2fb146d10cffdce54e9b6a9218f0e30d_JaffaCakes118

General

Target

2fb146d10cffdce54e9b6a9218f0e30d_JaffaCakes118
Size

193KB
MD5

2fb146d10cffdce54e9b6a9218f0e30d
SHA1

b92a232380c80b271e3a839d02fc0e8221b914fd
SHA256

d7046cbc176401d3293f8f17734f9dd5b17393b85282b29c5f33d544cafb0066
SHA512

68e5ebc0693995e9063d6616ef791f1010d7274e1028e73b71b9ffe56a0f767a7c8a80cd43197b0fd7aed7767af0cfb7e2de6959d404bb00ced8f526857fc9da
SSDEEP

6144:rURwJgRENi4FymAZZ7kxL4C/mWoz9H+HC04wSO:gqkEF0ZkL4C/mTz9eHYA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2fb146d10cffdce54e9b6a9218f0e30d_JaffaCakes118

Files

2fb146d10cffdce54e9b6a9218f0e30d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

ffd2dc9a9946b173f8e58e79c3df6c9f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CompareStringW
GetProcAddress
LoadLibraryA
WaitForMultipleObjectsEx
GetLocaleInfoA
GetModuleHandleA
CompareStringA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapAlloc
RaiseException
SetHandleCount
GetStdHandle
GetFileType
WideCharToMultiByte
GetTimeZoneInformation
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
HeapFree
RtlUnwind
WriteFile
VirtualAlloc
HeapReAlloc
GetLastError
FlushFileBuffers
ReadFile
MultiByteToWideChar
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetCPInfo
GetACP
GetOEMCP
SetStdHandle
SetFilePointer
CloseHandle
SetEnvironmentVariableA

user32

MapVirtualKeyA

gdi32

GetWindowOrgEx
CreateMetaFileW
TextOutA
Arc
StrokePath
MaskBlt
SetColorSpace
ExcludeClipRect
GdiGetDC
SetICMProfileA
PolyDraw
GetCharWidthA
GetLogColorSpaceA
SetDIBitsToDevice
MoveToEx
GetStockObject
PolyTextOutA
CreatePen
ColorCorrectPalette
GetClipRgn
EnumFontFamiliesA
Chord
GetCharWidthI
GetGlyphOutlineW
GdiGetSpoolFileHandle
AbortDoc
ChoosePixelFormat
SetMapMode
ExtEscape
CreateRoundRectRgn
EndDoc
GetBkMode
BeginPath
PolyPolyline
RemoveFontResourceExW
AddFontResourceExW
SetBkColor
GetROP2
PolyTextOutW
GetTextExtentPointW
GetCharABCWidthsFloatW
GetTextCharacterExtra
ScaleWindowExtEx

Sections

.text
Size: 183KB - Virtual size: 182KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 245KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ffd2dc9a9946b173f8e58e79c3df6c9f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

Sections

.text Size: 183KB - Virtual size: 182KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 245KB

.text
Size: 183KB - Virtual size: 182KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 245KB