2cca5bc1940dce174103cbddac3fe932_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2cca5bc1940dce174103cbddac3fe932_JaffaCakes118
Size

370KB
MD5

2cca5bc1940dce174103cbddac3fe932
SHA1

aa92b158a5163a0f13eef3f7e48e2f69e60d90fa
SHA256

45f19edefb9a73b8b6998cb6d2fecc7c410ec6cfb2aff315616563bdc4fca9e6
SHA512

eec30f1ce007c3a5bc6ca3cc701d5ad3e4cfba733f854e2e913937137f7a8fd6ddc69377b80acb435113404503078ded2f309368151d8e6c9e72a6f706d5fb38
SSDEEP

6144:j9N6+SDaQG5JDuEGRVGl0AvLbp9rrYIhAY1wDAuAlE/8OpJpnG4yAY33eIZaIKMG:h8+LNlXaj6TZnKMmOcGwoe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2cca5bc1940dce174103cbddac3fe932_JaffaCakes118

Files

2cca5bc1940dce174103cbddac3fe932_JaffaCakes118
.dll windows:4 windows x86 arch:x86

b7ccae70b2a8aae8a1f1692084169bff

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

EnterCriticalSection
ExitProcess
ExpandEnvironmentStringsW
FlushFileBuffers
FormatMessageA
FormatMessageW
GetACP
GetCommandLineA
GetCurrentProcessId
GetCurrentThreadId
GetExitCodeThread
GetLastError
GetLocalTime
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetProcessHeap
GetProcessPriorityBoost
GetStartupInfoA
GetStdHandle
GetSystemInfo
GetSystemTimeAsFileTime
GetTickCount
GetVersion
GlobalAlloc
GlobalFree
HeapAlloc
HeapDestroy
DisableThreadLibraryCalls
HeapLock
HeapReAlloc
HeapUnlock
InitializeCriticalSection
InitializeCriticalSectionAndSpinCount
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedExchangeAdd
InterlockedIncrement
LeaveCriticalSection
LoadLibraryA
LocalReAlloc
MultiByteToWideChar
OutputDebugStringA
QueryPerformanceCounter
ReadFile
RtlUnwind
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
Sleep
TerminateProcess
UnhandledExceptionFilter
VirtualAlloc
VirtualProtect
WaitForSingleObject
WideCharToMultiByte
WriteFile
DeleteTimerQueueTimer
DeleteCriticalSection
DebugBreak
HeapFree
CloseHandle

oleaut32

VariantInit
SysAllocString
VarBstrFromCy
VarCyFromI2
VarUI2FromUI4
VarI4FromI1

ole32

CoInitializeEx
CLSIDFromString
CoTaskMemFree

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA
DeregisterEventSource

Exports

Exports

AddPicture2
EnumTvValueNext
GetDevice
GetLastError
Launch
Malloc
MemGetInfo
Memcpy2DToArray
ReadDevParamFromRAW
ReflectParamValues

Sections

.text
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 158KB - Virtual size: 157KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 194KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 155KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b7ccae70b2a8aae8a1f1692084169bff

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

oleaut32

ole32

advapi32

Exports

Exports

Sections

.text Size: 52KB - Virtual size: 52KB

.rdata Size: 158KB - Virtual size: 157KB

.data Size: 1KB - Virtual size: 194KB

.rsrc Size: 155KB - Virtual size: 154KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 52KB - Virtual size: 52KB

.rdata
Size: 158KB - Virtual size: 157KB

.data
Size: 1KB - Virtual size: 194KB

.rsrc
Size: 155KB - Virtual size: 154KB

.reloc
Size: 2KB - Virtual size: 2KB