2233a32af389b39ad89b434f571b40fd_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2233a32af389b39ad89b434f571b40fd_JaffaCakes118
Size

1.1MB
MD5

2233a32af389b39ad89b434f571b40fd
SHA1

38f77b2c786cbff545011c3d80b221aee0ca2ab5
SHA256

dda36ba717ff441b5399f9548c59bd6c990e5eb84a823cdd5358f01ef2947a08
SHA512

7aaadef15febff83088bf4250615d17a422f3b0b66ddf8499a726296cc07f52be0b91f4085eefedae0a6dcf0bc5f40a6a662e3df036cdc14601d964b2739c2e1
SSDEEP

24576:dQkuoSdSANLklFaVJqoJRZGAMQ5NJzdFOlFs09qA8La:dQRoWmi4aEh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2233a32af389b39ad89b434f571b40fd_JaffaCakes118

Files

2233a32af389b39ad89b434f571b40fd_JaffaCakes118
.dll windows:4 windows x86 arch:x86

5a3142182ade9786912aa0854f71246c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32 kernel32

GetLastError �

kernel32

GetLastError
VirtualFree
VirtualQuery
VirtualAlloc
SetLastError
GetFileSize
GetModuleFileNameA
OpenFileMappingA
lstrlenA
LoadLibraryA
VirtualProtectEx
VirtualProtect
OpenProcess
TerminateProcess
GetCurrentProcessId
GetModuleHandleA
GetProcAddress
CreateFileA
CreateFileMappingA
CloseHandle
MapViewOfFile
UnmapViewOfFile
Sleep
lstrcpyA
CreateToolhelp32Snapshot
Thread32First
Thread32Next
DeleteFileA
GetComputerNameA
InterlockedExchange
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetEndOfFile
GetOEMCP
GetACP
GetCPInfo
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
RtlUnwind
RaiseException
HeapFree
HeapAlloc
GetTimeZoneInformation
GetSystemTime
GetLocalTime
CreateThread
GetCurrentThreadId
TlsSetValue
TlsGetValue
ExitThread
ExitProcess
GetCurrentProcess
GetCommandLineA
GetVersion
HeapReAlloc
HeapSize
TlsAlloc
TlsFree
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
SetUnhandledExceptionFilter
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
IsBadWritePtr
ReadFile
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
SetFilePointer
WriteFile
UnhandledExceptionFilter
InterlockedDecrement
InterlockedIncrement
FlushFileBuffers
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
MultiByteToWideChar

user32

PostMessageA
wsprintfA
AttachThreadInput
UpdateWindow
GetWindowThreadProcessId
EndDialog
MoveWindow
ShowWindow
GetDesktopWindow
DialogBoxParamA
UnregisterHotKey
RegisterHotKey
SetTimer
KillTimer

msvcrt

_access
_strlwr
fputwc
ungetwc
fgetwc
isdigit
isalpha
rename

iphlpapi

GetAdaptersInfo

shell32

SHGetFolderPathA

Exports

Exports

A
A1
A2
A3
AA
AX
CRS

Sections

.text
Size: 580KB - Virtual size: 580KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 15KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 530KB - Virtual size: 532KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5a3142182ade9786912aa0854f71246c

Headers

File Characteristics

Imports

kernel32 kernel32

kernel32

user32

msvcrt

iphlpapi

shell32

Exports

Exports

Sections

.text Size: 580KB - Virtual size: 580KB

Size: 15KB - Virtual size: 20KB

Size: 530KB - Virtual size: 532KB

Size: 512B - Virtual size: 4KB

Size: 4KB - Virtual size: 4KB

.text
Size: 580KB - Virtual size: 580KB