2dacad85e07841e7b2f319f942e6f5a3_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2dacad85e07841e7b2f319f942e6f5a3_JaffaCakes118
Size

104KB
MD5

2dacad85e07841e7b2f319f942e6f5a3
SHA1

54d8296aa32a3c3afeaa7c5eb0e02f3260a3cc26
SHA256

8067cb5dd5db6c291a3575d8a067a701503315ba1e3bd11c68f591d1415c994c
SHA512

99df16ad4201869b4dd12839405619df95179f4b592a964a446c17423a7c0d1bbd85df417cd7786dd22f0d4da615c986ab16cd68b3dab598670e9e817e049ed9
SSDEEP

1536:xedb7GWterUfIE8tU9AVz6zDprN4+d74Kurk+i2MdMJqhy3wq+lEwDEnlZZ:xedb0aIE8NZ6zRN448KWk+MMxgEBlZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2dacad85e07841e7b2f319f942e6f5a3_JaffaCakes118

Files

2dacad85e07841e7b2f319f942e6f5a3_JaffaCakes118
.dll windows:4 windows x86 arch:x86

71391c7c9cd9805af8fbeb6c61066123

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LocalFree
CreateThread
GetModuleHandleW
GetLocalTime
GetSystemTime
LCMapStringW
GetProcessHeap
SetEvent
Sleep
IsDBCSLeadByte
GetTickCount
GetACP
lstrcmpiA
GetLocaleInfoA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
GetStringTypeW
GetStringTypeA
FormatMessageW
LCMapStringA
HeapSize
LoadLibraryA
GetCPInfo
GetOEMCP
UnhandledExceptionFilter
GetEnvironmentStringsW
GetLastError
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetCurrentProcess
TerminateProcess
GetModuleHandleA
VirtualProtect
GetCommandLineA
MultiByteToWideChar
GetProcAddress
ExitProcess
HeapAlloc
HeapFree
RtlUnwind
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
InterlockedExchange
VirtualQuery
GetSystemInfo

user32

PtInRect
wsprintfA
CharUpperA
DefWindowProcW
UnregisterClassW
DestroyWindow
GetMessageW
CreateWindowExW
RegisterClassW
DialogBoxParamW
SetWindowTextW
LoadIconW
GetDC
DrawIcon
ReleaseDC
GetCursorPos
LoadStringW
MessageBoxW
SetFocus
SendMessageW
EndDialog
GetDlgItem
GetWindowPlacement
SetWindowPlacement
ShowWindow
LoadBitmapW
EnableWindow
ScreenToClient

advapi32

CryptReleaseContext
CryptAcquireContextW

ole32

CoTaskMemAlloc

Sections

.text
Size: 80KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

71391c7c9cd9805af8fbeb6c61066123

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

Sections

.text Size: 80KB - Virtual size: 76KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 35KB

.rsrc Size: 4KB - Virtual size: 1024B

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 80KB - Virtual size: 76KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 35KB

.rsrc
Size: 4KB - Virtual size: 1024B

.reloc
Size: 4KB - Virtual size: 3KB