2dc3fbd737281eb93f1df205d12a69e0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2dc3fbd737281eb93f1df205d12a69e0_JaffaCakes118
Size

91KB
MD5

2dc3fbd737281eb93f1df205d12a69e0
SHA1

964cdbbac7ac98fc70c97a754e8180b4a3c1fd66
SHA256

a8dafaa2bd5a43fb44b5c626f72bbc969cc6e4a28cbf0d1a0417173b06e83dab
SHA512

2eaccd8b857c258e49dc7d698551d35e8f041458fd90f91986cd7bd8dbb0d7b2c83a5b798cc5d98c90bec008568277e1b1d24d1b6023fd1d443f6965032ec206
SSDEEP

1536:aKWnMuvTmZRAKb1r+/MLyVcJoB42ZZclmrAgNUxH7:0SNb1r+/HVcJoCmZcMrGb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2dc3fbd737281eb93f1df205d12a69e0_JaffaCakes118

Files

2dc3fbd737281eb93f1df205d12a69e0_JaffaCakes118
.exe windows:5 windows x86 arch:x86

53f0d8e7f8ae33029400fe063be1c7dd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_REMOVABLE_RUN_FROM_SWAP

Imports

kernel32

GetFileType
SetHandleCount
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetModuleFileNameA
GetModuleFileNameW
GetStdHandle
WriteFile
MultiByteToWideChar
LoadLibraryA
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetLocaleInfoW
GetUserDefaultLCID
Sleep
IsValidCodePage
GetOEMCP
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
LCMapStringW
RtlUnwind
HeapReAlloc
IsProcessorFeaturePresent
LoadLibraryW
GetThreadTimes
GetProfileStringA
ExitProcess
LocalAlloc
GetLastError
MulDiv
HeapCreate
HeapAlloc
GetProcessTimes
GetACP
EnterCriticalSection
GetCurrentThread
GetCurrentProcess
GetStringTypeW
InterlockedDecrement
InterlockedIncrement
GetCommandLineA
HeapSetInformation
GetStartupInfoW
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
GetCPInfo
EncodePointer
DecodePointer
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetModuleHandleW
SetLastError
GetCurrentThreadId
GetProcAddress
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LeaveCriticalSection
HeapSize

user32

RegisterClassA
EndPaint
PostQuitMessage
FillRect
DrawTextA
GetParent
LoadMenuA
CharNextA
GetClientRect
SetFocus
BeginPaint
GetDC
GetQueueStatus
GetCapture
IntersectRect
GetScrollInfo
InvalidateRect
GetDlgItem
SetWindowLongW
DefWindowProcA
GetSysColor
GetCursorPos
ShowWindow
IsWindow
PostMessageA
CreateWindowExW
ScrollWindowEx
SendMessageW
UpdateWindow
EnableWindow
SetScrollInfo
GetClipboardOwner

gdi32

SetTextColor
DeleteDC
CreateFontA
GetDeviceCaps
SetBkColor
CreateDCA
SetBkMode
DeleteObject
SelectObject
CreateCompatibleDC
CreateCompatibleBitmap
CreateBrushIndirect
Ellipse
GetStockObject
CreateSolidBrush
TextOutA
BitBlt

advapi32

LsaFreeMemory

ole32

CoTaskMemFree

comctl32

ord410
CreateToolbarEx

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

53f0d8e7f8ae33029400fe063be1c7dd

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

comctl32

Sections

.text Size: 52KB - Virtual size: 51KB

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 23KB - Virtual size: 38KB

.rsrc Size: 3KB - Virtual size: 2KB

.text
Size: 52KB - Virtual size: 51KB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 23KB - Virtual size: 38KB

.rsrc
Size: 3KB - Virtual size: 2KB