2ebcc66c41d5a4b19666da7a4255bfea_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2ebcc66c41d5a4b19666da7a4255bfea_JaffaCakes118
Size

173KB
MD5

2ebcc66c41d5a4b19666da7a4255bfea
SHA1

a0a61370e49a186565f53b7b27a8d707706bbc95
SHA256

9bb685d9d476ccf9b97ec79e1c648a15b16200e7514c27757b2d5eb5f0cf6175
SHA512

d6c449df4d2ef74622f67176dfa2be7b4d0968e2734e13a91a17a394d6b71b751d9a1445f96f890058f8a721a3e0b8aafcba65398f5f7d71ee589b95e6ecb088
SSDEEP

3072:j9LGFkHhUdYpDj4npbtY0jUHrOJRQlUwD0Vek8m8vfW63GsOdKAhs0dYSRor8zk6:jdH6+QtYhrWQmwD0VeZu63RigCYSwO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ebcc66c41d5a4b19666da7a4255bfea_JaffaCakes118

Files

2ebcc66c41d5a4b19666da7a4255bfea_JaffaCakes118
.dll windows:4 windows x86 arch:x86

0dd2f03c02122b83704837417f528d3a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

GetWindowPlacement
EnableMenuItem
LoadImageW
KillTimer
CharLowerW
CallNextHookEx
CheckMenuItem
PostMessageW
CharNextA
SetWindowLongA
wsprintfW
DefWindowProcW
ReleaseDC
GetSubMenu
SetScrollPos
DrawTextExW
IsDialogMessageW
LoadStringW
LoadBitmapA
DispatchMessageW
RegisterClassExW
GetMenuState
SendDlgItemMessageW
SetWinEventHook
MessageBoxW
GetMessageW
SetPropW
TranslateAcceleratorW
ChildWindowFromPoint
GetCapture
GetFocus
IsDlgButtonChecked
CharUpperW
PtInRect
ScreenToClient
GetLastActivePopup
EnableWindow
SetActiveWindow
CreateDialogParamW
GetDlgCtrlID
GetDlgItem
DefWindowProcA
GetClientRect
GetDlgItemTextW
SendMessageW
DestroyWindow
IsWindowEnabled
WinHelpW
SetForegroundWindow
GetDesktopWindow
LoadIconA
SetWindowLongW
CreateWindowExW
LoadCursorW
PeekMessageW
UpdateWindow
UnregisterClassA
GetSystemMenu
SetWindowTextW
CreatePopupMenu
SetWindowPlacement
GetForegroundWindow
UnhookWinEvent
SetCursor
OpenClipboard
CloseClipboard
SetWindowTextA
GetMenuItemCount
GetCursorPos
LoadIconW
GetWindowTextW
GetWindowLongW
BringWindowToTop
RegisterWindowMessageW
ValidateRect
IsClipboardFormatAvailable
MessageBeep
GetDC
GetSystemMetrics
IsWindow
DestroyMenu
BeginPaint
PeekMessageA
GetParent
PostQuitMessage
CharNextW
TranslateMessage
ShowWindow
TrackPopupMenu
InvalidateRect
EndDialog
GetMenu
GetKeyboardLayout
DialogBoxParamW
IsIconic
LoadAcceleratorsW
MoveWindow
SetFocus
RegisterWindowMessageA
SetDlgItemTextW

gdi32

GetTextMetricsW
SetMapMode
TextOutW
GetDeviceCaps
GetObjectW
StartDocW
EndPage
CreateDCW
CreateFontIndirectW
EndDoc
SelectObject
EnumFontsW
GetTextFaceW
SetViewportExtEx
SetWindowExtEx
AbortDoc
DeleteObject
LPtoDP
GetStockObject
SetBkMode
SetAbortProc
GetTextExtentPoint32W
StartPage
DeleteDC

comdlg32

GetSaveFileNameW
FindTextW
ReplaceTextW
PageSetupDlgW
CommDlgExtendedError
PrintDlgExW
GetOpenFileNameW
ChooseFontW
GetFileTitleW

