2f3af92a4d8d00d0611d16e335b01e06_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2f3af92a4d8d00d0611d16e335b01e06_JaffaCakes118
Size

76KB
MD5

2f3af92a4d8d00d0611d16e335b01e06
SHA1

37fff2a5dff5d043aa61b948a62ba641f1c7eaa2
SHA256

4295084dda259f1eb348ee8cf4fda97815b7b848bf54d411d6430fd07a9f312e
SHA512

d52e8a1871b78054aa413c2394cd6b8629dd9c65282ca7e5f158dedf41335cb152e598416b0f90b91ee40986a7c64fcd4791e333ecd8bc585b90b553c697fb0e
SSDEEP

1536:mPQJqbctJBzZh/737paWvd9UfMoGm+Fx43n4yg/v3CX1PTav5:m4YgtXzD7sWd9UfMoGX+Xgnuax

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2f3af92a4d8d00d0611d16e335b01e06_JaffaCakes118

Files

2f3af92a4d8d00d0611d16e335b01e06_JaffaCakes118
.dll windows:4 windows x86 arch:x86

3c216c7ba2d9efb5c5e306d040f3aa93

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrlenA
LoadLibraryA
lstrlenW
GetModuleHandleA
InterlockedExchange
EnterCriticalSection
GetProcAddress
GetModuleFileNameA
CreateProcessA
CreateThread
GetProcessHeap
HeapFree
UnmapViewOfFile
lstrcatW
LeaveCriticalSection
CreateFileMappingA
MoveFileExA
ReleaseMutex
InitializeCriticalSection
HeapAlloc
CreateMutexA
CloseHandle
lstrcpyA
LocalAlloc
ConnectNamedPipe
GetBinaryTypeA
GetFileAttributesExA
FindNextFileA
GetSystemTimeAdjustment
FindFirstChangeNotificationW
WriteConsoleW
RtlUnwind
GetTempPathA
GlobalFindAtomW
GetTempPathW
SetInformationJobObject
ReadConsoleInputA
HeapWalk
GetModuleFileNameW
CopyFileW
GlobalGetAtomNameW
SizeofResource
CreateEventA
InterlockedIncrement
RaiseException
UnlockFileEx
VirtualUnlock
FindFirstVolumeMountPointW
ResetEvent
GetStdHandle
GetWindowsDirectoryW
IsBadStringPtrA
GetProcessAffinityMask
MultiByteToWideChar
GetLocalTime
WaitNamedPipeW
GetTapeParameters
GetProcessVersion
EnumResourceNamesW
SetConsoleScreenBufferSize
GetUserDefaultUILanguage
EnumUILanguagesW
SetErrorMode
SetEnvironmentVariableA
FindFirstChangeNotificationA
lstrcmpiW
GetShortPathNameA
HeapLock
IsBadReadPtr
QueueUserAPC
FlushViewOfFile
OpenEventW
GetFileAttributesA
GetShortPathNameW
GetStringTypeExA
IsProcessorFeaturePresent
GetThreadPriority
PurgeComm
FormatMessageA
SetLocalTime
RtlMoveMemory
GetDefaultCommConfigW
GetDiskFreeSpaceExW
GetSystemPowerStatus
SetHandleCount
lstrcpynA
CreateMailslotW
GetFullPathNameA
IsBadHugeReadPtr
GetProfileStringW
Sleep
ExpandEnvironmentStringsA
HeapReAlloc
GetFileInformationByHandle
SuspendThread
GetTimeFormatW
SetEvent
GetLocaleInfoA
CreateJobObjectW
GetVersionExA
HeapUnlock
GetThreadLocale
InterlockedExchangeAdd
GetLargestConsoleWindowSize
LCMapStringA
GetThreadContext
VirtualQueryEx
WriteFile
TransactNamedPipe
GetQueuedCompletionStatus
SetTimeZoneInformation
FindAtomA
GetFileAttributesExW
FindAtomW
CreateRemoteThread
GetCurrentThreadId
SetVolumeMountPointW
AssignProcessToJobObject
CreateNamedPipeA
CreateSemaphoreA
ReadConsoleA
SetProcessShutdownParameters
GetLocaleInfoW
LocalFlags
FormatMessageW
GetUserDefaultLCID

shell32

SHFileOperationA
ExtractIconExW
CommandLineToArgvW
SHAddToRecentDocs
SHGetMalloc
ShellExecuteA
SHGetSettings
SHFileOperationW
SHGetPathFromIDListW
SHBrowseForFolderA
SHFormatDrive
DragFinish
SHGetPathFromIDListA
SHChangeNotify
ShellExecuteExW
SHGetFolderPathW

Exports

Exports

DllInit
DllInstall

Sections

.text
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3c216c7ba2d9efb5c5e306d040f3aa93

Headers

File Characteristics

Imports

kernel32

shell32

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 56KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 60KB - Virtual size: 56KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 1KB