2453f99cc947ab7494616be4ee004cba_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2453f99cc947ab7494616be4ee004cba_JaffaCakes118
Size

168KB
MD5

2453f99cc947ab7494616be4ee004cba
SHA1

fb053739f898c19d63d410d4e74070b4717973b8
SHA256

188df440d3643e58c7f6c6308fdd37debb7f0f409515fd76e8182e7c91963b79
SHA512

9e503294e556a49c31cedb7f00072d13666ea4006c5f86f67ad8305ad759cc6cc610a372dcd3e63952534434364f53f2a4d4dc086b2ad76064681e6e4a794848
SSDEEP

3072:759ExQ3AjaTEcGPDQbDgqKGdV707Y3XUfFYeGw+ZgDGhOQiNX3ZHcqpKqn2jNwmq:759XAB7QQ7y7KiBeGw+GDa76XeqC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2453f99cc947ab7494616be4ee004cba_JaffaCakes118

Files

2453f99cc947ab7494616be4ee004cba_JaffaCakes118
.dll windows:4 windows x86 arch:x86

246c59cdecfde3a754f4a06a734c018b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

Sleep
IsBadReadPtr
GetThreadLocale
VirtualQuery
GetFileType
FindResourceA
GetProcAddress
FreeResource
SetLastError
GetSystemDefaultLangID
lstrcmpA
SetFilePointer
VirtualAllocEx
SetEvent
MoveFileExA
GetCurrentProcess
FindFirstFileA
lstrcatA
SetErrorMode
LoadLibraryA
ExitProcess
GetCommandLineW
GetCurrentThread
GetModuleHandleA
ExitThread
FreeLibrary
LockResource
lstrlenA
GetStringTypeA
FormatMessageA
EnumCalendarInfoA
GetDiskFreeSpaceA
SetThreadLocale
VirtualFree
GetFullPathNameA
GlobalFindAtomA
lstrcmpiA
lstrcpyA
SetEndOfFile
InitializeCriticalSection
FindClose
GlobalAddAtomA
RaiseException
LoadResource
LocalAlloc
ResetEvent
CloseHandle
GetLocalTime
GetLastError
DeleteCriticalSection
MulDiv
GetModuleHandleW
HeapAlloc
CreateFileA
GetUserDefaultLCID
HeapDestroy
GetCurrentProcessId
GetFileSize
GetTickCount
ReadFile
GetLocaleInfoA
GetModuleFileNameA

msvcrt

memmove
calloc
wcscspn
wcstol
tolower

user32

SetMenu
InsertMenuItemA
GetActiveWindow
GetMenu
GetSystemMetrics
GetKeyboardLayoutNameA
SetClassLongA
EndDialog
GetIconInfo
CharNextW
IsWindowUnicode
ReleaseDC
SendMessageW
IsDialogMessageA
OpenIcon
GetCapture
LoadCursorA
UnregisterClassA
CreateMenu
GetMessagePos
SetClipboardData
DrawIconEx
IsCharLowerA
GetWindow
IsRectEmpty
OffsetRect
IsWindow
ScrollWindow
GetCursor
RegisterClassA
FindWindowA
EndPaint
SetRect
GetClassNameA
GetKeyboardState
DestroyIcon
GetWindowTextA
EmptyClipboard
GetWindowRect
EqualRect
GetMenuItemInfoA
PeekMessageW
SetScrollInfo
CallNextHookEx
GetScrollRange
GetKeyState
DestroyMenu
EnumThreadWindows
GetWindowDC
GetMenuState
ShowWindow
EnableScrollBar
SendMessageA
WaitMessage
WindowFromPoint
DrawEdge
EnumChildWindows
SetTimer
SetForegroundWindow
GetClipboardData
IsDlgButtonChecked

gdi32

GetBkMode
SaveDC
GetBkColor
LineTo

Exports

Exports

_8v8zHa

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 148KB - Virtual size: 324KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

246c59cdecfde3a754f4a06a734c018b

Headers

File Characteristics

Imports

kernel32

msvcrt

user32

gdi32

Exports

Exports

Sections

.text Size: 9KB - Virtual size: 9KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 148KB - Virtual size: 324KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 9KB - Virtual size: 9KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 148KB - Virtual size: 324KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB