2ff2f84bb98446c691fb47b7495e82e1_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2ff2f84bb98446c691fb47b7495e82e1_JaffaCakes118
Size

252KB
MD5

2ff2f84bb98446c691fb47b7495e82e1
SHA1

58fc426305963d9c23ede836b2e4c7e600ffea1d
SHA256

87faee9bfc0db2b166cf93ba43f369caba3eb2fd6dbb32a70f3bed30df0ed5b2
SHA512

d8f03908496dceba61627be1732ed4b1066b76d530048672bdce7ee9ce62550b978a477af4aef780a6a7a66d3eb4067622d58735b6c65ae1e544e16a08476254
SSDEEP

3072:ISLxoOUkCVE9U7nJKceaagB/aK9kiS4SPx1I/UuyODpEX1x:ISbnk7ncZ4ux1I83OFU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2ff2f84bb98446c691fb47b7495e82e1_JaffaCakes118

Files

2ff2f84bb98446c691fb47b7495e82e1_JaffaCakes118
.dll windows:4 windows x86 arch:x86

e7e6dca92a6eadf9ef413d12d9a463be

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord2078
ord4275
ord2379
ord5290
ord640
ord2450
ord1640
ord323
ord6374
ord2385
ord800
ord4123
ord5875
ord3874
ord540
ord2859
ord5799
ord4376
ord4853
ord4710
ord5280
ord3361
ord5265
ord4998
ord2514
ord6052
ord1775
ord4425
ord3597
ord4407
ord3402
ord3742
ord641
ord860
ord537
ord324
ord2301
ord4234
ord6334
ord5981
ord2642
ord6215
ord3092
ord2818
ord1768
ord1929
ord3721
ord3619
ord795
ord1641
ord3626
ord3663
ord2414
ord2116
ord4284
ord4287
ord3571
ord2370
ord2302
ord6380
ord4299
ord6880
ord2645
ord755
ord2405
ord6172
ord3797
ord2754
ord5785
ord470
ord6453
ord613
ord3262
ord289
ord5789
ord2860
ord1949
ord809
ord556
ord2452
ord6199
ord3706
ord2567
ord2380
ord6358
ord1088
ord2122
ord1233
ord1200
ord4129
ord5710
ord941
ord5572
ord2915
ord939
ord6929
ord6282
ord3573
ord699
ord3938
ord397
ord1151
ord924
ord1193
ord5593
ord3438
ord283
ord5873
ord2753
ord3692
ord5791
ord3693
ord4133
ord4297
ord5788
ord472
ord5787
ord6283
ord858
ord4278
ord6663
ord2764
ord922
ord2614
ord4188
ord912
ord801
ord5861
ord541
ord2463
ord1577
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord1255
ord1578
ord600
ord826
ord269
ord3136
ord4465
ord1176
ord1116
ord3259
ord3147
ord2982
ord5714
ord5307
ord4698
ord4079
ord5302
ord5300
ord3346
ord2396
ord5199
ord1089
ord3922
ord5731
ord609
ord4627
ord5277
ord2124
ord2446
ord5261
ord1727
ord5065
ord3749
ord6376
ord2055
ord2648
ord4441
ord4837
ord3798
ord4353
ord5163
ord5241
ord4396
ord1776
ord4078
ord6055
ord1795
ord6423
ord1175
ord2864
ord3815
ord2725
ord1134
ord3953
ord561
ord3738
ord4424
ord4622
ord4080
ord3079
ord3825
ord3831
ord3830
ord3401
ord2976
ord3081
ord1146
ord2985
ord2512
ord2554
ord4486
ord6375
ord4274
ord815
ord1168
ord2867
ord5860
ord6467
ord1651
ord5606
ord825
ord500
ord567
ord823
ord772
ord6605
ord818
ord1575

msvcrt

strchr
_stricmp
_strnicmp
_adjust_fdiv
malloc
_initterm
free
??1type_info@@UAE@XZ
?terminate@@YAXXZ
_except_handler3
_onexit
__dllonexit
_vsnprintf
sscanf
_CxxThrowException
_access
strtol
atoi
strncpy
memchr
fopen
fseek
ftell
fclose
fread
atol
sprintf
memmove
strncmp
_ftol
atof
__CxxFrameHandler
_purecall

kernel32

FreeLibrary
WideCharToMultiByte
MultiByteToWideChar
LCMapStringA
lstrlenA
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
FindResourceA
SizeofResource
LoadResource
LockResource
MulDiv
GetProcAddress
GlobalAlloc
GlobalLock
GlobalUnlock
GetPrivateProfileIntA
LocalAlloc
GetLastError
FormatMessageA
LocalFree
GetCurrentThreadId
LoadLibraryA

user32

ScreenToClient
GetWindowTextA
DestroyWindow
InflateRect
FrameRect
FillRect
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
GetKeyboardLayoutList
LoadKeyboardLayoutA
ActivateKeyboardLayout
IsWindow
GetWindowLongA
IsRectEmpty
SetRect
SetRectEmpty
GetKeyState
GetWindowRgn
PtInRect
ReleaseCapture
SetCapture
DrawTextA
SetWindowRgn
LoadBitmapA
GetDlgItem
KillTimer
DrawIcon
GetDlgCtrlID
DestroyIcon
LoadIconA
GetWindowRect
OffsetRect
SetWindowPos
GetForegroundWindow
GetWindowThreadProcessId
AttachThreadInput
SetForegroundWindow
GetCursorPos
SetTimer
InvalidateRect
SetWindowLongA
RedrawWindow
GetFocus
EnableWindow
GetDC
GetClientRect
SendMessageA
ReleaseDC
CopyRect
GetSysColor
LoadCursorA
SetCursor
GetParent
PostMessageA
LoadStringA
MessageBoxA

gdi32

GetObjectA
GetStockObject
CreateSolidBrush
DeleteObject
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
GetTextExtentPoint32A
CombineRgn
OffsetRgn
CreateRectRgn
CreateFontA
PtInRegion
StretchBlt
CreateBitmap
CreateFontIndirectA
GetBitmapBits
CreateDCA
CreateBitmapIndirect
CreateDIBitmap
RealizePalette
CreatePalette
GetDeviceCaps
CreatePen
RoundRect
SetTextColor
SetBkMode
SetPixel
GetPixel
FrameRgn
ExtCreateRegion
GetTextMetricsA
SelectObject

shell32

ShellExecuteA

comctl32

_TrackMouseEvent

Exports

Exports

Addin_GetObject

Sections

.text
Size: 132KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e7e6dca92a6eadf9ef413d12d9a463be

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

user32

gdi32

shell32

comctl32

Exports

Exports

Sections

.text Size: 132KB - Virtual size: 128KB

.rdata Size: 36KB - Virtual size: 34KB

.data Size: 8KB - Virtual size: 14KB

.rsrc Size: 56KB - Virtual size: 55KB

.reloc Size: 16KB - Virtual size: 14KB

.text
Size: 132KB - Virtual size: 128KB

.rdata
Size: 36KB - Virtual size: 34KB

.data
Size: 8KB - Virtual size: 14KB

.rsrc
Size: 56KB - Virtual size: 55KB

.reloc
Size: 16KB - Virtual size: 14KB