2f960565443e86c9dc599b804be02ed0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2f960565443e86c9dc599b804be02ed0_JaffaCakes118
Size

428KB
MD5

2f960565443e86c9dc599b804be02ed0
SHA1

20ac97cca0c594f8a0ade5cf8f059346fbd6a7c6
SHA256

1545c15d9985adfa23a777c9050297b9058663439e18c42489d9573106714b28
SHA512

b3c3f71fe92cbf4dd554830088d08f8dc718d3cde04d5df67e8de13ca31328b197370bdf4b1f4cb3648062f2f7091d55e7d69814a9c8183fab82d9da6ad02c77
SSDEEP

6144:4Z0NXhVIPrh0TcwzXF66RSuP/b+mlm+1djTjH8qgahnM+QVVyKANETnJVWY1ST6E:9N7IP+Lmub+mlhdjTjHQpPHbdW+Hu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f960565443e86c9dc599b804be02ed0_JaffaCakes118

Files

2f960565443e86c9dc599b804be02ed0_JaffaCakes118
.exe windows:4 windows x86 arch:x86

e7ef982f108db1717b7611dfc75fc7fb

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

DestroyMenu
PostQuitMessage
SetWindowPos
EndPaint
GetDC
ReleaseDC
EnableWindow
TranslateMessage
EnableMenuItem
GetSubMenu
SetTimer
BeginPaint
GetSystemMetrics
GetWindowRect
CheckMenuItem
GetWindowLongA
TrackPopupMenu
SetForegroundWindow
EndDialog
SetWindowLongA

kernel32

TerminateProcess
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetTimeZoneInformation
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidLocale
LCMapStringW
LCMapStringA
SetConsoleCtrlHandler
IsBadWritePtr
FatalAppExitA
InterlockedIncrement
RtlUnwind
HeapFree
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
TlsFree
VirtualAlloc
Sleep
VirtualFree
HeapCreate
IsValidCodePage
GetVersion
GetACP
CloseHandle
GetModuleHandleA
MapViewOfFile
RaiseException
GetCommandLineA
LockResource
CreateProcessW
GetThreadLocale
lstrlenA
SetStdHandle
GetLastError
LeaveCriticalSection
GetLocaleInfoW
CreateFileW
GlobalLock
GetProcessHeap
GetProcAddress
GetStartupInfoW
GetStartupInfoA
lstrcmpiW
FlushFileBuffers
VirtualProtect
GetTickCount
QueryPerformanceCounter
GetOEMCP
SetHandleCount
EnterCriticalSection
WriteConsoleW
GetCurrentThreadId
SetEndOfFile
GlobalAlloc
SetUnhandledExceptionFilter
MultiByteToWideChar
LoadLibraryExW
UnhandledExceptionFilter
LoadLibraryA
GetModuleFileNameA
HeapAlloc
TlsGetValue
SetLastError
InterlockedDecrement
FindClose
LoadResource
InitializeCriticalSection
SetEvent
GetStringTypeW
HeapReAlloc
WriteFile
InterlockedExchange
GetStringTypeA
GetCPInfo
HeapSize
FreeEnvironmentStringsW
GetCurrentProcess
DeleteCriticalSection
FreeEnvironmentStringsA
GetFileAttributesW
WaitForSingleObject
ReleaseMutex
GetStdHandle
GetCurrentThread
GetCurrentProcessId
ExitProcess
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
GetFileType
TlsSetValue
TlsAlloc

Sections

.text
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

egqeaek
Size: 344KB - Virtual size: 343KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

qseca
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

smwais
Size: 4KB - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e7ef982f108db1717b7611dfc75fc7fb

Headers

File Characteristics

Imports

user32

kernel32

Sections

.text Size: 52KB - Virtual size: 49KB

egqeaek Size: 344KB - Virtual size: 343KB

qseca Size: 24KB - Virtual size: 22KB

smwais Size: 4KB - Virtual size: 588B

.text
Size: 52KB - Virtual size: 49KB

egqeaek
Size: 344KB - Virtual size: 343KB

qseca
Size: 24KB - Virtual size: 22KB

smwais
Size: 4KB - Virtual size: 588B