JaffaCakes118_2cbc700e075b00d29d09b22bae8d42ce

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_2cbc700e075b00d29d09b22bae8d42ce
Size

257KB
MD5

2cbc700e075b00d29d09b22bae8d42ce
SHA1

1ba2c5f92af066e44bbf5ad75bc3672e3ed976df
SHA256

5636804440513c044a235e17b481ee8c311f6f94a77762ecbad1944756937fb6
SHA512

d13ef861f4706953149d315a7b5feeb829a3ff43f65926a565a45adc93e3f625405eabf191d9b8a3a4ee3648a89406c68ecbb7bfb3e6d043f02a157962ce2e41
SSDEEP

6144:TtIGO635Nht1MEUKy0ZrGSosRoOMp0ZdEQ6b1u33UaS5:uGl3dYu1XlR/61uHUt5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_2cbc700e075b00d29d09b22bae8d42ce

Files

JaffaCakes118_2cbc700e075b00d29d09b22bae8d42ce
.exe windows:4 windows x86 arch:x86

d8ab85665373bd3ad3df0c3cf9ed53d6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetExitCodeThread
SetEvent
LoadLibraryA
OpenMutexA
GetCurrentProcessId
CompareFileTime
GetComputerNameA
FileTimeToSystemTime
WaitForMultipleObjects
GetModuleFileNameA
GetModuleHandleA
GetLocalTime
GetCurrentThreadId
GetCurrentDirectoryA
FreeLibrary
Sleep
GetLastError
CreateEventA
CreateMutexA
WaitForSingleObject
GetVersionExA
SystemTimeToFileTime
ExitProcess
GetFileAttributesA
RaiseException
GetCurrentProcess
QueryPerformanceCounter
GetTickCount
HeapCreate
IsBadWritePtr
GetACP
GetOEMCP
GetCPInfo
TlsAlloc
MultiByteToWideChar
SetUnhandledExceptionFilter
GetStartupInfoA
GetEnvironmentStringsW
InitializeCriticalSection
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetSystemInfo
IsBadReadPtr
IsBadCodePtr
GetVersion
GetProcAddress

user32

wsprintfA
GetKeyboardLayout
PostMessageW
SetWindowPos
GetSystemMetrics
LoadCursorA
CheckMenuItem
GetCapture
RegisterClassExA
ShowCaret
InsertMenuItemW
EnableMenuItem
AppendMenuW
UnregisterClassA
GetMenuInfo
LoadImageA
CharLowerA
SetWindowTextW
LoadMenuA
SetDlgItemInt
InsertMenuA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey
GetUserNameA
InitializeSecurityDescriptor
GetSidLengthRequired
InitializeAcl
InitializeSid
GetSidSubAuthority
AddAccessAllowedAce
SetSecurityDescriptorDacl
IsValidSecurityDescriptor

ole32

CoInitializeEx
CoUninitialize
CoCreateInstance

oleaut32

SysFreeString
SysAllocStringByteLen

cfgmgr32

CM_Free_Log_Conf
CM_Next_Range

gdi32

CreateEllipticRgn
SelectBrushLocal
CreateFontIndirectA
RemoveFontResourceA
CreatePen
AddFontResourceW
CreateScalableFontResourceA
UpdateICMRegKeyA
CreateBitmap
CreateICW

Sections

CODE
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

CODE
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rWYfm
Size: 104KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 282KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ATgjp
Size: 113KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d8ab85665373bd3ad3df0c3cf9ed53d6

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

cfgmgr32

gdi32

Sections

CODE Size: 7KB - Virtual size: 6KB

CODE Size: 14KB - Virtual size: 16KB

.rdata Size: 3KB - Virtual size: 3KB

.rWYfm Size: 104KB - Virtual size: 108KB

.data Size: 6KB - Virtual size: 282KB

.ATgjp Size: 113KB - Virtual size: 129KB

.rsrc Size: 9KB - Virtual size: 8KB

CODE
Size: 7KB - Virtual size: 6KB

CODE
Size: 14KB - Virtual size: 16KB

.rdata
Size: 3KB - Virtual size: 3KB

.rWYfm
Size: 104KB - Virtual size: 108KB

.data
Size: 6KB - Virtual size: 282KB

.ATgjp
Size: 113KB - Virtual size: 129KB

.rsrc
Size: 9KB - Virtual size: 8KB