2df9dd06d8e06a583b2ebde090d758b4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2df9dd06d8e06a583b2ebde090d758b4_JaffaCakes118
Size

88KB
MD5

2df9dd06d8e06a583b2ebde090d758b4
SHA1

1b96ca24c1f07198d98fffe9d7ff231130c4f872
SHA256

ce5b6b60d90cddaacba41722cc6c94d91eda35c45b2c493a69a6bdeca57e3816
SHA512

d78be1df7b0fae6f2c22a9d8c84daa931161e9a2f4fb6b8656524e1f8c19ed4b251f7ad925545ea6dc270ebbcfcb0660d5b28fc1fccac30d7bb4afbdf4a86c0d
SSDEEP

768:zawJgVjiSS6JgDheaohFbHH7vw600LtPTuIn9fgQ4p8fceiakxxBVg0jXHR2gTCz:zaTJCejhFbbD00Ltb9aXy07ak7bR+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2df9dd06d8e06a583b2ebde090d758b4_JaffaCakes118

Files

2df9dd06d8e06a583b2ebde090d758b4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

de6e3946bf8eaab9ca7c989764227c1f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetLastError
VirtualProtect
CloseConsoleHandle
GetNumberOfConsoleFonts
GetNextVDMCommand
GetDefaultCommConfigW
AddAtomA
GetEnvironmentVariableW
lstrcpy
GetLocaleInfoA
FlushFileBuffers
GetProcessPriorityBoost
VirtualUnlock
EndUpdateResourceA
GetVersionExA
SetInformationJobObject

user32

SetKeyboardState
UserHandleGrantAccess
SetSysColorsTemp
DdeQueryConvInfo
IMPGetIMEA
DdeAddData
SystemParametersInfoA
TranslateMDISysAccel
GetNextDlgTabItem
ScreenToClient
EnumDesktopWindows
MessageBoxIndirectA
FindWindowA
ValidateRect
TranslateAcceleratorA
CreateDialogParamA
CallMsgFilterW
MapVirtualKeyA
BlockInput
LoadBitmapW
SendIMEMessageExW
LoadMenuIndirectA
TileChildWindows
GetWindowDC
DispatchMessageW
LoadIconA
SetShellWindowEx
HideCaret
DrawStateA
GetWindowModuleFileName
UnregisterClassA
InsertMenuItemW
SetDlgItemTextA
CliImmSetHotKey

gdi32

PolyTextOutA
CombineRgn
GdiEntry11
CreateDIBPatternBrush
PATHOBJ_vEnumStart
GdiProcessSetup
CreateDIBitmap
GdiEndPageEMF
StretchDIBits
SetMapperFlags
CloseMetaFile
ResetDCA
EngStretchBltROP
GdiPlayEMF
EnumObjects
CLIPOBJ_bEnum
EngPaint
EnumFontFamiliesA
GetMiterLimit
GetBkColor
EngCreateClip
GetMetaFileBitsEx
GetPolyFillMode
XLATEOBJ_piVector
GetTextExtentExPointA
GdiInitSpool
GdiIsMetaPrintDC

comdlg32

GetFileTitleW
PageSetupDlgA
PrintDlgExW
GetSaveFileNameW
GetOpenFileNameW
ChooseFontA
ChooseColorA
ReplaceTextA
CommDlgExtendedError
dwLBSubclass
PrintDlgA
Ssync_ANSI_UNICODE_Struct_For_WOW
FindTextW

psapi

QueryWorkingSet
GetModuleFileNameExW
EnumProcessModules
GetDeviceDriverFileNameA
GetModuleBaseNameW
GetProcessMemoryInfo
GetModuleBaseNameA
GetMappedFileNameW
GetWsChanges
EnumProcesses
GetDeviceDriverBaseNameA
GetMappedFileNameA
EnumDeviceDrivers
GetDeviceDriverBaseNameW
GetModuleInformation
GetModuleFileNameExA
EmptyWorkingSet
GetDeviceDriverFileNameW

comctl32

ImageList_DragEnter
ImageList_DrawIndirect
ImageList_Write
CreatePropertySheetPageA
MakeDragList
PropertySheetW
CreateMappedBitmap
ImageList_SetFlags
DestroyPropertySheetPage
FlatSB_SetScrollProp
DrawStatusTextW
FlatSB_SetScrollInfo
DrawStatusText
ImageList_SetDragCursorImage
ImageList_DragMove
CreateToolbarEx
ImageList_Merge
GetMUILanguage
CreateStatusWindowW
InitializeFlatSB
ImageList_ReplaceIcon
FlatSB_GetScrollProp

Sections

.text
Size: 4KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 32KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 51KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

de6e3946bf8eaab9ca7c989764227c1f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

psapi

comctl32

Sections

.text Size: 4KB - Virtual size: 44KB

.data Size: 32KB - Virtual size: 36KB

.idata Size: 51KB - Virtual size: 72KB

.text
Size: 4KB - Virtual size: 44KB

.data
Size: 32KB - Virtual size: 36KB

.idata
Size: 51KB - Virtual size: 72KB