2c255ffe0679186ed0e4b88f22c37ef4_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2c255ffe0679186ed0e4b88f22c37ef4_JaffaCakes118
Size

248KB
MD5

2c255ffe0679186ed0e4b88f22c37ef4
SHA1

5e9376a3c77b5e1cc03e73601c8d5882706c1e67
SHA256

ce9da4d509fb395a1917d74d645820929c78171937edec66a1ed36a41e4b534c
SHA512

1554f427f43c8fef5e4668a4a391758ef3c7c793baeafeb50974d7be124b4db4dbf6f9a1a1b1fc9a5e713522a1d70a43b989e4c4bd3a05446bae70d3c61d91aa
SSDEEP

6144:SuWFggNrrgkkeqPEaGp6e6XjrzXtMEFB:qFggXk1PEaZeCXOE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c255ffe0679186ed0e4b88f22c37ef4_JaffaCakes118

Files

2c255ffe0679186ed0e4b88f22c37ef4_JaffaCakes118
.dll windows:4 windows x86 arch:x86

f40ebea8cab06335ae9cc1a10b65ee1c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ole32

OleRegGetUserType
OleUninitialize
ReleaseStgMedium
StgCreateDocfileOnILockBytes
StringFromCLSID
OleInitialize
IsEqualGUID
CreateILockBytesOnHGlobal
CLSIDFromString

advapi32

RegQueryValueExW
RegQueryValueExA
RegOpenKeyExW
RegOpenKeyExA
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
RegSetValueExW

user32

WinHelpW
UpdateWindow
SetRect
SetFocus
SetCursor
SendMessageW
SendMessageTimeoutW
SendDlgItemMessageW
PeekMessageW
OffsetRect
LoadMenuW
LoadIconW
GetNextDlgTabItem
GetMonitorInfoW
GetDC
GetActiveWindow
FindWindowW
EnableWindow
DefWindowProcW
CharToOemBuffA
CallNextHookEx

shell32

DragFinish
ShellExecuteExW
ShellAboutW
SHGetSpecialFolderPathW
SHGetSettings
DragQueryFileW

gdi32

GetDeviceCaps
GetObjectW
GetPaletteEntries
GetStockObject
GetTextColor
GetTextExtentPoint32W
GetTextMetricsW
GetBkColor
Rectangle
ExtTextOutW
Escape
DeleteObject
DPtoLP
CreateSolidBrush
CreatePen
CreateICW
CreateFontIndirectW
CreateDCW
CreateCompatibleDC
RectVisible
ScaleWindowExtEx
SelectObject
SetBkMode
PtVisible
SetDCBrushColor
SetTextColor
TextOutW

kernel32

ExitProcess
DeleteAtom
CreateFileW
CreateEventW
GetCommandLineA
GetCurrentThreadId
GetDateFormatW
GetModuleHandleA
GetSystemTimeAsFileTime
GetUserDefaultLCID
GetVersionExA
GlobalAddAtomW
GlobalAlloc
GlobalFree
GlobalGetAtomNameW
HeapAlloc
HeapCreate
InterlockedIncrement
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
MulDiv
MultiByteToWideChar
SetThreadPriority
SetUnhandledExceptionFilter
TerminateProcess
lstrcmpW
lstrlenW
GetLastError
AddAtomW

comdlg32

GetOpenFileNameW
CommDlgExtendedError
ChooseFontW
GetSaveFileNameW

msvcrt

memmove
_wcsdup
setlocale
wcscmp
wcscoll
exit
wcstod
_XcptFilter
__CxxFrameHandler
__dllonexit
__p__commode
__p__fmode
__set_app_type
__setusermatherr
__wgetmainargs
_adjust_fdiv
_c_exit
_cexit
_controlfp
_initterm
_onexit

shlwapi

PathFindFileNameW

Exports

Exports

AddPicture2
D3D9UnregisterResource
DevelopNomalPosToLogPos
EnumDevicePropertyReset
GetSymbolAddress
IsSupportParamItem

Sections

.text
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f40ebea8cab06335ae9cc1a10b65ee1c

Headers

File Characteristics

Imports

ole32

advapi32

user32

shell32

gdi32

kernel32

comdlg32

msvcrt

shlwapi

Exports

Exports

Sections

.text Size: 164KB - Virtual size: 164KB

.data Size: 72KB - Virtual size: 112KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 164KB - Virtual size: 164KB

.data
Size: 72KB - Virtual size: 112KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 4KB