2e05f6d048c750091f84383783d63360_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2e05f6d048c750091f84383783d63360_JaffaCakes118
Size

128KB
MD5

2e05f6d048c750091f84383783d63360
SHA1

52ca2e6e2ee17ce1ea836b4ad6e39e2d6f339602
SHA256

6460398eca7933e0f856592625af527d880b3e327a6afbb59f8d7fa42a878617
SHA512

6395798a5099627d11036ae159a47f6f95513b7fa60c29dd23c0642b8d4f7b18e67f4be58462249a73b2d322b04345d9d23fb79153c6fbb115075d310e590aec
SSDEEP

1536:RQS3YyRekhq10fcFy2wkw+M9EpeERm/TEzf7FWE/l8vR1HMxASGqml3:Z3Yy5hqishRGyeE8/TEzf7FD851sxa3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e05f6d048c750091f84383783d63360_JaffaCakes118

Files

2e05f6d048c750091f84383783d63360_JaffaCakes118
.dll windows:4 windows x86 arch:x86

5bc61840795a3f452fd2b1261b087254

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileW
GetACP
SetEnvironmentVariableW
FillConsoleOutputAttribute
SetConsoleCursorPosition
WideCharToMultiByte
WriteConsoleOutputW
ReadConsoleOutputW
GetConsoleCP
GetEnvironmentVariableA
MultiByteToWideChar
SetConsoleActiveScreenBuffer
SetEvent
WriteFile
GetLargestConsoleWindowSize
ScrollConsoleScreenBufferW
WriteConsoleOutputCharacterW
IsDBCSLeadByte
ReadConsoleInputA
ReadConsoleInputW
SetConsoleMode
CreateEventW
SetConsoleCtrlHandler
ExitProcess
CreateThread
GetCurrentProcess
TerminateProcess
LocalAlloc
SetConsoleTitleW
LocalFree
WriteConsoleW
ResetEvent
WaitForSingleObject
UnhandledExceptionFilter
InterlockedIncrement
InterlockedDecrement
Sleep
VirtualAlloc
GetSystemInfo
VirtualFree
InterlockedCompareExchange
GetSystemDirectoryA
CreateFileA
lstrcmpiA
lstrcpynA
lstrlenW
HeapDestroy
ReadFile
GetTickCount
DisableThreadLibraryCalls
GetProcAddress
GetModuleHandleA
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentVariableW
GetConsoleScreenBufferInfo
SetConsoleScreenBufferSize
SetConsoleWindowInfo
GetCommandLineA
SetUnhandledExceptionFilter
VirtualProtect

user32

CreateWindowExW
PostMessageW
IsCharAlphaW
IsCharAlphaNumericW
LoadStringW
TranslateMessage
CharNextA
GetMessageW
DispatchMessageW
RegisterClassW
GetWindowLongW
GetKeyboardType
DestroyWindow
SetRectEmpty

advapi32

LookupAccountSidW
GetUserNameW
RegEnumKeyExA
RegDeleteValueA
RegDeleteKeyA
RegCloseKey

ole32

CoCreateInstanceEx
CoUninitialize
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateFreeThreadedMarshaler
CoInitializeEx

rpcrt4

I_RpcMapWin32Status
NdrClientCall2
RpcStringFreeW
RpcBindingFromStringBindingW
RpcStringBindingComposeW
RpcBindingFree

msvcrt

_adjust_fdiv
realloc
memmove
_stricmp
_wtoi64
memset
wcsncmp
toupper
_wcsicmp
iswctype
_wcsnicmp
_wtoi
malloc
free
calloc
memchr
strncmp
_initterm
_strnicmp
atoi
_except_handler3
memcpy
exit

Sections

.text
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5bc61840795a3f452fd2b1261b087254

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

rpcrt4

msvcrt

Sections

.text Size: 108KB - Virtual size: 107KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 36KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 108KB - Virtual size: 107KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 36KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 3KB