2a445c3ed26efb6bfa52cda1e335c2da_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2a445c3ed26efb6bfa52cda1e335c2da_JaffaCakes118
Size

185KB
MD5

2a445c3ed26efb6bfa52cda1e335c2da
SHA1

64f9468749374f9811b30b78c2289f0c687a6222
SHA256

dbbf977dc6d2166b0a4448a656e4e72e9013372e3c3f0c50e356493ad0e3648e
SHA512

d9715fff0bbb416a3dfbc5136d85131c559f015ab418e8a4e9a18358766561d59d4cae4fba563feeb6ddc5e550473f7fd22a143ae3e079526a7d48c12a266f51
SSDEEP

3072:sA/e4SvwfZtc3cKqsmP420qk0bPvYKtzTPnVvfzO074BAXg/V4Co:sAe4xcLV0DPNlA5/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2a445c3ed26efb6bfa52cda1e335c2da_JaffaCakes118

Files

2a445c3ed26efb6bfa52cda1e335c2da_JaffaCakes118
.dll windows:4 windows x86 arch:x86

660ecfacaf2ba45dd6ef52f80e201d35

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FlushInstructionCache
IsBadStringPtrW
GetCurrentThreadId
EnterCriticalSection
InterlockedIncrement
CloseHandle
GetLastError
GetTickCount
FlushFileBuffers
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
RtlUnwind
InitializeCriticalSection
GetModuleHandleW
WaitForSingleObject
HeapReAlloc
LoadLibraryA
GetCommandLineA
GetVersionExA
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
OutputDebugStringA
GetCPInfo
InterlockedDecrement
GetACP
GetOEMCP
GetProcAddress
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
ExitProcess
HeapFree
HeapAlloc
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
SetFilePointer
WriteFile
GetConsoleCP
GetConsoleMode
LeaveCriticalSection
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
Sleep
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery

user32

RegisterClassExW
LoadBitmapW
SetWindowPos
CreateWindowExW
CallWindowProcW
SetWindowsHookExW
ChildWindowFromPointEx
GetClientRect
GetCursorPos
WinHelpW

gdi32

CreateBitmap
GetDeviceCaps
SelectObject

ws2_32

WSAStartup
select

Exports

Exports

PhotohavePorn
PoAlthough

Sections

.text
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 269KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

660ecfacaf2ba45dd6ef52f80e201d35

Headers

File Characteristics

Imports

kernel32

user32

gdi32

ws2_32

Exports

Exports

Sections

.text Size: 46KB - Virtual size: 46KB

.rdata Size: 10KB - Virtual size: 9KB

.data Size: 88KB - Virtual size: 269KB

.rsrc Size: 35KB - Virtual size: 35KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 46KB - Virtual size: 46KB

.rdata
Size: 10KB - Virtual size: 9KB

.data
Size: 88KB - Virtual size: 269KB

.rsrc
Size: 35KB - Virtual size: 35KB

.reloc
Size: 4KB - Virtual size: 4KB