2e71a42467446d50def1061f951a3806_JaffaCakes118

General

Target

2e71a42467446d50def1061f951a3806_JaffaCakes118
Size

54KB
MD5

2e71a42467446d50def1061f951a3806
SHA1

9020fdbd771ff23ed38c3101be8ff8db2ad84204
SHA256

7d32e72a5ffb073fc9c4bc02cf11e6a523df8a23e7fb12f01ba267342dddb6a7
SHA512

4f2eb69870dd768b15d20bfcfcc2b6443de03c4eb03aad8a5fc227edd4bccd1aae6b30deb949489e9ba97dd06d5b96a34a4b507e25a641dc34f3542d55fd3727
SSDEEP

1536:UPt/4lrjptHmfWb77u1kAMJcKgrUuBgFUNdXb:USlv7HwWb73Lg4uBgGNdXb

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e71a42467446d50def1061f951a3806_JaffaCakes118

Files

2e71a42467446d50def1061f951a3806_JaffaCakes118
.dll windows:4 windows x86 arch:x86

2f2e6ae9cd1013c4766c8a638bfbf9a7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

TrackPopupMenu
SetWindowPlacement
FillRect
EnumChildWindows
EndDialog
DispatchMessageA
CreateDialogParamA
wsprintfA

kernel32

ResetEvent
VirtualAlloc
SizeofResource
SetStdHandle
SetLastError
SetEvent
RtlUnwind
MultiByteToWideChar
CloseHandle
ExitProcess
FreeEnvironmentStringsA
GetCommandLineA
GetCommandLineW
GetConsoleOutputCP
GetEnvironmentStringsW
GetModuleHandleA
GetNumberFormatA
GetStartupInfoA
GetStdHandle
GetSystemTimeAsFileTime
GetVersionExA
GlobalUnlock
HeapAlloc
HeapCreate
HeapDestroy
HeapReAlloc

security

QuerySecurityPackageInfoW
FreeContextBuffer
MakeSignature

olepro32

OleTranslateColor

oleacc

GetStateTextW
CreateStdAccessibleProxyA
ObjectFromLresult

advapi32

CreatePrivateObjectSecurityEx
ConvertStringSDToSDRootDomainA
GetAccessPermissionsForObjectA
LookupAccountNameW
LsaSetQuotasForAccount
RegQueryValueExW
StartServiceCtrlDispatcherW

setupapi

SetupDiGetActualSectionToInstallExW

Sections

.text
Size: 42KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2f2e6ae9cd1013c4766c8a638bfbf9a7

Headers

File Characteristics

Imports

user32

kernel32

security

olepro32

oleacc

advapi32

setupapi

Sections

.text Size: 42KB - Virtual size: 44KB

.data Size: 9KB - Virtual size: 12KB

.rsrc Size: 1024B - Virtual size: 4KB

.reloc Size: 1024B - Virtual size: 4KB

.text
Size: 42KB - Virtual size: 44KB

.data
Size: 9KB - Virtual size: 12KB

.rsrc
Size: 1024B - Virtual size: 4KB

.reloc
Size: 1024B - Virtual size: 4KB