2c9011b9bef8434168cc4d44c4918020_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2c9011b9bef8434168cc4d44c4918020_JaffaCakes118
Size

21KB
MD5

2c9011b9bef8434168cc4d44c4918020
SHA1

ce2c1db82a0d41729b5a12850d3260b12db6a98f
SHA256

13d955722a08586dc3d6a14defec494dc4f48a1a9775579665097b648a6f1fd1
SHA512

86d35429a66c4248e1933f21e87c9d178b00f6a9e85e101f039bd42f56ab995418aa98ccfe9b3a2db9ef37c31bc9ab4e4fb52c2a8f94c055150b70ad61f73f73
SSDEEP

384:dmmEeskQvTL5d/FVKKSfQISNWv+UO+uH0C84CJtkw6gmBaydmr9MbWZtW:dzO3d/FVwfQhNWu+uHQ4CJtkBgmm9D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c9011b9bef8434168cc4d44c4918020_JaffaCakes118

Files

2c9011b9bef8434168cc4d44c4918020_JaffaCakes118
.exe windows:5 windows x86 arch:x86

6ec4b9854181010bb09f30f0c6b36520

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED

Imports

kernel32

lstrlenW
GlobalReAlloc
GlobalLock
lstrcatW
GlobalUnlock
FreeLibrary
lstrcpyW
AddAtomW
IsValidLocale
GlobalFree
DeleteAtom
LoadLibraryW
lstrcmpW
GetProcAddress
LocalAlloc
lstrcpynW
GetLocaleInfoW
GlobalGetAtomNameW
LocalFree
WinExec
GetModuleHandleW
GetStartupInfoW
GetAtomNameW
ExitProcess
GlobalAlloc
lstrcmpiW

user32

RemovePropW
SetPropW
AllowSetForegroundWindow
GetWindow
DestroyMenu
GetPropW
GetDesktopWindow
MapWindowPoints
TrackPopupMenuEx
GetLastActivePopup
GetParent
GetWindowLongW
LoadBitmapW
GetSysColor
DrawTextW
CreateIconIndirect
GetKeyboardLayout
GetKeyboardLayoutList
DestroyIcon
GetWindowThreadProcessId
AttachThreadInput
MessageBeep
GetDC
ReleaseDC
EnumChildWindows
DrawFocusRect
GetSystemMetrics
GetWindowDC
SystemParametersInfoW
wsprintfW
UnloadKeyboardLayout
GetMessageW
TranslateMessage
DispatchMessageW
CreateWindowExW
ShowWindow
LoadStringW
FindWindowW
MessageBoxW
LoadIconW
LoadCursorW
RegisterClassExW
PostMessageW
LoadStringA
WinHelpW
GetProcessDefaultLayout
CreatePopupMenu
InsertMenuW
CheckMenuItem
DestroyWindow
KillTimer
SetTimer
GetMessagePos
InSendMessageEx
GetClassNameW
DefWindowProcW
SetForegroundWindow
IsWindow
SendMessageW
SetActiveWindow
PostQuitMessage
RegisterWindowMessageW
GetClientRect

gdi32

TranslateCharsetInfo
DeleteDC
DeleteObject
GetTextCharsetInfo
GetStockObject
ExtTextOutW
PatBlt
SetBkColor
SelectObject
SetTextColor
CreateCompatibleBitmap
CreateCompatibleDC
CreateBitmap
GetTextExtentPointW
BitBlt
CreateFontIndirectW
GetObjectW

comctl32

ord329
ImageList_Create
ImageList_Destroy
ord328
ImageList_ReplaceIcon
ord334
ImageList_GetIconSize
ImageList_GetIcon
ord332
ImageList_Draw
ImageList_Remove

imm32

ImmAssociateContext
ImmGetDefaultIMEWnd
ImmGetIMEFileNameW
ImmGetDescriptionW
ImmGetProperty

setupapi

SetupOpenInfFileW
SetupOpenAppendInfFileW
SetupCloseInfFile
SetupFindFirstLineW
SetupGetStringFieldW

advapi32

RegFlushKey
RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegOpenKeyExW
RegCloseKey
RegSetValueExW
RegQueryValueExW
RegDeleteValueW

shell32

SHAppBarMessage
ExtractIconExW
Shell_NotifyIconW

Sections

.text
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1024B - Virtual size: 640B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6ec4b9854181010bb09f30f0c6b36520

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comctl32

imm32

setupapi

advapi32

shell32

Sections

.text Size: 16KB - Virtual size: 15KB

.data Size: 1024B - Virtual size: 640B

.rsrc Size: 2KB - Virtual size: 2KB

.text
Size: 16KB - Virtual size: 15KB

.data
Size: 1024B - Virtual size: 640B

.rsrc
Size: 2KB - Virtual size: 2KB