2fdb44ee1e550ce5f9d2f0f4dc99a1c1_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2fdb44ee1e550ce5f9d2f0f4dc99a1c1_JaffaCakes118
Size

740KB
MD5

2fdb44ee1e550ce5f9d2f0f4dc99a1c1
SHA1

c4cfae0393995b4dfc1695487651a99ffc7a97fb
SHA256

614fb3ad38358035780b00bb72972941367644e786ff2af1d9e9688414628c20
SHA512

1f60b289d66c5a85f0266adc515cceafda44894877413dc4ef98823b02981b9b167c6278afec989960be1a2a2853e3c6c28cb96141803acd7c4a23dcf2c2c866
SSDEEP

12288:qgyCnquxmzr605vI7OIXMcIRbbylLfH8mmpG7lEmg8R:qgbnqNz217OIXM9yhkmcL8R

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2fdb44ee1e550ce5f9d2f0f4dc99a1c1_JaffaCakes118

Files

2fdb44ee1e550ce5f9d2f0f4dc99a1c1_JaffaCakes118
.exe windows:4 windows x86 arch:x86

57a3ac69b61615baf091402be57e4923

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\lcema.pdb

Imports

ole32

CoTaskMemFree
GetHGlobalFromILockBytes
CoTreatAsClass
WriteFmtUserTypeStg
ReadFmtUserTypeStg
OleIsRunning
CoTaskMemAlloc
SetConvertStg
ReadClassStg

user32

IsDialogMessageA
TranslateAcceleratorA
LoadStringA
SetWindowsHookExA
DeleteMenu
RegisterClassExA
InvalidateRect
GetDlgItem
RegisterClassA
GetDC
IsWindow
PostThreadMessageA
WindowFromPoint
GetWindowTextA
GetScrollInfo
GetForegroundWindow
OpenClipboard
EmptyClipboard
SetMenuDefaultItem
CreateWindowExA
SetParent
LoadCursorA
IsWindowEnabled
GetDlgCtrlID
DefWindowProcA
IsRectEmpty
ReleaseDC
GetNextDlgGroupItem
WindowFromDC
GetPropA
IsDlgButtonChecked
ShowWindow
LoadAcceleratorsA
CreateDialogIndirectParamA
SendDlgItemMessageA
SetScrollRange
GetSysColorBrush
SetWindowPos
CreateCaret
DestroyWindow
GetParent
LoadBitmapA
SetPropA
GetNextDlgTabItem
MapWindowPoints
GetClientRect
TrackPopupMenuEx
SetScrollPos
OffsetRect
GetCursorPos
SetCapture
MessageBoxA

version

VerLanguageNameA
GetFileVersionInfoA
VerQueryValueA
GetFileVersionInfoSizeA

kernel32

IsDebuggerPresent
InterlockedExchange
GetTimeFormatA
GetSystemTimeAsFileTime
GetDateFormatA
GetCPInfo
GetConsoleMode
GetACP
Sleep
TerminateProcess
SetUnhandledExceptionFilter
SetLastError
CompareStringA
HeapSize
SetFilePointer
LCMapStringW
GetModuleHandleW
VirtualFree
GetModuleFileNameA
FlushFileBuffers
HeapCreate
GetProcAddress
VirtualQuery
GetLastError
LCMapStringA
InitializeCriticalSectionAndSpinCount
QueryPerformanceCounter
GetLocaleInfoA
EnterCriticalSection
GetEnvironmentStringsW
RaiseException
TlsFree
GetEnvironmentStrings
GetCommandLineA
GetStartupInfoA
ExitProcess
LeaveCriticalSection
CompareStringW
IsValidCodePage
CreateMutexA
CloseHandle
UnhandledExceptionFilter
TlsAlloc
GetStdHandle
GetCurrentThreadId
TlsGetValue
SetStdHandle
GetConsoleOutputCP
SetHandleCount
GetStringTypeA
FreeEnvironmentStringsA
LoadLibraryA
ReadFile
GetTickCount
WideCharToMultiByte
GetModuleHandleA
GetConsoleCP
SetEnvironmentVariableA
HeapFree
MultiByteToWideChar
WriteConsoleA
GetCurrentProcess
CreateFileA
FreeEnvironmentStringsW
GetCurrentProcessId
GetTimeZoneInformation
WriteConsoleW
GetOEMCP
InterlockedIncrement
HeapReAlloc
GetFileType
WriteFile
RtlUnwind
DeleteCriticalSection
HeapAlloc
TlsSetValue
InterlockedDecrement
VirtualAlloc
GetStringTypeW

gdi32

Ellipse
SetTextColor
SetPaletteEntries
GetObjectA
SetBkColor
RealizePalette
FillRgn
GetClipRgn
SetPixelV
AbortDoc
ExtFloodFill
StretchDIBits
GetTextAlign
GetTextMetricsA
SetTextAlign
GetTextFaceA
SetROP2
PatBlt
CreateRectRgnIndirect
GetPaletteEntries
GetDeviceCaps
ScaleWindowExtEx
CreateDCA
GetStockObject
SetBrushOrgEx
CreatePen
GetDIBits
ExcludeClipRect
DeleteObject
FrameRgn
SetMapMode
RectVisible
GetDCOrgEx
Polygon
SetBkMode
StretchBlt
SelectObject
GetPixel
DeleteDC
MoveToEx
CreateCompatibleBitmap
PtVisible
BitBlt
GetSystemPaletteEntries
GetCharWidthA
ExtSelectClipRgn
CopyMetaFileA
CreateSolidBrush
CreatePatternBrush
CreateFontIndirectA
ScaleViewportExtEx
SetViewportOrgEx
GetTextExtentPoint32A

comctl32

InitCommonControlsEx
ImageList_GetImageCount
ImageList_Draw

advapi32

CloseServiceHandle
OpenProcessToken
RegOpenKeyExA
RegCloseKey
InitializeSecurityDescriptor
RegDeleteValueA
GetSidIdentifierAuthority
AllocateAndInitializeSid
RegCreateKeyExA

Sections

.text
Size: 112KB - Virtual size: 109KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 472KB - Virtual size: 471KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 116KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

57a3ac69b61615baf091402be57e4923

Headers

File Characteristics

PDB Paths

Imports

ole32

user32

version

kernel32

gdi32

comctl32

advapi32

Sections

.text Size: 112KB - Virtual size: 109KB

.rdata Size: 472KB - Virtual size: 471KB

.data Size: 116KB - Virtual size: 113KB

.rsrc Size: 36KB - Virtual size: 32KB

.text
Size: 112KB - Virtual size: 109KB

.rdata
Size: 472KB - Virtual size: 471KB

.data
Size: 116KB - Virtual size: 113KB

.rsrc
Size: 36KB - Virtual size: 32KB