2e412874f5a8d00f6551d8ff0dd32c25_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2e412874f5a8d00f6551d8ff0dd32c25_JaffaCakes118
Size

250KB
MD5

2e412874f5a8d00f6551d8ff0dd32c25
SHA1

02361f29a163ac80053df7b089af2d5abcfa8dc9
SHA256

742bcf3e5f7c2e26373c277e634f32b1ac2f5b85f0a1cc1b9a543ed3913b8d61
SHA512

581455af2cb65932ba132cf9b4376f6e4dbe6f4bab479ff79c6425385f8d43a28698bc92053cd2f482c76a9ad9876fb6e64df00405aeafa1d87ed0c3bd2562af
SSDEEP

6144:8HHY/I2jPMCOK1SVXjxu/i6sfNvvtjTINdGn:8H4TrMCOIyXjxu1sfdvtjTedG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e412874f5a8d00f6551d8ff0dd32c25_JaffaCakes118

Files

2e412874f5a8d00f6551d8ff0dd32c25_JaffaCakes118
.dll windows:5 windows x86 arch:x86

445ecc6de0e04707c8cc6615f1107639

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateFileA
lstrcpyA
lstrlenA
GetWindowsDirectoryA
GetVersion
BackupSeek
CancelIo
CopyFileA
CopyFileW
CreateFileMappingW
CreateIoCompletionPort
CreateSemaphoreW
CreateTapePartition
CreateToolhelp32Snapshot
DeleteFileA
EnumCalendarInfoW
EnumDateFormatsW
EnumResourceTypesA
EnumSystemCodePagesW
EnumSystemLocalesA
EnumTimeFormatsA
EnumUILanguagesA
FatalExit
FileTimeToDosDateTime
FindCloseChangeNotification
FindFirstVolumeMountPointA
FindNextVolumeW
FormatMessageA
GetAtomNameA
GetCompressedFileSizeW
GetComputerNameExW
GetConsoleAliasA
GetConsoleAliasExesLengthA
GetConsoleAliasesW
GetConsoleOutputCP
GetConsoleTitleW
GetDefaultCommConfigW
GetDiskFreeSpaceA
GetDiskFreeSpaceExA
GetEnvironmentVariableA
GetFileAttributesExA
GetFullPathNameW
GetLocaleInfoA
GetPrivateProfileStringA
GetProcessIoCounters
GetProcessPriorityBoost
GetProcessTimes
GetStdHandle
GetStringTypeExW
ExitProcess
GetSystemPowerStatus
GetTempFileNameW
GetVolumeNameForVolumeMountPointW
GetVolumePathNameW
GlobalDeleteAtom
GlobalFix
GlobalSize
Heap32ListNext
IsBadCodePtr
LocalFileTimeToFileTime
LocalReAlloc
LocalUnlock
LockResource
MoveFileA
MoveFileExW
OpenEventW
OpenThread
QueryInformationJobObject
ReadConsoleInputW
ReplaceFile
ReplaceFileA
ReplaceFileW
ResetEvent
ResumeThread
ScrollConsoleScreenBufferA
SetConsoleCursorPosition
SetConsoleTitleA
SetFileAttributesW
SetLastError
SetProcessAffinityMask
SetSystemTimeAdjustment
SetTapeParameters
SetThreadContext
SetThreadExecutionState
SetupComm
SwitchToThread
SystemTimeToFileTime
SystemTimeToTzSpecificLocalTime
TerminateThread
TransactNamedPipe
UnhandledExceptionFilter
UnlockFileEx
VerSetConditionMask
WriteProfileSectionW
WriteProfileStringA
_llseek
_lopen
lstrcmpiW
lstrcpy
GetSystemInfo
VirtualAlloc

