2e2559800c80c22f0f162bd5ed4ce472_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2e2559800c80c22f0f162bd5ed4ce472_JaffaCakes118
Size

42KB
MD5

2e2559800c80c22f0f162bd5ed4ce472
SHA1

ba3017e4ae404ba29c398789dde53a77102e0bbf
SHA256

7b6981b6c91f7b2f83e045cf64a2032d3297a436fa9afbedd2ac9c0be734060d
SHA512

71dde1dcebf38e320bb29b51aa882301fa01775f6ef5bffcd1a13bc2d3315f2d85bdb947ca84eb8da8aed2e481758149ffcb6e63293cd2053f7e3adc12f69f3d
SSDEEP

768:77KU/UwfSFNUm4WZFQydil/gV5uA+jiEL6M1iKGk75e:vB/HWUnQ+aNV5uA+jiEL6MoKGkle

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e2559800c80c22f0f162bd5ed4ce472_JaffaCakes118

Files

2e2559800c80c22f0f162bd5ed4ce472_JaffaCakes118
.dll windows:4 windows x86 arch:x86

160368e5b946f430cb37be382deff156

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeLibrary
MultiByteToWideChar
GetLastError
lstrlenA
GetModuleFileNameA
InterlockedDecrement
InterlockedIncrement
DisableThreadLibraryCalls
GetVersionExA
VirtualFree
VirtualAlloc
lstrcpyA
SetEvent
TerminateThread
CloseHandle
CreateThread
CreateEventA
WaitForSingleObject
DeleteCriticalSection
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection

advapi32

RegCloseKey
RegOpenKeyExA
RegDeleteKeyA
RegEnumKeyExA
RegSetValueExA
RegSetValueA
RegCreateKeyA
RegQueryValueExA

gdi32

SetWindowOrgEx
SetViewportOrgEx
ModifyWorldTransform
SetGraphicsMode
SaveDC
CreateFontIndirectA
GetDIBits
SetBkMode
RestoreDC
SetBkColor
CreateDIBSection
CreateCompatibleDC
SelectObject
DeleteObject
CreateSolidBrush
SetTextColor
TextOutW
TextOutA
DeleteDC
GetSystemPaletteEntries
GetTextMetricsA

msvcrt

_purecall
??3@YAXPAX@Z
__CxxFrameHandler
??2@YAPAXI@Z

ole32

CoInitialize
CoUninitialize
StringFromGUID2
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
CoFreeUnusedLibraries

user32

SetWindowLongA
CreateDialogParamA
MoveWindow
InvalidateRect
ShowWindow
DestroyWindow
DefWindowProcA
LoadStringA
LoadStringW
GetWindowRect
GetDesktopWindow
GetWindowLongA
wsprintfA
CheckRadioButton
CheckDlgButton
IsDlgButtonChecked
GetDlgItem
SendMessageA
SetRectEmpty
FillRect
UnionRect
GetDC
CopyRect
IsRectEmpty
SetRect
ReleaseDC

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 684B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 7KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

160368e5b946f430cb37be382deff156

Headers

File Characteristics

Imports

kernel32

advapi32

gdi32

msvcrt

ole32

user32

Sections

.text Size: 32KB - Virtual size: 31KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 684B

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: - Virtual size: 7KB

.text
Size: 32KB - Virtual size: 31KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 684B

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: - Virtual size: 7KB