2ebcf68b5105f70f05cbe5650107ba1e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2ebcf68b5105f70f05cbe5650107ba1e_JaffaCakes118
Size

151KB
MD5

2ebcf68b5105f70f05cbe5650107ba1e
SHA1

21b1457e1101baa2c4b99e2eab750f98a67d049e
SHA256

681f028bd13565823343b2a84040cad5e2f317693dd200dfa0997c680e51ae3d
SHA512

e277d52919fee1c49a9824a0f1840e76ca5329cea43585c579017085abf9e5c242e6df324de231fb78ddcda052131f4d44932d1cc834129735234fe683ec0fe8
SSDEEP

3072:9BTJbKh+tSPB2o2yievfdrF/Lg4I/n/oq:9BTJk+tNGxNrF/Lg4s

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ebcf68b5105f70f05cbe5650107ba1e_JaffaCakes118

Files

2ebcf68b5105f70f05cbe5650107ba1e_JaffaCakes118
.dll windows:4 windows x86 arch:x86

1fc7cd2169b220b23eec39f21eafde92

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_strnicmp
_stat
_CxxThrowException
??1type_info@@UAE@XZ
_setjmp3
__CxxLongjmpUnwind
longjmp
_adjust_fdiv
_initterm
?terminate@@YAXXZ
_except_handler3
_onexit
__dllonexit
memset
_mkdir
strftime
_stricmp
isspace
strchr
abort
strtok
wcscpy
wcscat
wcslen
atol
sscanf
strcmp
memmove
wcscmp
printf
_snprintf
rename
_mbsnbicmp
localtime
mktime
vsprintf
free
malloc
strncpy
strstr
atoi
_access
fopen
fseek
ftell
fread
memcmp
fclose
fwrite
srand
rand
strcpy
strlen
strcat
getenv
strrchr
??2@YAPAXI@Z
abs
sprintf
memcpy
__CxxFrameHandler
time
_strlwr

ws2_32

ntohl
inet_addr
gethostname
htons
recvfrom
bind
socket
sendto
ntohs
gethostbyname
WSAStartup

setupapi

SetupDiCallClassInstaller
SetupDiDestroyDeviceInfoList
SetupDiSetClassInstallParamsA
SetupDiGetDeviceRegistryPropertyA
SetupDiGetClassDevsA
SetupDiEnumDeviceInfo

advapi32

ConvertSidToStringSidW
DeleteService
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
ControlService
OpenServiceA
OpenSCManagerA
RegSetValueExA
RegCreateKeyExA
RegEnumKeyExA
RegQueryInfoKeyA
CreateServiceA
StartServiceA
RegEnumKeyA
RegOpenKeyA
RegConnectRegistryA
LsaClose
LsaRetrievePrivateData
LsaOpenPolicy
LookupAccountNameA
GetUserNameA
RegEnumValueA
CloseServiceHandle

user32

wsprintfA
GetProcessWindowStation
GetThreadDesktop
OpenWindowStationA
SetProcessWindowStation
OpenDesktopA
SetThreadDesktop
GetDC
ReleaseDC
GetSystemMetrics

oleaut32

VariantInit
VariantClear
GetErrorInfo

kernel32

CloseHandle
GlobalHandle
GlobalLock
GlobalAlloc
MultiByteToWideChar
CreateFileW
SetLastError
lstrlenA
LoadLibraryA
LocalFree
GetSystemDirectoryA
GetVersionExA
MoveFileA
DeleteFileA
CreateThread
GetTickCount
GetTempPathA
WriteFile
CreateFileA
GetLocalTime
InterlockedDecrement
InterlockedIncrement
GetProcAddress
GetWindowsDirectoryA
SetFileAttributesA
CreateMutexA
GetModuleFileNameA
OutputDebugStringA
SetFileTime
LocalFileTimeToFileTime
GetFileTime
Sleep
GetLastError
InterlockedExchange
FreeLibrary
SizeofResource
LockResource
CopyFileA
LoadResource
SetFilePointer
CreatePipe
SystemTimeToFileTime
ReadFile
GetFileSize
GlobalFree
LocalAlloc
GlobalUnlock

gdi32

GetDeviceCaps
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
CreateDCA
BitBlt

ole32

CoInitialize
CoCreateInstance
CoUninitialize
CoTaskMemFree

Exports

Exports

DealA
DealB
DealC

Sections

.text
Size: 117KB - Virtual size: 117KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1fc7cd2169b220b23eec39f21eafde92

Headers

File Characteristics

Imports

msvcrt

ws2_32

setupapi

advapi32

user32

oleaut32

kernel32

gdi32

ole32

Exports

Exports

Sections

.text Size: 117KB - Virtual size: 117KB

.rdata Size: 11KB - Virtual size: 11KB

.data Size: 12KB - Virtual size: 38KB

.reloc Size: 9KB - Virtual size: 8KB

.text
Size: 117KB - Virtual size: 117KB

.rdata
Size: 11KB - Virtual size: 11KB

.data
Size: 12KB - Virtual size: 38KB

.reloc
Size: 9KB - Virtual size: 8KB