2a01e16bded0ed3f29193dae85a082ce_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2a01e16bded0ed3f29193dae85a082ce_JaffaCakes118
Size

64KB
MD5

2a01e16bded0ed3f29193dae85a082ce
SHA1

8e199c45a86297296c87f45a00d7516e37370203
SHA256

da572140ce866a45ed68ac91510186a8716576a53f887c5ae45158f9b963b9b8
SHA512

06231a1791cea3e812912ab91871395ba660ae0e90c924a3ce106ce9b7c40acb2f641ec6a646b6239822db067505516449cfd4af54a67d81d44b53367dc65b46
SSDEEP

1536:L07apFz2Wh/FFO3Fmgugtauz7aGY1QTeHdC9V4L:LxpFz2WZbOVmguga/oKdC34

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a01e16bded0ed3f29193dae85a082ce_JaffaCakes118

Files

2a01e16bded0ed3f29193dae85a082ce_JaffaCakes118
.dll windows:5 windows x86 arch:x86

a296237ec3f127b75a3314df243d3895

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

avmestor

_FXbig
_Toupper
_Dnorm
_Stod
_Getcvt
_Rteps
_Poly
_Denorm
_Snan
_LDscale
_FDscale
_Sinh
_FSinh
_Stold

user32

IsChild
RedrawWindow
GetSystemMetrics
GetCursor
GetWindowPlacement
GetKeyNameTextA
FrameRect
GetWindowLongW
DrawFrameControl
EnumChildWindows
CreateIconIndirect
IsWindowEnabled
IsClipboardFormatAvailable
DestroyMenu
GetMenuStringW
GetSysColor
IsWindowUnicode
LockWindowUpdate
SetScrollPos
MapVirtualKeyA
GetMenuItemID
EnableMenuItem
PostMessageA
GetMenuStringA
SetActiveWindow
GetKeyState
SystemParametersInfoA
GetClipboardData
GetKeyboardState
GetDlgItem
GetPropA
SetTimer
ReuseDDElParam
GetParent
PostThreadMessageA
ToAscii
ShowOwnedPopups
IsCharAlphaA
DispatchMessageA
GetFocus
DestroyIcon

kernel32

lstrlenW
TerminateProcess
GetComputerNameW
HeapAlloc
MapViewOfFile
SetThreadPriority
VirtualQueryEx
FileTimeToSystemTime
QueryPerformanceCounter
GetDiskFreeSpaceA
CloseHandle
LocalAlloc
FormatMessageA
FindResourceA
GetVolumeInformationA
GlobalFree
GetProfileIntA
GetModuleHandleA
TryEnterCriticalSection
GetExitCodeProcess
GetProcessHeap
MulDiv
GetProfileStringA
SetThreadAffinityMask
OutputDebugStringA
WaitForMultipleObjects
DeleteFileA
IsValidLocale
LoadLibraryW
UnmapViewOfFile
LoadLibraryA
FileTimeToLocalFileTime
GlobalLock
ResumeThread
GetCommandLineA
CreateFileMappingW
GetFileType
VirtualFree

ole32

RevokeDragDrop
CreateDataAdviseHolder
CoDisconnectObject
OleUninitialize

wininet

FtpOpenFileA
InternetOpenA

comctl32

ImageList_SetDragCursorImage
ImageList_Draw
ImageList_Destroy

gdi32

GetWinMetaFileBits
CreatePalette
ExtCreateRegion
GetTextColor
SetAbortProc
GetCurrentPositionEx
Polyline
CreateHalftonePalette
CreateBrushIndirect
GetMapMode
SelectObject
EnumFontsA
CreateRectRgnIndirect
TextOutA
StartDocA
SaveDC
Rectangle
PolyPolyline
CreateBitmap
SetTextCharacterExtra

shell32

ShellExecuteExA

oleaut32

VariantCopyInd
VariantCopy

winmm

timeBeginPeriod

comdlg32

GetSaveFileNameA

urlmon

CoInternetCreateSecurityManager

version

GetFileVersionInfoA

Exports

Exports

FreeADsMem
BerBvFree
CreateProcessNotify
AllocADsStr
DllClientCleanup
ChangeSeparator
AdsTypeToLdapTypeCopyTime
FindEntryInSearchTable
logorsvp
DllClientStartup

Sections

.text
Size: 57KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a296237ec3f127b75a3314df243d3895

Headers

File Characteristics

Imports

avmestor

user32

kernel32

ole32

wininet

comctl32

gdi32

shell32

oleaut32

winmm

comdlg32

urlmon

version

Exports

Exports

Sections

.text Size: 57KB - Virtual size: 60KB

.rdata Size: 4KB - Virtual size: 8KB

.data Size: 1KB - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 57KB - Virtual size: 60KB

.rdata
Size: 4KB - Virtual size: 8KB

.data
Size: 1KB - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB