2bb0e74f988b90b308e596578440965d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2bb0e74f988b90b308e596578440965d_JaffaCakes118
Size

236KB
MD5

2bb0e74f988b90b308e596578440965d
SHA1

a6bb364cc3bd7c625320db8979eda9feb5328970
SHA256

f332fc3e1f4e22dd1a0f2dbaeda750cfbec40e3f9e9faa7415580142b70baae7
SHA512

ad98196a6c092c2df0e0bfddf8ea21ff1bc355581e3e9ddef40d400a0fa9898fd7dca3cdebcc61bf36cbf70cd02d39e624fcf589f686aeaf8b0446a4b2cd5d6c
SSDEEP

6144:brAUycf1iZJvrjkc0KYyT21FrlZGz04Vw3yHn0WhBehHbIR:brVf1kvXkc0YsFr4dH0WhVR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2bb0e74f988b90b308e596578440965d_JaffaCakes118

Files

2bb0e74f988b90b308e596578440965d_JaffaCakes118
.dll windows:4 windows x86 arch:x86

22c41b85838e18fba920b84be06f28c5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

comdlg32

ChooseColorA
GetOpenFileNameA
GetFileTitleA
GetSaveFileNameA

version

VerFindFileA

oleaut32

SysAllocStringLen

advapi32

RegOpenKeyExA
RegLoadKeyA
RegDeleteValueA
GetUserNameA

user32

GetWindowRect
IsDialogMessageA
DestroyMenu
RedrawWindow
GetFocus
WaitMessage
EnumWindows
TrackPopupMenu
PeekMessageW
CloseClipboard
RemovePropA
GetDesktopWindow
InsertMenuItemA
LoadStringA
GetClipboardData
SendMessageW
GetMenuStringA
WindowFromPoint
OffsetRect
IsWindowVisible
GetSysColorBrush
GetMenuState
EnableScrollBar
EnableWindow
CharNextA
CreateWindowExA
CallNextHookEx
SetRect
GetWindowThreadProcessId

kernel32

lstrlenA
lstrcatA
ExitProcess
GetModuleHandleA
VirtualAllocEx
Sleep
GetModuleHandleW
LoadLibraryA
GetACP
IsBadReadPtr
ExitThread
GetCommandLineW
GetProcAddress
GetCommandLineA
lstrlenW

Sections

CODE
Size: 44KB - Virtual size: 43KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 166KB - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

BSS
Size: 3KB - Virtual size: 103KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.hdata
Size: 1024B - Virtual size: 702B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 714B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

22c41b85838e18fba920b84be06f28c5

Headers

File Characteristics

Imports

comdlg32

version

oleaut32

advapi32

user32

kernel32

Sections

CODE Size: 44KB - Virtual size: 43KB

.rdata Size: 166KB - Virtual size: 166KB

.data Size: 10KB - Virtual size: 10KB

BSS Size: 3KB - Virtual size: 103KB

.hdata Size: 1024B - Virtual size: 702B

.rsrc Size: 9KB - Virtual size: 8KB

.reloc Size: 1024B - Virtual size: 714B

CODE
Size: 44KB - Virtual size: 43KB

.rdata
Size: 166KB - Virtual size: 166KB

.data
Size: 10KB - Virtual size: 10KB

BSS
Size: 3KB - Virtual size: 103KB

.hdata
Size: 1024B - Virtual size: 702B

.rsrc
Size: 9KB - Virtual size: 8KB

.reloc
Size: 1024B - Virtual size: 714B