2c7d706f116a1dba0082b3ad31b31268_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2c7d706f116a1dba0082b3ad31b31268_JaffaCakes118
Size

264KB
MD5

2c7d706f116a1dba0082b3ad31b31268
SHA1

96a6121db76479ddad24729cadde87e5829554a7
SHA256

f421c2ced63fb0676c8188957e7b24547fd170f847dd3130159c19ad9427d485
SHA512

51f8c1d6989ec28a3d9bbea38358d77aac7d558f828bf4f7af3cf7f1e6372e4d10d1ad973842fadab59856816c6f4e7a9ad95ee58ea12b3d23131e51f8c24603
SSDEEP

6144:jVCx1M1zdi31YZ79bZoqYcpu3MGTo+aNGP5btWE:8UUQ7pZoqFpu35o+BF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c7d706f116a1dba0082b3ad31b31268_JaffaCakes118

Files

2c7d706f116a1dba0082b3ad31b31268_JaffaCakes118
.dll windows:4 windows x86 arch:x86

6c9694d4f8f5ef39234ba75e917a9a63

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shell32

DragQueryFileA
SHGetDesktopFolder

kernel32

GetModuleHandleA
ExitThread
VirtualAlloc
GetOEMCP
IsBadReadPtr
ExitProcess
lstrlenA
IsBadHugeReadPtr
LoadLibraryA
GetVersionExA
GetProcAddress
lstrlenW
HeapAlloc
FreeLibrary
GlobalAlloc

user32

GetKeyState
GetMenuItemID
GetMenuItemInfoA
GetMessagePos
GetKeyboardLayout
GetLastActivePopup
GetScrollInfo
GetMenuItemCount
GetSystemMenu
GetWindowDC
GetParent
GetScrollPos
GetWindowLongA
GetKeyboardType
GetSubMenu
GetTopWindow
GetKeyboardLayoutList
GetKeyboardLayoutNameA
GetMenu
GetKeyNameTextA
GetWindow
GetMenuStringA
GetPropA
GetSysColorBrush
GetMenuState
GetSysColor
GetScrollRange
GetIconInfo
GetKeyboardState
GetWindowLongW

gdi32

SetBkColor
CreateDIBitmap
SetBkMode
SelectObject
GetObjectA
GetDIBits
CreatePalette
CreateDIBitmap
GetRgnBox
GetDCOrgEx
GetPixel

msvcrt

pow
clock
memset

oleaut32

SafeArrayGetElement
SysReAllocStringLen
VariantCopyInd
GetErrorInfo
SafeArrayCreate
SafeArrayPtrOfIndex
VariantChangeType
SafeArrayGetUBound
SysStringLen
SysFreeString
OleLoadPicture
SafeArrayGetElement
SafeArrayPtrOfIndex
GetErrorInfo
SysStringLen
SafeArrayGetUBound

comdlg32

GetOpenFileNameA

version

GetFileVersionInfoA
VerInstallFileA

comctl32

ImageList_Read
ImageList_GetBkColor
ImageList_DragShowNolock
ImageList_DrawEx
ImageList_Create
ImageList_Remove

shlwapi

SHStrDupA
SHDeleteValueA
SHDeleteKeyA
PathIsDirectoryA
SHGetValueA

ole32

CoDisconnectObject
CoGetObjectContext
ReleaseStgMedium
OleRun
CoDisconnectObject
StgCreateDocfileOnILockBytes
StringFromIID
CreateOleAdviseHolder
PropVariantClear
GetHGlobalFromStream
WriteClassStm
CLSIDFromProgID

advapi32

RegCreateKeyExA
RegEnumKeyExA
RegLoadKeyA
RegQueryInfoKeyA

Sections

CODE
Size: 216KB - Virtual size: 213KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 366B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

DATA
Size: 8KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6c9694d4f8f5ef39234ba75e917a9a63

Headers

File Characteristics

Imports

shell32

kernel32

user32

gdi32

msvcrt

oleaut32

comdlg32

version

comctl32

shlwapi

ole32

advapi32

Sections

CODE Size: 216KB - Virtual size: 213KB

.rdata Size: 4KB - Virtual size: 1KB

.data Size: 4KB - Virtual size: 366B

DATA Size: 8KB - Virtual size: 76KB

.cdata Size: 8KB - Virtual size: 7KB

.bdata Size: 8KB - Virtual size: 4KB

.rsrc Size: 8KB - Virtual size: 7KB

.reloc Size: 4KB - Virtual size: 1KB

CODE
Size: 216KB - Virtual size: 213KB

.rdata
Size: 4KB - Virtual size: 1KB

.data
Size: 4KB - Virtual size: 366B

DATA
Size: 8KB - Virtual size: 76KB

.cdata
Size: 8KB - Virtual size: 7KB

.bdata
Size: 8KB - Virtual size: 4KB

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 1KB