2ff3c101998dc76f92f3dd57f677d0d8_JaffaCakes118

General

Target

2ff3c101998dc76f92f3dd57f677d0d8_JaffaCakes118
Size

28KB
MD5

2ff3c101998dc76f92f3dd57f677d0d8
SHA1

b4153334a8aa26fb10c718845e5cddd41249edac
SHA256

74bc4b2b61a2b10d5846754e06e0634513da60095754700daae772c15f223829
SHA512

c37e5a90df29689df40102d3e68ce9a9ccb27127702e14317b2c92dd1fade3e5f9b336022ea84870f56e5916752fa9339b3881afb0b4fb478a203ef2cf04e12b
SSDEEP

384:8ryFKMiaF0amlTdGvZV+H9yyiojwPonYWSHcbX/LjKcwHA:UmKE0OGdyKEgYW2OzjK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ff3c101998dc76f92f3dd57f677d0d8_JaffaCakes118

Files

2ff3c101998dc76f92f3dd57f677d0d8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

b5e00298ab7c93b7ab4177538f1a43a4

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetModuleFileNameA
CreateMutexA
GetCurrentProcess
lstrlenA
lstrcmpiA
GetLastError
CloseHandle
LoadLibraryA
GetProcAddress
GetCurrentProcessId
GetVersionExA
lstrcpyA
TerminateProcess
UnhandledExceptionFilter
GetStringTypeA
LCMapStringW
GetStringTypeW
MultiByteToWideChar
LCMapStringA
VirtualAlloc
HeapAlloc
HeapReAlloc
GetACP
GetCPInfo
GetOEMCP
RtlUnwind
FreeLibrary
ReleaseMutex
WriteFile
FreeEnvironmentStringsA
HeapCreate
HeapDestroy
VirtualFree
GetModuleHandleA
GetStartupInfoA
GetCommandLineA
GetVersion
ExitProcess
HeapFree
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetStdHandle
GetEnvironmentStringsW
SetHandleCount
GetFileType

user32

DispatchMessageA
ExitWindowsEx
DestroyIcon
UpdateWindow
TranslateMessage
GetMessageA
LoadImageA
ShowWindow
RegisterWindowMessageA
GetAsyncKeyState
PostQuitMessage
LoadIconA
DefWindowProcA
LoadCursorA
CreateWindowExA
RegisterClassA
MessageBoxA

gdi32

GetStockObject

advapi32

RegDeleteValueA
AdjustTokenPrivileges
RegCloseKey
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
LookupPrivilegeValueA
OpenProcessToken

shell32

Shell_NotifyIconA

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b5e00298ab7c93b7ab4177538f1a43a4

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

Sections

.text Size: 12KB - Virtual size: 11KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 512B

.text
Size: 12KB - Virtual size: 11KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 512B