a2ec304b37f3d480548553e3132e9ebe_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

a2ec304b37f3d480548553e3132e9ebe_JaffaCakes118
Size

181KB
MD5

a2ec304b37f3d480548553e3132e9ebe
SHA1

ff63ae43dba5b3852d298037b5d303095c69dabb
SHA256

11c5590b885f62c6aef41c6004b4a026bcad63c56915d253ef350465f8459036
SHA512

613d1930e7f553bcff22f08a90366e18f15b381d3b9c707c2a1b6e2b1a322eec20eba6c566d64b8ed8f6df33488ff6823ab29b4c7f4ffcf5112eb573be4ad58a
SSDEEP

3072:5S7VJh6eDfJpsZGuRM4Lk7bBn1uF0SdOmsjXsIina/cFdsa+zfinlp:Wv6+hMGsMwk1188BloFKbTy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a2ec304b37f3d480548553e3132e9ebe_JaffaCakes118

Files

a2ec304b37f3d480548553e3132e9ebe_JaffaCakes118
.dll windows:4 windows x86 arch:x86

50169d8241c38f015052f10b491874b9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateConsoleScreenBuffer
DisableThreadLibraryCalls
ExitProcess
FileTimeToLocalFileTime
GetACP
GetCommandLineA
GetConsoleOutputCP
GetCurrentThread
GetLocaleInfoA
GetModuleHandleA
GetOEMCP
GetProcessAffinityMask
GetStartupInfoA
GetStdHandle
GetSystemDirectoryA
GetVersionExA
GlobalAddAtomA
GlobalUnlock
HeapAlloc
HeapCreate
HeapReAlloc
IsValidCodePage
IsValidLocale
MultiByteToWideChar
OpenEventA
RtlUnwind
SetEndOfFile
SetEvent
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
TlsGetValue
WriteConsoleA
WriteFile
lstrcatA
lstrcmpA
lstrcmpiA
lstrcpyA
lstrlenA
lstrlenW

user32

TranslateMessage
TrackPopupMenu
SetClassLongA
PostQuitMessage
LoadImageA
GetWindowRect
GetUserObjectSecurity
GetSystemMetrics
GetClassLongA
EnumWindows
EmptyClipboard
CreateMenu
CheckMenuItem
wsprintfA
CreateIconIndirect

advapi32

GetOldestEventLogRecord
ElfBackupEventLogFileA
CryptGetProvParam
ClearEventLogW
AddAccessDeniedAce
LockServiceDatabase
LsaGetRemoteUserName
ElfReadEventLogA

ole32

CoGetMalloc
StringFromGUID2
IsEqualGUID
CoCreateGuid
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree

ddraw

DSoundHelp
DirectDrawCreate
DDInternalLock
DDGetAttachedSurfaceLcl
DirectDrawCreateClipper
DirectDrawCreateEx
DirectDrawEnumerateA
DirectDrawEnumerateExA
DirectDrawEnumerateExW
DirectDrawEnumerateW
DDInternalUnlock
GetSurfaceFromDC

Exports

Exports

FlashIIMData

Sections

.text
Size: 115KB - Virtual size: 212KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

50169d8241c38f015052f10b491874b9

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

ddraw

Exports

Exports

Sections

.text Size: 115KB - Virtual size: 212KB

.data Size: 60KB - Virtual size: 64KB

.rsrc Size: 3KB - Virtual size: 4KB

.reloc Size: 1KB - Virtual size: 4KB

.text
Size: 115KB - Virtual size: 212KB

.data
Size: 60KB - Virtual size: 64KB

.rsrc
Size: 3KB - Virtual size: 4KB

.reloc
Size: 1KB - Virtual size: 4KB