2c3de8bfcc12089fbdc09fec6ffb48d8_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

2c3de8bfcc12089fbdc09fec6ffb48d8_JaffaCakes118
Size

124KB
MD5

2c3de8bfcc12089fbdc09fec6ffb48d8
SHA1

1a2734bac0b0adb589519b4ba493c67f7ec7f288
SHA256

189015669d03a1acd67bd913bdb1c4dff9b4174dc28ce47c9a6b6db23a5658da
SHA512

6989f1056d15d51da78f6b996d99f97701f6ae4139a0af995a58362a30a2b76d2c4b78086479bb17d9b3ad829ceba371bc8e5fccfcc2d7a611dcd86f50005f30
SSDEEP

1536:gcYgST0MDMHSNSllTo/FoAVIL8t9ysPEwgSlyBoNBS7isXd5IBlxFIwvKauCicpt:gczC0ukSArOzVC8SwgSGojS70rKa1Bt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2c3de8bfcc12089fbdc09fec6ffb48d8_JaffaCakes118

Files

2c3de8bfcc12089fbdc09fec6ffb48d8_JaffaCakes118
.dll windows:4 windows x86 arch:x86

4a281f3e3a150d89b08c1b2ca64337ab

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateDirectoryA
CreateMutexA
GetProcessHeap
GetComputerNameA
GetCurrentProcessId
GetModuleFileNameA
lstrlenA
OpenEventA
LeaveCriticalSection
Sleep
GetCommandLineA
GetModuleHandleA
WaitForSingleObject
GetProcAddress
MapViewOfFile
CreateProcessA
SetLastError
LocalFree
CopyFileA
HeapAlloc
lstrlenW
InterlockedIncrement
HeapFree
UnmapViewOfFile
CreateEventA
GetVolumeInformationA
InterlockedDecrement
GetLastError
InterlockedCompareExchange
ExitProcess
CreateFileA
GetTickCount
CreateFileMappingA
ReleaseMutex
EnterCriticalSection
LoadLibraryA
WriteFile
CloseHandle

ole32

CoTaskMemAlloc
CoCreateGuid
OleSetContainedObject
CoUninitialize
OleCreate
CreateBindCtx
CoInitialize

user32

SetWindowLongA
SetWindowsHookExA
CreateWindowExA
GetWindowLongA
GetMessageA
UnhookWindowsHookEx
PostQuitMessage
DestroyWindow
GetSystemMetrics
FindWindowA
SendMessageA
SetTimer
GetClassNameA
GetWindowThreadProcessId
KillTimer
DefWindowProcA
TranslateMessage
RegisterWindowMessageA
PostMessageA
DispatchMessageA
GetParent

oleaut32

SysFreeString
SysAllocStringLen
SysAllocString

shlwapi

UrlUnescapeW
StrStrIW

advapi32

RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegQueryValueExA
GetUserNameA
RegDeleteValueA
RegCreateKeyExA

shell32

SHGetFolderPathA

Exports

Exports

HpcrtSnap

Sections

.text
Size: 104KB - Virtual size: 103KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4a281f3e3a150d89b08c1b2ca64337ab

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

shlwapi

advapi32

shell32

Exports

Exports

Sections

.text Size: 104KB - Virtual size: 103KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 8KB - Virtual size: 7KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 104KB - Virtual size: 103KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 8KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 2KB