user32

AttachThreadInput
BeginDeferWindowPos
BeginPaint
CallMsgFilterA
ChangeDisplaySettingsA
CharLowerA
CharToOemA
CheckDlgButton
ChildWindowFromPoint
ClientToScreen
CloseWindowStation
CopyAcceleratorTableW
CountClipboardFormats
CreateIconIndirect
CreateWindowStationW
DdeEnableCallback
DdeFreeStringHandle
DdeQueryNextServer
DefDlgProcA
DefFrameProcW
DialogBoxParamW
DlgDirListA
DrawEdge
DrawTextExA
DrawTextExW
EnumDisplayDevicesA
EnumDisplaySettingsExW
EnumWindowStationsA
FindWindowExW
GetAsyncKeyState
GetClassInfoExW
GetClassInfoW
GetClassLongA
GetClassLongW
GetClassNameA
GetClipboardOwner
GetDlgItemTextA
GetGUIThreadInfo
GetKeyNameTextW
GetKeyboardLayout
GetKeyboardType
GetLastInputInfo
GetMenuCheckMarkDimensions
GetMenuContextHelpId
GetMenuInfo
GetParent
GetScrollRange
GetTopWindow
GetWindowLongW
IMPGetIMEW
IMPQueryIMEW
ImpersonateDdeClientWindow
IntersectRect
IsClipboardFormatAvailable
IsDialogMessageW
LoadAcceleratorsW
LoadCursorFromFileA
LoadCursorW
LoadKeyboardLayoutW
MessageBoxIndirectA
MonitorFromWindow
OemToCharA
PackDDElParam
PeekMessageA
RealGetWindowClass
RegisterHotKey
RegisterWindowMessageA
RemoveMenu
ScrollDC
ScrollWindowEx
SendInput
SendMessageA
SetActiveWindow
SetForegroundWindow
SetLayeredWindowAttributes
SetMenu
SetMessageExtraInfo
SetParent
SetWinEventHook
SetWindowContextHelpId
SetWindowPos
SetWindowTextW
ShowCaret
ShowOwnedPopups
SubtractRect
SwitchToThisWindow
SystemParametersInfoA
ToUnicode
UnregisterDeviceNotification
UnregisterHotKey
ValidateRgn
WINNLSEnableIME
wvsprintfA
LoadBitmapA
ArrangeIconicWindows

advapi32

RegOpenKeyExW

ole32

CLSIDFromString
CoAddRefServerProcess
CoBuildVersion
CoCreateFreeThreadedMarshaler
CoCreateGuid
CoFreeUnusedLibraries
CoGetApartmentID
CoGetCallContext
CoGetClassVersion
CoGetInterfaceAndReleaseStream
CoGetMarshalSizeMax
CoInitializeEx
CoIsOle1Class
CoMarshalInterThreadInterfaceInStream
CoQueryReleaseObject
CoRegisterMessageFilter
CoRegisterSurrogateEx
CoRevertToSelf
CoSwitchCallContext
CoTaskMemAlloc
CoTaskMemRealloc
CoTestCancel
CoUnloadingWOW
CoUnmarshalInterface
CreateAntiMoniker
CreateBindCtx
CreateDataCache
CreateFileMoniker
CreateItemMoniker
CreateObjrefMoniker
CreatePointerMoniker
CreateStreamOnHGlobal
DoDragDrop
FmtIdToPropStgName
HACCEL_UserFree
HACCEL_UserMarshal
HACCEL_UserSize
HBITMAP_UserFree
HBRUSH_UserMarshal
HDC_UserMarshal
HENHMETAFILE_UserMarshal
HENHMETAFILE_UserSize
HGLOBAL_UserMarshal
HICON_UserUnmarshal
HMENU_UserMarshal
HMENU_UserSize
HMENU_UserUnmarshal
HMETAFILEPICT_UserMarshal
HPALETTE_UserUnmarshal
HWND_UserSize
HkOleRegisterObject
IsAccelerator
MkParseDisplayName
OleConvertIStorageToOLESTREAM
OleConvertOLESTREAMToIStorage
OleCreate
OleCreateFromData
OleCreateFromFileEx
OleCreateLinkToFile
OleCreateLinkToFileEx
OleGetClipboard
OleInitialize
OleLoad
OleLoadFromStream
OleNoteObjectVisible
OleQueryLinkFromData
OleRegEnumFormatEtc
OleRegEnumVerbs
OleRegGetUserType
OpenOrCreateStream
ReadClassStm
ReadStringStream
RevokeDragDrop
SNB_UserFree
SNB_UserMarshal
SNB_UserSize
STGMEDIUM_UserSize
STGMEDIUM_UserUnmarshal
StgConvertPropertyToVariant
StgOpenStorageEx
StringFromGUID2
UpdateDCOMSettings
UtConvertDvtd16toDvtd32
UtConvertDvtd32toDvtd16
WriteOleStg

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text2
Size: 234KB - Virtual size: 234KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 68B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

445ecc6de0e04707c8cc6615f1107639

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

Sections

.text Size: 9KB - Virtual size: 9KB

.text2 Size: 234KB - Virtual size: 234KB

.data Size: 512B - Virtual size: 68B

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 9KB - Virtual size: 9KB

.text2
Size: 234KB - Virtual size: 234KB

.data
Size: 512B - Virtual size: 68B

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 2KB - Virtual size: 1KB