2c2a47db4486ab36943b63d678d6e207_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2c2a47db4486ab36943b63d678d6e207_JaffaCakes118
Size

91KB
MD5

2c2a47db4486ab36943b63d678d6e207
SHA1

314ef08ab37e94f3869ffc3dfcce0618ae445b19
SHA256

d9fe12d4b7e2112cf30f3b917b3b6472fd6d22b4dce4571386c90fc4eb7db5ff
SHA512

dfe6652655336d453cf417926556268964909de68a27fedc28fd40b9d8eec78ce09d0fdb207d2670d9085ea8f2fa4885e2eaef58b03dd930c936dd7648b30e04
SSDEEP

1536:RYTQr58xLXsl2jRwtdSGhVNajXgeMwKviTdKT/EfPJRLaImTsGXUX8nwzwjQJ:mrxL8l5dSG7usk/fvLatsGXUX1X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c2a47db4486ab36943b63d678d6e207_JaffaCakes118

Files

2c2a47db4486ab36943b63d678d6e207_JaffaCakes118
.exe windows:5 windows x86 arch:x86

ad0ad37eef77a654ce8c117edf6e0a28

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

CloseHandle
CreateEventW
CreateFileW
CreateThread
DeleteCriticalSection
DisableThreadLibraryCalls
EnterCriticalSection
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetSystemTimeAsFileTime
GetVersionExA
HeapDestroy
InterlockedCompareExchange
InterlockedIncrement
LoadLibraryA
LoadLibraryW
LocalAlloc
LocalFree
MultiByteToWideChar
QueryPerformanceCounter
Sleep
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualProtect

user32

CharNextW
CreateWindowExW
DefWindowProcW
DestroyWindow
DialogBoxParamW
EnableWindow
EndDialog
GetClientRect
GetDC
GetDesktopWindow
GetDlgItem
GetSysColor
GetSystemMetrics
GetWindowLongW
InvalidateRect
IsDlgButtonChecked
IsWindow
PostQuitMessage
ReleaseDC
SetCursor
SetDlgItemTextW
SetForegroundWindow
SetTimer
SetWindowLongW
SetWindowPos
SetWindowTextW
ShowWindow
TranslateMessage
wsprintfW

gdi32

BitBlt
CreateBitmap
CreateFontIndirectExA
EngAlphaBlend
EngAssociateSurface
EngCopyBits
EngLineTo
EnumFontFamiliesExW
FONTOBJ_pvTrueTypeFontFile
GdiGetCharDimensions
GdiGetLocalBrush
GdiSetPixelFormat
GetCharABCWidthsA
GetCharWidthA
GetColorAdjustment
GetGlyphOutline
GetHFONT
GetPolyFillMode
GetStringBitmapW
GetTextExtentExPointA
GetTextExtentExPointI
HT_Get8BPPFormatPalette
IntersectClipRect
SetColorSpace
SetLayout
SetTextColor
TranslateCharsetInfo

comctl32

CreateToolbar
DestroyPropertySheetPage
FlatSB_EnableScrollBar
FlatSB_GetScrollInfo
FlatSB_GetScrollPos
FlatSB_SetScrollInfo
FlatSB_SetScrollPos
FlatSB_SetScrollRange
GetMUILanguage
ImageList_Add
ImageList_Create
ImageList_DragShowNolock
ImageList_GetBkColor
ImageList_GetFlags
ImageList_GetImageCount
ImageList_GetImageInfo
ImageList_LoadImageW
ImageList_Remove
ImageList_ReplaceIcon
ImageList_SetDragCursorImage
ImageList_SetFilter
ImageList_SetFlags
ImageList_SetIconSize
ImageList_SetImageCount
InitCommonControls
InitMUILanguage
InitializeFlatSB
LBItemFromPt
UninitializeFlatSB
_TrackMouseEvent

Sections

.text
Size: 83KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ad0ad37eef77a654ce8c117edf6e0a28

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comctl32

Sections

.text Size: 83KB - Virtual size: 84KB

.data Size: 512B - Virtual size: 4KB

.idata Size: 3KB - Virtual size: 8KB

.text
Size: 83KB - Virtual size: 84KB

.data
Size: 512B - Virtual size: 4KB

.idata
Size: 3KB - Virtual size: 8KB