2c3217fe91c1caf1ceecf8d7834ecda5_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2c3217fe91c1caf1ceecf8d7834ecda5_JaffaCakes118
Size

88KB
MD5

2c3217fe91c1caf1ceecf8d7834ecda5
SHA1

c6c3fc69c334becdaeba8fd79444dbb0bfda6dd8
SHA256

6f7292d747df0420982a36107c830295757cec2ac0811f8de9acbbf1d09d3ea4
SHA512

df2752b2e50bf61b7ca78535e70770fdcb26153f55d83447757b8ba526592d943640ad310ef6c3d8c8f2defea0d5fa38223e2892df2adeb61b4cee14c0a941c8
SSDEEP

1536:er30nek4POyM2cN7xV8WNpyvTeiYdKNCGp/mSQtJKxK6D:C3MGICUpyJdnatJsK6D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c3217fe91c1caf1ceecf8d7834ecda5_JaffaCakes118

Files

2c3217fe91c1caf1ceecf8d7834ecda5_JaffaCakes118
.dll windows:4 windows x86 arch:x86

1268d02469190514f6bef7c243605173

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetTickCount
GetSystemInfo
Sleep
OpenFileMappingA
SetThreadPriority
GetThreadPriority
GetCurrentThread
SetPriorityClass
UnmapViewOfFile
QueryPerformanceFrequency
QueryPerformanceCounter
MapViewOfFile
lstrcmpiA
GetVersionExA
GetModuleFileNameA
GetModuleHandleA
GetDriveTypeA
GetDiskFreeSpaceExA
CloseHandle
GetProcAddress
GlobalMemoryStatus
FreeLibrary
GetPriorityClass
GetCurrentProcess
InitializeCriticalSection
WideCharToMultiByte
GetEnvironmentStrings
FreeEnvironmentStringsW
FlushFileBuffers
RtlUnwind
GetCommandLineA
GetVersion
HeapFree
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
LoadLibraryA
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
InterlockedDecrement
InterlockedIncrement
HeapAlloc
TerminateProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
SetStdHandle
GetCPInfo
GetEnvironmentStringsW
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
WriteFile
VirtualAlloc
HeapReAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetStringTypeA
GetStringTypeW
MultiByteToWideChar
LCMapStringA
LCMapStringW
SetFilePointer
GetACP
GetOEMCP

user32

GetDC
wsprintfA
ReleaseDC
GetDesktopWindow

gdi32

GetDeviceCaps

advapi32

RegQueryValueExA
RegOpenKeyExA
RegConnectRegistryA
RegCloseKey

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Exports

Exports

connection
cpuinfo
diskcapacity
interfaceinfo
mbm5info
meminfo
netcapacity
osinfo
rambar
screeninfo
uptime
version

Sections

.text
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1268d02469190514f6bef7c243605173

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

version

Exports

Exports

Sections

.text Size: 48KB - Virtual size: 46KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 16KB - Virtual size: 19KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 48KB - Virtual size: 46KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 16KB - Virtual size: 19KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 4KB