303
ord521
ord858
ord3696
ord500
ord772
ord1105
ord6138
ord2385
ord5856
ord663
ord348
ord1184

msvcrt

wcsstr
_controlfp
__dllonexit
_onexit
??1type_info@@UAE@XZ
_exit
_XcptFilter
exit
__p___winitenv
__wgetmainargs
_initterm
__setusermatherr
_adjust_fdiv
__p__commode
__p__fmode
__set_app_type
_wcsicmp
free
_wcsdup
_except_handler3
_beginthreadex
__CxxFrameHandler
_purecall
malloc
wcstok
wcsrchr

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

30c73fd959eb8748498034ccfb4123e0

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

mfc42u

msvcrt

Sections

.text Size: 19KB - Virtual size: 19KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 2KB - Virtual size: 2KB

.rsrc Size: 512B - Virtual size: 16B

.text
Size: 19KB - Virtual size: 19KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 512B - Virtual size: 16B