2ee43d8ab3c098234ed5e2df41d25b5e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2ee43d8ab3c098234ed5e2df41d25b5e_JaffaCakes118
Size

1.3MB
MD5

2ee43d8ab3c098234ed5e2df41d25b5e
SHA1

a32f614ab4e29f86439728c9bdd134d7d83306c4
SHA256

c32c1eb81d035bf279f1629f742bc49943c24efbb112939595d788db3f8bed97
SHA512

ddb2bf432aeda775ded913888d7b08ae6e91c99a7dc1bb9b74e1d4f2b66eb70ba3af5aaf2254d0699afe345b8f46daec6497173e3be46cc2d1aed21ba1e3ab9c
SSDEEP

24576:x4tFi+bsv86UHFrk1a0YFnlb7yavIV7TMQYIobn/gHeEJb0TXg/ht:x1+QvqlgIfIV7AQYFotJOXgP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ee43d8ab3c098234ed5e2df41d25b5e_JaffaCakes118

Files

2ee43d8ab3c098234ed5e2df41d25b5e_JaffaCakes118
.exe windows:5 windows x86 arch:x86

b45da9f933c95d47a6fef7b4afae308d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

ws2_32

bind
WSACancelBlockingCall
WSAUnhookBlockingHook

kernel32

GetCPInfo
HeapSize
HeapReAlloc
VirtualAlloc
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
VirtualFree
HeapCreate
GetFileType
SetHandleCount
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStdHandle
GetACP
RtlUnwind
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
WideCharToMultiByte
SetUnhandledExceptionFilter
UnhandledExceptionFilter
InterlockedDecrement
GetCurrentThreadId
SetLastError
InterlockedIncrement
TlsFree
TlsSetValue
GetOEMCP
IsValidCodePage
CompareStringA
MultiByteToWideChar
CompareStringW
SetEnvironmentVariableA
InitializeCriticalSectionAndSpinCount
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
lstrlenA
LoadLibraryA
CreateToolhelp32Snapshot
GetModuleFileNameA
IsBadWritePtr
IsDBCSLeadByte
FindNextVolumeMountPointA
FindResourceExA
CreateMutexA
GetLastError
IsDBCSLeadByteEx
TerminateThread
lstrcmpA
TerminateProcess
FlushViewOfFile
FreeUserPhysicalPages
TlsGetValue
UnlockFile
GetCommandLineA
CreateFiber
ReadProcessMemory
GetModuleFileNameW
lstrlenW
WriteProcessMemory
CreateFileMappingW
Toolhelp32ReadProcessMemory
FreeEnvironmentStringsW
IsDebuggerPresent
GetCurrentProcess
CopyFileExW
GetModuleHandleA
FindNextChangeNotification
IsBadCodePtr
CreateTimerQueue
lstrcmpiA
IsBadHugeWritePtr
FlushConsoleInputBuffer
IsBadStringPtrA
FindVolumeMountPointClose
FreeConsole
Sleep
GetCPInfoExW
CreateFiberEx
GenerateConsoleCtrlEvent
lstrcatA
TransmitCommChar
lstrcpyA
DuplicateHandle
GetCalendarInfoA
GetAtomNameW
GetProcAddress
FindCloseChangeNotification
ExitProcess
LCMapStringA
LCMapStringW
WriteFile
TlsAlloc
GetModuleHandleW
GetSystemTimeAsFileTime
GetStartupInfoA
HeapFree
HeapAlloc
RaiseException

user32

EndPaint
DestroyCaret
ActivateKeyboardLayout
GetActiveWindow
ShowWindowAsync
VkKeyScanW
SwapMouseButton
SetWindowsHookW
mouse_event
UnhookWinEvent
DrawMenuBar
SwitchToThisWindow
UpdateWindow
DrawFocusRect
EnableWindow
GetClassNameA
MessageBoxW
GetClipCursor
DestroyIcon
GetClientRect
AnyPopup
ArrangeIconicWindows
GetClassLongW
ValidateRect
ShowWindow
GetAncestor
UnloadKeyboardLayout
SetWindowWord
DrawCaption
TileWindows
VkKeyScanExW
DestroyWindow
UnregisterHotKey
TrackPopupMenuEx
ShowCaret
DestroyCursor
UnhookWindowsHookEx
GetClipboardData
DlgDirSelectExW
VkKeyScanExA
EmptyClipboard
DrawTextW
DlgDirListW
MessageBoxA
TrackPopupMenu
ValidateRgn
DrawAnimatedRects
EnableMenuItem
WaitForInputIdle
AttachThreadInput

gdi32

SetPixelV
WidenPath
GetTextMetricsA
SetDCBrushColor
GetOutlineTextMetricsA
SetAbortProc
ScaleViewportExtEx
UpdateColors
SetWindowOrgEx
GetKerningPairsW
GetTextCharacterExtra
SetStretchBltMode
GetTextFaceA
GetTextMetricsW
SetSystemPaletteUse
StartDocW
BitBlt
GetStretchBltMode
CheckColorsInGamut
PolyPolyline
GetWorldTransform
UnrealizeObject
GetRgnBox
CreatePolygonRgn
GetPixel
RemoveFontResourceExA
PlayEnhMetaFile
GetStockObject
GetTextExtentExPointW
GetMapMode
ColorCorrectPalette
SetWindowExtEx
CreateHatchBrush
CreateHalftonePalette
CreateCompatibleBitmap
GetViewportExtEx
ColorMatchToTarget
InvertRgn
Pie
GetTextCharsetInfo
SetWorldTransform
SetRectRgn
GetTextColor
CancelDC
LineTo
OffsetWindowOrgEx
GetICMProfileW
CreateDIBPatternBrush
SetLayout
IntersectClipRect
GetTextCharset
PolyBezierTo
ResizePalette
GetRandomRgn
SetTextColor
GetObjectType
SetMapperFlags
SelectClipRgn
GetSystemPaletteUse
GetLayout
GetSystemPaletteEntries
OffsetViewportOrgEx
RemoveFontMemResourceEx
GetRasterizerCaps
GetPixelFormat
CreateBitmap
GetMetaRgn
RemoveFontResourceA
GetNearestColor
MaskBlt
SetPixel
GetWindowOrgEx
SetViewportExtEx
GetLogColorSpaceW
PolyDraw
SetDCPenColor

shell32

SHGetFileInfoA

Sections

.text
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 88KB - Virtual size: 88KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b45da9f933c95d47a6fef7b4afae308d

Headers

DLL Characteristics

File Characteristics

Imports

ws2_32

kernel32

user32

gdi32

shell32

Sections

.text Size: 96KB - Virtual size: 95KB

.rdata Size: 46KB - Virtual size: 46KB

.data Size: 4KB - Virtual size: 10KB

.rsrc Size: 88KB - Virtual size: 88KB

.text
Size: 96KB - Virtual size: 95KB

.rdata
Size: 46KB - Virtual size: 46KB

.data
Size: 4KB - Virtual size: 10KB

.rsrc
Size: 88KB - Virtual size: 88KB