kernel32

GetLocalTime
DebugBreak
LocalFree
SetEndOfFile
GetThreadLocale
GetCurrentThreadId
FindFirstFileW
GetVersion
LoadLibraryW
SetFileAttributesA
GetEnvironmentStringsW
HeapFree
MapViewOfFile
lstrcpyW
GetCommandLineW
CompareStringW
CreateFileW
DeviceIoControl
FoldStringW
GetEnvironmentVariableA
GetFileAttributesW
CreateFileMappingW
lstrcmpW
GetFileSize
TerminateProcess
MultiByteToWideChar
GetEnvironmentStrings
DeleteFileW
Sleep
GetSystemTimeAsFileTime
LocalSize
GetCurrentProcess
WriteConsoleA
HeapCreate
CloseHandle
GetVersionExA
GetProcessHeap
lstrcmpiW
EnterCriticalSection
FormatMessageA
LoadResource
GetLastError
SetEvent
GlobalLock
TlsFree
GetCommandLineA
SetUnhandledExceptionFilter
SizeofResource
GetModuleFileNameW
GetModuleHandleA
GetTimeFormatW
GetTickCount
lstrcpynA
ReadFile
MulDiv
CreateMutexA
OpenMutexA
lstrcatW
VirtualProtect
LocalAlloc
GetModuleFileNameA
GetUserDefaultLCID
FreeEnvironmentStringsW
CompareStringA
InterlockedExchange
WideCharToMultiByte
GetStringTypeW
InterlockedDecrement
ExitProcess
RtlUnwind
CreateFileA
LocalUnlock
FormatMessageW
IsValidCodePage
CreateThread
GetDateFormatW
GetLocaleInfoA
GetEnvironmentVariableW
GetStartupInfoA
lstrlenW
GetCurrentProcessId
LocalReAlloc
GetTempFileNameW
LocalLock
DeleteCriticalSection
HeapSize
GetModuleHandleW
lstrcpynW
SetFileAttributesW
LeaveCriticalSection
FlushFileBuffers
GetFileInformationByHandle
LoadLibraryExW
SetLastError
GlobalFree
UnmapViewOfFile
CreateEventA
LoadLibraryA
GetProcAddress
GlobalUnlock
UnhandledExceptionFilter
GetOEMCP
GetLocaleInfoW
FindClose
SetStdHandle
WriteFile
GetACP
FreeLibrary
GetFileType
GetUserDefaultUILanguage
QueryPerformanceCounter

msvcrt

_adjust_fdiv
_initterm
exit
wcsncmp
iswctype
fclose
wcsncpy
_CxxThrowException
__setusermatherr
__getmainargs
_purecall
_exit
??2@YAPAXI@Z
_controlfp
_XcptFilter
_snwprintf
__p__fmode
??0exception@@QAE@XZ
calloc
_acmdln
_cexit
_wtol
__p__commode
_wcsicmp
_c_exit
localtime
_amsg_exit
time
__set_app_type

advapi32

RegCreateKeyW
RegQueryValueExW
RegSetValueExW
RegQueryValueExA
IsTextUnicode
RegOpenKeyExA
RegCloseKey

shell32

DragQueryFileW
DragAcceptFiles
DragFinish
ShellAboutW

comctl32

CreateStatusWindowW

winspool.drv

OpenPrinterW
ClosePrinter
GetPrinterDriverW

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 314B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0dd2f03c02122b83704837417f528d3a

Headers

File Characteristics

Imports

user32

gdi32

comdlg32

kernel32

msvcrt

advapi32

shell32

comctl32

winspool.drv

Sections

.text Size: 4KB - Virtual size: 4KB

.rdata Size: 98KB - Virtual size: 98KB

.data Size: 24KB - Virtual size: 26KB

.reloc Size: 512B - Virtual size: 314B

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 98KB - Virtual size: 98KB

.data
Size: 24KB - Virtual size: 26KB

.reloc
Size: 512B - Virtual size: 314B

.rsrc
Size: 3KB - Virtual size: 2KB