2bcaeb92416489bc13162b7eed5fe86b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2bcaeb92416489bc13162b7eed5fe86b_JaffaCakes118
Size

52KB
MD5

2bcaeb92416489bc13162b7eed5fe86b
SHA1

6473a9d0c23aeaaf7a395851485a268a8915931c
SHA256

6cfdfa36ecc8183baecf505d67352df9cd76ffdefd3c9807578b62ea34c7d20a
SHA512

9d0c7d158c27e5b5b17571d82b37e3555df2c1a94c0acd88f4390dc41f35ecf18ae760dc2034fd18491864eb32442d69eaa5f0121041902f4ee761a1ffcd1fc5
SSDEEP

768:HGSlWNAQLurju6t1R76OFFv7pM+L7DAQJJWUtrT324LsKjKd7izctCZ/O9u:HLlWNAQqrvmUlWJ4LTAOctCIw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2bcaeb92416489bc13162b7eed5fe86b_JaffaCakes118

Files

2bcaeb92416489bc13162b7eed5fe86b_JaffaCakes118
.dll windows:4 windows x86 arch:x86

917bf310d09726665c1a651a54bd754b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalLock
GetProfileStringW
LocalAlloc
LocalFree
LocalReAlloc
lstrlenW
CloseHandle
WaitForSingleObject
SetEvent
lstrcpynW
ResetEvent
CreateThread
CreateEventW
GlobalUnlock
GetCommandLineW
GetStartupInfoA
WriteProfileStringW
Sleep
lstrcmpW
GlobalCompact
GetProcAddress
LoadLibraryA
GetModuleHandleA
HeapAlloc
GetProcessHeap
HeapFree
WriteFile
ReadFile
GetTickCount
lstrcpyW
GetProfileIntW
GlobalSize
Beep

user32

IsChild
TranslateAcceleratorW
TranslateMessage
DispatchMessageW
SystemParametersInfoW
GetWindowRect
SetMenu
DestroyWindow
DestroyMenu
GetDlgItem
CreateDialogParamW
GetWindowLongW
SetWindowLongW
LoadMenuW
IsDialogMessageW
GetClientRect
MapWindowPoints
OffsetRect
SetWindowPos
CheckMenuRadioItem
CheckMenuItem
SetDlgItemTextW
SendMessageW
ShowWindow
UpdateWindow
InvalidateRect
LoadIconW
LoadCursorW
GetSysColorBrush
RegisterClassExW
CharNextW
SetCursor
SetFocus
SetWindowTextW
CheckRadioButton
GetSubMenu
MessageBeep
EndDialog
DialogBoxParamW
GetSysColor
CloseClipboard
CharNextA
GetClipboardData
OpenClipboard
GetDesktopWindow
TrackPopupMenuEx
EnableMenuItem
IsClipboardFormatAvailable
DefWindowProcW
ChildWindowFromPoint
ScreenToClient
GetDlgCtrlID
PostQuitMessage
WinHelpW
DrawTextW
CallWindowProcW
HideCaret
CheckDlgButton
GetWindowTextW
SetDlgItemInt
GetMenu
LoadAcceleratorsW
MessageBoxW
LoadStringW
SetProcessDefaultLayout
GetProcessDefaultLayout
EnableWindow

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA

shell32

ShellAboutW

Exports

Exports

bdxfks

Sections

.code_01
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 1B

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 920B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 584B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

917bf310d09726665c1a651a54bd754b

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

Exports

Exports

Sections

.code_01 Size: 24KB - Virtual size: 24KB

.data Size: 24KB - Virtual size: 23KB

.reloc Size: 512B - Virtual size: 1B

.rsrc Size: 1024B - Virtual size: 920B

.reloc Size: 1024B - Virtual size: 584B

.code_01
Size: 24KB - Virtual size: 24KB

.data
Size: 24KB - Virtual size: 23KB

.reloc
Size: 512B - Virtual size: 1B

.rsrc
Size: 1024B - Virtual size: 920B

.reloc
Size: 1024B - Virtual size: 584B