2ba1baf7d56d2ec477501e91574aad07_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2ba1baf7d56d2ec477501e91574aad07_JaffaCakes118
Size

195KB
MD5

2ba1baf7d56d2ec477501e91574aad07
SHA1

3037b83d22e8712dd4431022ebf6826722c79b4e
SHA256

fe5d1fb555ac90c7ca3c98667276d7f26eff3fa99e9f5a635fca951948f4b58c
SHA512

a333f14d014f04d8e10516cfbc9cbe777688a4ddbd1d7b1a289c87f0048064f2ccc5dbdc1b42de17710ddfc84e6a587c3b89ad3ecdc1c989b94cc79524685a02
SSDEEP

3072:Nu3PaY0lb9wDUfoTnIQiJOLqlhiOqojW9akPpLiTUYj+AtEMYaTKp8BW:NS0lb9IUfwpelhgD/m+kYZp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ba1baf7d56d2ec477501e91574aad07_JaffaCakes118

Files

2ba1baf7d56d2ec477501e91574aad07_JaffaCakes118
.dll windows:4 windows x86 arch:x86

2ee1a1e869d2cc464adeeddf3b623d83

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegCloseKey
RegDeleteKeyA
RegEnumKeyExA
RegOpenKeyExA
RegQueryValueExA
GetUserNameW
CloseEncryptedFileRaw
CryptDestroyHash
GetEventLogInformation
GetMultipleTrusteeA
ReadEventLogA
RegSetValueA
SetTraceCallback
ElfDeregisterEventSource
GetSecurityDescriptorGroup
InstallApplication
RegOpenKeyExW
RegQueryValueExW

gdi32

GetObjectA
GetRegionData
GetPaletteEntries
TranslateCharsetInfo
GetMetaRgn
DeleteObject

kernel32

DeleteCriticalSection
DisableThreadLibraryCalls
EnterCriticalSection
GetCurrentProcess
GetModuleFileNameA
GetModuleHandleA
HeapDestroy
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
LeaveCriticalSection
MultiByteToWideChar
Process32First
ReadConsoleOutputCharacterW
SetUnhandledExceptionFilter
TerminateProcess
UnhandledExceptionFilter
WideCharToMultiByte
lstrcmpA
lstrcmpiA
lstrcpyA
lstrlenA
lstrlenW
CancelIo
CloseHandle
FreeLibrary
GetCurrentThreadId
GetLastError
GetOverlappedResult
GetProcAddress
GetTickCount
GetVersionExW
GlobalAlloc
GlobalFree
ReleaseMutex
ResetEvent
SetEndOfFile
SetEvent
SetLastError
Sleep
WaitForSingleObject
lstrcatW
lstrcmpW
lstrcpynA
lstrcpynW
VirtualAlloc
CompareStringW
CopyFileA
DebugBreak
EnumResourceTypesA
FormatMessageW
FreeEnvironmentStringsA
GetAtomNameA
GetSystemDirectoryW
GlobalReAlloc
InterlockedCompareExchange
LoadLibraryW
LocalAlloc
LocalFree
RaiseException
WriteConsoleOutputCharacterW
LoadResource
FindResourceA
GetCurrentProcessId
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
InterlockedExchange
OutputDebugStringA
QueryPerformanceCounter
UnlockFile
CompareStringA
GetTimeZoneInformation
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
GetLocaleInfoW
GetLocaleInfoA
HeapSize
RtlUnwind
HeapReAlloc
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
LoadLibraryA
SetConsoleCtrlHandler
IsDebuggerPresent
FatalAppExitA
WriteFile
VirtualFree
HeapCreate
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
ExitProcess
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
GetCurrentThread
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetEnvironmentStrings
SetEnvironmentVariableA

ole32

CreateObjrefMoniker
StringFromCLSID
CoTaskMemFree
CoCreateInstance
CLSIDFromString
OleBuildVersion

oleaut32

VariantClear
VariantTimeToDosDateTime
VarI1FromDisp

rpcrt4

RpcBindingVectorFree
I_UuidCreate
NdrMesSimpleTypeEncode
RpcEpRegisterNoReplaceA
RpcObjectSetInqFn

user32

CreateDialogParamA
DeregisterShellHookWindow
LoadStringA
RegisterClipboardFormatA
SetRect
CharLowerBuffW
CharToOemBuffW
CharUpperBuffA
IsIconic
LoadStringW
EnumThreadWindows

Exports

Exports

kubmq

Sections

.text
Size: 146KB - Virtual size: 145KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2ee1a1e869d2cc464adeeddf3b623d83

Headers

File Characteristics

Imports

advapi32

gdi32

kernel32

ole32

oleaut32

rpcrt4

user32

Exports

Exports

Sections

.text Size: 146KB - Virtual size: 145KB

.rdata Size: 13KB - Virtual size: 13KB

.data Size: 28KB - Virtual size: 31KB

.reloc Size: 6KB - Virtual size: 6KB

.text
Size: 146KB - Virtual size: 145KB

.rdata
Size: 13KB - Virtual size: 13KB

.data
Size: 28KB - Virtual size: 31KB

.reloc
Size: 6KB - Virtual size: 6KB