2cf0bf74f3baa346bf47f4f958c22550_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2cf0bf74f3baa346bf47f4f958c22550_JaffaCakes118
Size

259KB
MD5

2cf0bf74f3baa346bf47f4f958c22550
SHA1

4d1db362fde599644260e04b130b8ae87ca6531f
SHA256

9788cbc6a872f1f9afd8914da421472cc79522bb46ea315b5893f039339141ed
SHA512

836bc263dc2a05f08a498357b846bc8363b32cfadbde06d094157a9e3fadc414c51542b8b1a50526313fc27a6578b7f57ee955101acce4a1e98bac27a06e1572
SSDEEP

3072:qlewqir6lGv42W8o10iWlqH7FBFpHRHMBYGDULibghn08Fnp1HcKSXnuXeY:qwirMGvZ9i/d5RO4i2n02r8KOuX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2cf0bf74f3baa346bf47f4f958c22550_JaffaCakes118

Files

2cf0bf74f3baa346bf47f4f958c22550_JaffaCakes118
.dll windows:4 windows x86 arch:x86

ac1253cc784b402b67ddd605da70d286

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ltkrn12n

ord281
ord283
ord218
ord212
ord169
ord171
ord116
ord125
ord139
ord134

ltdis12n

ord138
ord118
ord119
ord184
ord132
ord122

kernel32

LoadLibraryA
HeapAlloc
VirtualAlloc
GetStringTypeW
GetStringTypeA
LCMapStringA
LCMapStringW
QueryPerformanceCounter
lstrlenA
QueryPerformanceFrequency
HeapFree
ExitProcess
GetVersion
WriteFile
GetCommandLineA
GetModuleFileNameA
GetProcAddress
GetStdHandle
GetFileType
GetStartupInfoA
VirtualFree
FreeEnvironmentStringsW
GetEnvironmentStrings
MultiByteToWideChar
FreeEnvironmentStringsA
GetOEMCP
GetACP
GetCPInfo
HeapCreate
SetHandleCount
GetModuleHandleA
WideCharToMultiByte
GetEnvironmentStringsW
TerminateProcess
GetCurrentProcess
HeapDestroy

user32

IntersectRect
ScrollDC
SetRect
OffsetRect
DrawTextA
IsRectEmpty
InflateRect

gdi32

CreatePalette
SetPolyFillMode
CreateFontIndirectA
CreateSolidBrush
GetClipBox
GetPaletteEntries
CreateDCA
CreateEllipticRgn
CombineRgn
StretchBlt
RealizePalette
GetPixel
SetPixel
Rectangle
RoundRect
OffsetRgn
PaintRgn
CreateRectRgn
SaveDC
CreateBrushIndirect
UnrealizeObject
GetNearestColor
CreatePatternBrush
Pie
SetBrushOrgEx
GetObjectA
FrameRgn
SelectPalette
ExtTextOutA
DeleteObject
SelectObject
PatBlt
CreatePen
BitBlt
RestoreDC
SelectClipRgn
Polygon
Ellipse
GetStockObject
SetTextAlign
GetTextExtentPoint32A
SetBkColor
SetBkMode
CreateHatchBrush
SetTextColor
DeleteDC
CreateBitmap
CreateCompatibleDC
GetTextColor
CreateCompatibleBitmap

Exports

Exports

DllMain
L_EfxDraw3dShape
L_EfxDraw3dText
L_EfxDrawFrame
L_EfxDrawRotated3dText
L_EfxEffectBlt
L_EfxGradientFillRect
L_EfxPaintBitmap
L_EfxPaintTransition
L_EfxPatternFillRect
L_PaintDCEffect
L_PaintRgnDCEffect

Sections

.text
Size: 186KB - Virtual size: 185KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ac1253cc784b402b67ddd605da70d286

Headers

File Characteristics

Imports

ltkrn12n

ltdis12n

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 186KB - Virtual size: 185KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 5KB - Virtual size: 5KB

.idata Size: 59KB - Virtual size: 58KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 186KB - Virtual size: 185KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 5KB - Virtual size: 5KB

.idata
Size: 59KB - Virtual size: 58KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 5KB - Virtual size: 4KB