221f269ee73765f4da008a5138576d3c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

221f269ee73765f4da008a5138576d3c_JaffaCakes118
Size

3.3MB
MD5

221f269ee73765f4da008a5138576d3c
SHA1

ed16eb183c7cd20850afb0a00f3b2a4ef7dc0da9
SHA256

d54592fe796ce740ab478679a3b3a969b2a794ec55382e6f9dbd9fd77567cd69
SHA512

dee2fef87efa5126c1a3583ece8ea4dae004017336cb4d8c3c3a7c6420a072a678707778f8673341331c112e6a302a6bc1d707ba1da5694e4ab05664359973f6
SSDEEP

49152:PDTq4ssOz/c2jjY/5YHny6JCc01gAJmtjgUkilL+82cc8LBfj3:PjfWc2Y/eHPhfkEjgFS5LBb3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
221f269ee73765f4da008a5138576d3c_JaffaCakes118

Files

221f269ee73765f4da008a5138576d3c_JaffaCakes118
.dll windows:4 windows x86 arch:x86

37827d1288d560954ef3d49fe72628af

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FormatMessageA
MulDiv
CompareStringA
HeapAlloc
HeapFree
SetFileTime
SetLastError
SetErrorMode
GetProcessHeap
GetModuleHandleA
GetSystemDirectoryA
GetLastError
GetVersionExA
Sleep
FindFirstFileA
GetTickCount
CreateFileA
SetFilePointer
GetThreadPriority
GetPriorityClass
SetPriorityClass
VirtualFree
VirtualAlloc
GetProcAddress
FindNextFileA
ReadFile
GetCurrentThread
FindClose
SetThreadPriority
FreeConsole
GetModuleFileNameA
GetFileSize
SetFileAttributesA
GetCurrentProcess
DeviceIoControl
GetWindowsDirectoryA
WriteFile
CreateDirectoryA
ExitProcess
CloseHandle

user32

CopyRect
CreateWindowExA
GetSystemMetrics
AdjustWindowRectEx
SetWindowLongA
GetWindowLongA
SetWindowRgn
ReleaseDC
GetDC
DestroyWindow
MessageBoxA
LoadCursorA
RegisterClassA
CallWindowProcA
ReleaseCapture
SetCapture
DrawFrameControl
BeginPaint
EndPaint
DefWindowProcA
GetDlgCtrlID
UnregisterClassA
IntersectRect
SetRect
DrawTextA
PtInRect
GetWindowRgn
SetWindowPos
IsWindowVisible
GetCapture
GetMessageA
ShowWindow
SetActiveWindow
TranslateMessage
DispatchMessageA
PostMessageA
InvalidateRect
UpdateWindow
GetSysColor
LoadStringA
GetKeyState
ExitWindowsEx
SetFocus
SendMessageA
OffsetRect
IsRectEmpty
FillRect

gdi32

DeleteObject
SetTextColor
SetBkMode
CreateRectRgnIndirect
BitBlt
SetBkColor
SelectObject
DeleteDC
CreateCompatibleBitmap
GetObjectA
CombineRgn
CreateRectRgn
CreateBrushIndirect
CreateDIBSection
GdiFlush
PtInRegion
CreateCompatibleDC
CreateFontIndirectA

advapi32

RegCreateKeyA
RegOpenKeyA
RegCloseKey
ControlService
StartServiceA
OpenServiceA
CloseServiceHandle
OpenSCManagerA
CreateServiceA
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sforce
Size: 20KB - Virtual size: 3.6MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 816B - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

37827d1288d560954ef3d49fe72628af

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

version

Sections

.text Size: - Virtual size: 18KB

.sforce Size: 20KB - Virtual size: 3.6MB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: - Virtual size: 1KB

.rsrc Size: 816B - Virtual size: 21KB

.text
Size: - Virtual size: 18KB

.sforce
Size: 20KB - Virtual size: 3.6MB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: - Virtual size: 1KB

.rsrc
Size: 816B - Virtual size: 21KB