2fa6c8eb1a0a7319e7c99af7c1afcb0c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2fa6c8eb1a0a7319e7c99af7c1afcb0c_JaffaCakes118
Size

132KB
MD5

2fa6c8eb1a0a7319e7c99af7c1afcb0c
SHA1

ea35119f8c8c364d1920271c85859db4068ff2ca
SHA256

70cb6151f564b2c4e9553aab208f95769497ff6a657abcaef4fc003cea59067e
SHA512

f2a33b242c68ce3f0880ff9a1568a285532c4a95476a96ba6265414c84b7f9d70d8c33a11393af876a8ed390828df418aa411a3f5b6512663059814e83517d83
SSDEEP

3072:fsFwKVfpHUKMvQ788V6ET+iQ8ihiPStCvawxrtvonY:EFRp8cT8APStCvXeY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2fa6c8eb1a0a7319e7c99af7c1afcb0c_JaffaCakes118

Files

2fa6c8eb1a0a7319e7c99af7c1afcb0c_JaffaCakes118
.exe windows:4 windows x86 arch:x86

dca1d9dce0d705356a2edc539f0208fa

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCommandLineW
GetProcessHeap
GetStdHandle
GetModuleHandleA
VirtualAlloc
ExitProcess

user32

SendMessageA
SetCapture
SetWindowPlacement
DrawMenuBar
DeleteMenu
GetWindowTextLengthA
DrawAnimatedRects
EnableMenuItem
UpdateWindow
EnableScrollBar
GetKeyboardType
DefWindowProcA
SetCursor
GetActiveWindow
SystemParametersInfoA
SetScrollInfo
IntersectRect
GetSysColorBrush
SetWindowsHookExA
GetMenuState
ActivateKeyboardLayout
GetCursorPos
SetPropA
SetActiveWindow
CharUpperBuffA
PtInRect
SetParent
WindowFromPoint
DispatchMessageA
IsWindowUnicode
IsMenu
DestroyCursor
ShowScrollBar
SetForegroundWindow
EndPaint
RegisterClipboardFormatA
TrackPopupMenu
CharNextW
GetForegroundWindow
CallNextHookEx
ReleaseCapture
GetDlgItem
DrawIconEx
DrawEdge
DestroyWindow
IsWindow
IsDialogMessageW
LoadBitmapA
EmptyClipboard
PostQuitMessage
EndDialog
GetScrollPos
IsZoomed
EqualRect
DestroyIcon
SetClipboardData
GetWindowThreadProcessId
OpenIcon
FrameRect
DrawIcon
GetTopWindow
SetScrollPos
GetKeyState
GetClassInfoA
CharToOemA
MessageBoxA
IsRectEmpty
GetDC
CharLowerBuffA
GetSystemMenu
SetScrollRange
TranslateMessage
GetDCEx
ChildWindowFromPoint
KillTimer
GetSystemMetrics
EnumChildWindows
UnhookWindowsHookEx
BeginPaint
GetCapture
GetClassNameA
EnumThreadWindows
GetScrollInfo
OffsetRect
IsCharUpperA
DefMDIChildProcA
CreateMenu
GetKeyboardState
FindWindowA
MoveWindow
EnableWindow
OemToCharA
RegisterClassA
CharLowerA

oleaut32

GetErrorInfo
OleLoadPicture
SysReAllocStringLen
RegisterTypeLib
SafeArrayUnaccessData
VariantChangeType
SysAllocStringLen
SafeArrayPtrOfIndex
SysFreeString
SysStringLen

msvcrt

swprintf
tolower
memmove
wcstol
srand
memset
sprintf
memcpy
_acmdln
mbstowcs

gdi32

SelectPalette
GetTextAlign
GetBkColor

comdlg32

ChooseColorA

version

VerFindFileA
GetFileVersionInfoSizeA

shell32

SHGetFileInfoA
SHGetDiskFreeSpaceA
Shell_NotifyIconW
SHGetDesktopFolder

shlwapi

SHEnumValueA
PathIsContentTypeA
SHQueryValueExA
SHQueryInfoKeyA
SHStrDupA

advapi32

RegQueryValueA
RegCreateKeyExA

Exports

Exports

_ljFpl@12
jA2VRvjIV@4
_66xWmSGVx
_WaHCt
tsyRnfDxUkG
pLRtdP@4
xRnx51
_CnwXCj_guTE
B2Z8LzDrl
_UsZGQqgA
_3QmVAqmNxw1
_ldcuyMkmvsGQ
dVEfjSIygBuQ@12
_QI5hnPQuApGzz@4
LSQfc@12
UPaVOcJ5P
_ZTN8tw7SMD@4
_TKVdgqQ5@8
_m5nA_JLzYLe
_OJvbaR2@12
_ZiSQgHzuh
_pH4DvBntHcbm
_rjotEV_NT8cQg@12
7xQFGyuH_nlF@8
bGx0GJXtVkl2eW
xsxl9@16
_1wfr8
NcTWRZAwHh@16
KrE2ig@20
_BIJbwp92J
QZDzsNGkC5yI
JXozPhh
mC31JGCd5RBwb@4

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 107KB - Virtual size: 235KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
.data
.rdata
.rsrc/0/DIALOG/TEXTFILEDLG
.rsrc/0/MANIFEST/1
.xml
.rsrc/0/RCDATA/DVCLAL
.rsrc/0/STRING/4094
.rsrc/0/STRING/4095
.rsrc/1033/BITMAP/BBABORT.bmp
.rsrc/1033/version.txt
.text

Sharing

General

Malware Config

Signatures

Files

dca1d9dce0d705356a2edc539f0208fa

Headers

File Characteristics

Imports

kernel32

user32

oleaut32

msvcrt

gdi32

comdlg32

version

shell32

shlwapi

advapi32

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 12KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 107KB - Virtual size: 235KB

.rsrc Size: 5KB - Virtual size: 4KB

.text
Size: 12KB - Virtual size: 12KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 107KB - Virtual size: 235KB

.rsrc
Size: 5KB - Virtual size: 4KB