2d290225b12d2ef7842eb0bda492f459_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2d290225b12d2ef7842eb0bda492f459_JaffaCakes118
Size

90KB
MD5

2d290225b12d2ef7842eb0bda492f459
SHA1

c37e3fe1e8e87d70f46efb82d761b07e898dc82f
SHA256

e93552ee795f903d66947dcb01e8aa72fe3ac665f5019116e6b99c28a2188375
SHA512

91030ff7392bd6a60a95b70116af3ef92752081a05efda0594a1efe29e4bc9bf55d14f2aa89a4fc45fa8b07ae707e7049b0a7d0fa82fc98df3c21b68cfc275e2
SSDEEP

1536:EHLJSB8oYs+M2kliM1SCPMqXAMqdmcTkMkGdzpTLRhPRHuCKULs4AHDTN:gf7XM5kIA8fMnRDRHuNUI9TN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2d290225b12d2ef7842eb0bda492f459_JaffaCakes118

Files

2d290225b12d2ef7842eb0bda492f459_JaffaCakes118
.exe windows:4 windows x86 arch:x86

d3f6ab0b7d34f14d4345f94653685a45

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
LocalFree
TerminateProcess
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
InterlockedCompareExchange
Sleep
InterlockedExchange
LocalAlloc
IsDebuggerPresent
GetCurrentThreadId
VirtualAllocEx
GetCurrentDirectoryA
GetSystemDefaultLCID
lstrcmpA
HeapCreate
Beep

user32

SendMessageW
PostMessageW
IsIconic
GetWindowRect
GetClientRect
GetDC
UpdateWindow
IsWindowVisible
RedrawWindow
GetFocus
GetParent
EnableWindow
LoadIconW
GetWindowLongW
EndDialog
FindWindowW
PtInRect
TrackPopupMenu
GetSubMenu
LoadMenuW
GetCursorPos
ShowWindow
IsDialogMessageW
CallNextHookEx
SetWindowsHookExW
DestroyIcon
UnhookWindowsHookEx
GetSysColor
SetWindowLongW
LoadImageW
RegisterWindowMessageW
BringWindowToTop
IsWindow
CreateDialogParamA
DialogBoxParamA
UserHandleGrantAccess
DdeQueryStringA
DdeDisconnect
SetCursorContents
LoadMenuA
DisableProcessWindowsGhosting
GetMenuItemInfoA
MenuWindowProcA
GetIconInfo
SendIMEMessageExW
GetMenuBarInfo
GetDlgItemTextW
SetRect
InternalGetWindowText
IsWindowEnabled
IsCharAlphaNumericW
ShowScrollBar
GetWindowTextLengthA
WCSToMBEx
IsDlgButtonChecked
AlignRects
GetRawInputDeviceInfoW
ChangeDisplaySettingsW
CharPrevExA
CharUpperW
GetRawInputBuffer
CopyIcon
GetCursorFrameInfo
GetTopWindow
UnregisterUserApiHook
SystemParametersInfoA
IsCharUpperA
EndTask
GetMenuContextHelpId
ModifyMenuA
GetLastActivePopup
IMPGetIMEA
UserLpkTabbedTextOut
LoadCursorA
PostQuitMessage
CopyRect
GetClassNameW
RegisterShellHookWindow
WinHelpW
AnimateWindow
GetWindowThreadProcessId
MessageBoxExW
SetWindowPlacement
GetNextDlgGroupItem
WaitForInputIdle
DestroyCaret
ChangeDisplaySettingsA
InvalidateRgn

gdi32

GetTextMetricsW

msls31

LsdnFinishDelete
LsQueryTextCellDetails
LsFinishCurrentSubline
LsEnumSubline
LssbFDoneDisplay
LsExpandSubline
LsdnResolvePrevTab
LsDestroySubline

Sections

.text
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 59KB - Virtual size: 6.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 972B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d3f6ab0b7d34f14d4345f94653685a45

Headers

File Characteristics

Imports

kernel32

user32

gdi32

msls31

Sections

.text Size: 20KB - Virtual size: 20KB

.data Size: 59KB - Virtual size: 6.0MB

.rdata Size: 3KB - Virtual size: 3KB

.rsrc Size: 1024B - Virtual size: 972B

.reloc Size: 5KB - Virtual size: 76KB

.text
Size: 20KB - Virtual size: 20KB

.data
Size: 59KB - Virtual size: 6.0MB

.rdata
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 1024B - Virtual size: 972B

.reloc
Size: 5KB - Virtual size: 76KB