f2cfe890aefce18d45bdc65687bc6dab_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f2cfe890aefce18d45bdc65687bc6dab_JaffaCakes118
Size

5.8MB
MD5

f2cfe890aefce18d45bdc65687bc6dab
SHA1

c7b8eb014405770c156d39c6c7adfb09194bad78
SHA256

ec124a69d84320f700bc5b1f99ccaac586676e32337d37a299bbf2abb92f56c4
SHA512

9eb112356cc222ee168f98904a98b359fd4c099b6579df327bbfcd560d3f10fbacffaaa02b245c237b6d7ba1288f895834ec732e087ceccb7da41d03238eb990
SSDEEP

98304:UWDEhGabl/RiV9I0UY4M/kOOfnajJ0txZ3qypaOI8fITZAFVyhs7G8miVMGYbCXe:UekhbliImdJ0HZ6ypTfI6tyzGS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f2cfe890aefce18d45bdc65687bc6dab_JaffaCakes118

Files

f2cfe890aefce18d45bdc65687bc6dab_JaffaCakes118
.dll windows:5 windows x86 arch:x86

eac588c68a744e9c0dc4b7b2ea66ac5a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

winmm

PlaySoundW

wininet

FindFirstUrlCacheEntryW

winspool.drv

DocumentPropertiesW

comctl32

ImageList_GetImageInfo

shell32

SHGetSpecialFolderLocation

user32

DdeSetUserHandle
GetUserObjectInformationW
GetProcessWindowStation
GetUserObjectInformationW

version

GetFileVersionInfoSizeW

oleaut32

GetErrorInfo

advapi32

RegSetValueExW

netapi32

NetWkstaGetInfo

msvcrt

memcpy

winhttp

WinHttpGetIEProxyConfigForCurrentUser

kernel32

GetVersion
GetVersionExW
VirtualQuery
LocalAlloc
LocalFree
GetModuleFileNameW
GetProcessAffinityMask
SetProcessAffinityMask
SetThreadAffinityMask
Sleep
ExitProcess
FreeLibrary
LoadLibraryA
GetModuleHandleA
GetProcAddress

shfolder

SHGetFolderPathW

wsock32

gethostbyaddr

ole32

OleRegEnumVerbs

gdi32

Pie

ntdll

RtlCompressBuffer

wtsapi32

WTSSendMessageW

Exports

Exports

TMethodImplementationIntercept
__dbk_fcall_wrapper
dbkFCallWrapperAddr
yvdzVvgJBq21Q4Vj08nD40

Sections

niJf*H@H
Size: - Virtual size: 4.5MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

OP?1f4*^
Size: - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

eSBGFc)
Size: - Virtual size: 78KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

fV)R2mw
Size: - Virtual size: 36KB

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

'_$]l6
Size: - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

(sHV;tOw
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

=d6aph:2
Size: - Virtual size: 192B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

:PDwLi15
Size: - Virtual size: 69B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

?Mc4k4eF
Size: - Virtual size: 2.6MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

UuS^^.1@
Size: 5.8MB - Virtual size: 5.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

%1GpCvVB
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

]BFnu[
Size: 1024B - Virtual size: 624B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

eac588c68a744e9c0dc4b7b2ea66ac5a

Headers

File Characteristics

Imports

winmm

wininet

winspool.drv

comctl32

shell32

user32

version

oleaut32

advapi32

netapi32

msvcrt

winhttp

kernel32

shfolder

wsock32

ole32

gdi32

ntdll

wtsapi32

Exports

Exports

Sections

niJf*H@H Size: - Virtual size: 4.5MB

OP?1f4*^ Size: - Virtual size: 10KB

eSBGFc) Size: - Virtual size: 78KB

fV)R2mw Size: - Virtual size: 36KB

'_$]l6 Size: - Virtual size: 17KB

(sHV;tOw Size: - Virtual size: 3KB

=d6aph:2 Size: - Virtual size: 192B

:PDwLi15 Size: - Virtual size: 69B

?Mc4k4eF Size: - Virtual size: 2.6MB

UuS^^.1@ Size: 5.8MB - Virtual size: 5.8MB

%1GpCvVB Size: 1KB - Virtual size: 1KB

]BFnu[ Size: 1024B - Virtual size: 624B

niJf*H@H
Size: - Virtual size: 4.5MB

OP?1f4*^
Size: - Virtual size: 10KB

eSBGFc)
Size: - Virtual size: 78KB

fV)R2mw
Size: - Virtual size: 36KB

'_$]l6
Size: - Virtual size: 17KB

(sHV;tOw
Size: - Virtual size: 3KB

=d6aph:2
Size: - Virtual size: 192B

:PDwLi15
Size: - Virtual size: 69B

?Mc4k4eF
Size: - Virtual size: 2.6MB

UuS^^.1@
Size: 5.8MB - Virtual size: 5.8MB

%1GpCvVB
Size: 1KB - Virtual size: 1KB

]BFnu[
Size: 1024B - Virtual size: 624B