2dfe2482ca41ced304ade3772709727c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2dfe2482ca41ced304ade3772709727c_JaffaCakes118
Size

218KB
MD5

2dfe2482ca41ced304ade3772709727c
SHA1

d0fbcb14dac18e8f01ad770b2fa22466adfb1499
SHA256

f3e928ac70ae99f1a796134b7aa6bf9c47a846a26f5a0c009781d28dc5601258
SHA512

3ed9e14668cfd4c0a05d0805daa88a8c5d453232d6bbb6817075f89afc8a06d93c5f210baa4e0d7fac04627fceb8c596265835544fffbe8256fa66898c217517
SSDEEP

3072:JQx0fsIgpjDlUp8c755aRoM8em/c0cq7X6nGI/8Nvg:O2svpjZzc950oM8xl6Gh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
2dfe2482ca41ced304ade3772709727c_JaffaCakes118

Files

2dfe2482ca41ced304ade3772709727c_JaffaCakes118
.exe windows:5 windows x86 arch:x86

5e28222ad5eadae7f3e0d253a5830ac3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

EndPaint
IsWindow
DrawIconEx
CallWindowProcW
SetWindowLongW
GetWindowLongW
GetDlgItem
GetParent
SetCapture
GetCapture
ReleaseCapture
PostMessageW
UpdateWindow
InvalidateRect
OffsetRect
PtInRect
ScreenToClient
GetCursorPos
BeginPaint
SendMessageW
DefWindowProcW
GetWindowRect
PostQuitMessage
GetDC
ReleaseDC
IsDialogMessageW
GetClientRect
MoveWindow
CopyRect
DestroyWindow
LoadImageW
DestroyIcon
LoadBitmapW
GetSystemMetrics
TrackPopupMenu
DestroyMenu
DrawStateW
SetMenuItemInfoW
CheckMenuItem
AppendMenuW
CreatePopupMenu
IsWindowVisible
ExitWindowsEx
wsprintfW
RegisterWindowMessageW
GetWindowTextLengthW
GetWindowTextW
SetWindowTextW
GetWindowDC
CreateAcceleratorTableW
GetFocus
DestroyAcceleratorTable
GetClassNameW
IsChild
InvalidateRgn
ClientToScreen
GetSysColor
RegisterClassExW
CharNextW
PeekMessageW
GetMessageW
TranslateMessage
GetActiveWindow
SetWindowRgn
SetWindowPos
FindWindowW
GetKeyboardState
keybd_event
GetForegroundWindow
GetWindowThreadProcessId
AttachThreadInput
SetForegroundWindow
SetActiveWindow
SetFocus
MonitorFromPoint
GetMonitorInfoW
MessageBoxW
GetClassLongW
FillRect
SetTimer

kernel32

FindFirstFileW
RtlUnwind
GetTickCount
GetEnvironmentStrings
FreeEnvironmentStringsA
GetTimeZoneInformation
WideCharToMultiByte
IsDebuggerPresent
GetVersionExA
GetCommandLineA
InterlockedDecrement
InterlockedIncrement
GetSystemTimeAsFileTime
WritePrivateProfileStringW
MoveFileW
GetEnvironmentVariableW
lstrlenA
CreateFileA
SetFilePointer
SetFileAttributesW
RemoveDirectoryW
SetFileTime
SetEndOfFile
GetStdHandle
GetLogicalDriveStringsW
EnterCriticalSection
ResumeThread
OpenEventA
DuplicateHandle
CreateSemaphoreA
CancelIo
DisconnectNamedPipe
GetOverlappedResult
CreateNamedPipeW
ConnectNamedPipe
SetNamedPipeHandleState
PeekNamedPipe
LeaveCriticalSection
LoadResource
FindResourceW
SizeofResource
LockResource
FreeResource
MulDiv
GetLastError
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GetCurrentThreadId
CloseHandle
WaitForSingleObject
CreateEventW
OpenProcess
lstrcmpiA
lstrcmpA
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetStdHandle
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
ExpandEnvironmentStringsW
EnumSystemLocalesA
GetUserDefaultLCID
GetLocaleInfoA
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetStringTypeA
QueryPerformanceCounter
GetStartupInfoA
GetFileType
SetHandleCount
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcAddress
GetSystemDirectoryW
ExitThread
FlushInstructionCache
DeleteFileW
GlobalReAlloc
lstrlenW
LoadLibraryA
QueryDosDeviceW
RaiseException
ReleaseMutex
GetExitCodeProcess
GetModuleHandleW
GetVersionExW
FindResourceExW
MultiByteToWideChar
GetVersion
GetCurrentProcess
LocalFree
GetModuleFileNameW
GetCommandLineW
FreeConsole
GetCurrentProcessId
CreateRemoteThread
CreateMutexW
Sleep
GetModuleHandleA
LoadLibraryW
ReadFile
CreateFileW
LocalAlloc
InitializeCriticalSection
FreeLibrary
DeleteCriticalSection
GetDriveTypeW
CreateDirectoryW
CreateProcessW
SetLastError
GetDiskFreeSpaceExW
IsValidLocale
GetFileSize
GetUserDefaultUILanguage
GetTempFileNameW
CopyFileW
WriteFile
ProcessIdToSessionId
lstrcpyW
GetFileAttributesW
MoveFileExW
DeviceIoControl
FindNextFileW
FindClose
lstrcmpiW
GetLocaleInfoW
GetFullPathNameW
lstrcmpW
LoadLibraryExW
GetACP
SetEvent
ExitProcess
CreateThread
GetModuleFileNameA
TerminateThread
GlobalFindAtomW
TerminateProcess
OpenMutexW
GetSystemTime
SystemTimeToFileTime
WaitForMultipleObjects
ResetEvent
CreateEventA
GetSystemWindowsDirectoryW
GetVolumeInformationW
VirtualFree
VirtualAlloc
ReleaseSemaphore
HeapFree
GetProcessHeap
HeapAlloc
IsProcessorFeaturePresent
HeapDestroy
HeapReAlloc
HeapSize
LocalFileTimeToFileTime
SetFilePointerEx
GetFileSizeEx
OutputDebugStringW
FormatMessageW
TlsGetValue
TlsSetValue
GetAtomNameW
OpenThread
AddAtomW
TlsAlloc
FindAtomW
DeleteAtom
TlsFree
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GlobalMemoryStatusEx
GetCPInfo
LCMapStringA
LCMapStringW
GetStringTypeW
HeapCreate
GetOEMCP
IsValidCodePage
GetTimeFormatA
GetDateFormatA

Sections

.text
Size: 111KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 47KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5e28222ad5eadae7f3e0d253a5830ac3

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

Sections

.text Size: 111KB - Virtual size: 111KB

.rdata Size: 93KB - Virtual size: 92KB

.data Size: 5KB - Virtual size: 47KB

.rsrc Size: 7KB - Virtual size: 7KB

.text
Size: 111KB - Virtual size: 111KB

.rdata
Size: 93KB - Virtual size: 92KB

.data
Size: 5KB - Virtual size: 47KB

.rsrc
Size: 7KB - Virtual size: 7KB