2e2c6f3fff3a53d65eb8558a3fe9211e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2e2c6f3fff3a53d65eb8558a3fe9211e_JaffaCakes118
Size

50KB
MD5

2e2c6f3fff3a53d65eb8558a3fe9211e
SHA1

1607f244db27de3a4222c405a2bfbb8694dfc49a
SHA256

d804e163f150ae7a06f356e6a8f68efdc7f90aa4aa4652aa10708cbc2c5ceabe
SHA512

fde69478a4b8cf75194af261636658a49ffe1151177d2e2daf93d708a7bd7946613197a893f2009d1326e9b6860a3b7b4a2771ce2e52b2b8c959eff600d47e35
SSDEEP

1536:wcrok/sBklrd6RreVVSpm94ZDL2XnmJFTepH9pN:wW1OQVVSpYqDL8nmipHl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e2c6f3fff3a53d65eb8558a3fe9211e_JaffaCakes118

Files

2e2c6f3fff3a53d65eb8558a3fe9211e_JaffaCakes118
.dll windows:5 windows x86 arch:x86

619a3c63e8fdbb7af1005fa17d4ae49b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

psapi

GetModuleFileNameExW

wininet

InternetSetOptionW
InternetCloseHandle
InternetReadFile
HttpSendRequestA
InternetOpenW
InternetConnectW
HttpOpenRequestW
InternetQueryOptionW
HttpQueryInfoW
HttpOpenRequestA
InternetConnectA
HttpQueryInfoA
HttpAddRequestHeadersA
InternetOpenA
DeleteUrlCacheEntryA
DeleteUrlCacheEntryW
HttpSendRequestW

ntdll

_chkstk
memcpy
strncpy
strtoul
memset

gdiplus

GdipBitmapLockBits
GdipBitmapUnlockBits
GdiplusStartup
GdipGetImageGraphicsContext
GdipDrawImageI
GdipCreateBitmapFromStream
GdipGetImagePalette
GdipGetImagePaletteSize
GdipGetImagePixelFormat
GdipGetImageHeight
GdipGetImageWidth
GdipDisposeImage
GdipCloneImage
GdipFree
GdipAlloc
GdipCreateBitmapFromScan0
GdipDeleteGraphics

kernel32

GetExitCodeThread
WideCharToMultiByte
lstrcpynA
lstrcatA
GetLastError
lstrcpynW
GetTickCount
MoveFileExW
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
InterlockedExchange
CreateFileMappingW
MapViewOfFile
lstrcmpiA
lstrcpyA
FreeLibrary
UnmapViewOfFile
GetLocalTime
VirtualProtect
WriteProcessMemory
lstrlenA
SetEvent
lstrcmpW
Sleep
lstrcmpiW
FindResourceW
LoadResource
SizeofResource
LockResource
ExpandEnvironmentStringsW
CreateFileW
WriteFile
CreateThread
GetModuleFileNameW
CloseHandle
GetModuleHandleW
GetModuleHandleA
GetProcAddress
GetTempPathW
GetTempFileNameW
CopyFileW
LocalAlloc
LocalFree
CreateDirectoryW
GetStartupInfoW
GetFileSize
DeleteFileW
lstrcpyW
lstrlenW
Process32NextW
TerminateProcess
OpenProcess
Process32FirstW
CreateToolhelp32Snapshot
ReadFile
SetFilePointer
GetModuleFileNameA
GetModuleHandleExW
WaitForSingleObject
GetCurrentThreadId
CreateEventW
LoadLibraryW
lstrcatW

user32

IsCharAlphaNumericW
wsprintfA
wsprintfW
GetClassNameW
GetKeyboardState
ToAscii
GetWindowTextW
SetWindowsHookExA
PostThreadMessageW
GetMessageW
UnhookWindowsHookEx
PostQuitMessage
CallNextHookEx

gdi32

GetStockObject
CreateDIBSection
SetDIBColorTable
GetPixel
SelectObject
GetObjectW
DeleteDC
CreateCompatibleDC

advapi32

RegOpenKeyExW
CryptAcquireContextW
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash
CryptReleaseContext
RegEnumKeyExW
RegQueryValueExW
RegCloseKey

ole32

CreateStreamOnHGlobal

Exports

Exports

AetModuleFileNameExA
AetModuleFileNameExW
DelayInstall
GetStockObject

Sections

.text
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

619a3c63e8fdbb7af1005fa17d4ae49b

Headers

DLL Characteristics

File Characteristics

Imports

psapi

wininet

ntdll

gdiplus

kernel32

user32

gdi32

advapi32

ole32

Exports

Exports

Sections

.text Size: 33KB - Virtual size: 33KB

.rdata Size: 5KB - Virtual size: 5KB

.data Size: 1KB - Virtual size: 3KB

.rsrc Size: 6KB - Virtual size: 6KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 33KB - Virtual size: 33KB

.rdata
Size: 5KB - Virtual size: 5KB

.data
Size: 1KB - Virtual size: 3KB

.rsrc
Size: 6KB - Virtual size: 6KB

.reloc
Size: 2KB - Virtual size: 1KB