2e9d48885e9425edaeaaf9904be3b34f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2e9d48885e9425edaeaaf9904be3b34f_JaffaCakes118
Size

100KB
MD5

2e9d48885e9425edaeaaf9904be3b34f
SHA1

60849feae08c49a2dc610d8819d8c719676d3e69
SHA256

e822977f65ecf725a0287e9ea421486433176bcae79c6ac1fce7d8a828ce299d
SHA512

4c8e620e681b2fb425ddb607205c1c8b162dccd55b17fd9c9c20d3390148ffcd2b8178c4d8d2c716f0b744e101806898eddf0c33b9ef4025de1bc548abf9322b
SSDEEP

1536:2kMmDuz/24zEWTYZBxImN10lxoCKR2cd8ZVtb/m88saBrFRk3HvyvQjcGN7+2T68:2kzA24z3Mg0R2C89bu8DorFcyojcit5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2e9d48885e9425edaeaaf9904be3b34f_JaffaCakes118

Files

2e9d48885e9425edaeaaf9904be3b34f_JaffaCakes118
.dll windows:5 windows x86 arch:x86

c060c6122a1aca72fd4ec68796a01dd9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetFileType
LockResource
GetModuleHandleA
LocalSize
CloseHandle
LocalFree
SuspendThread
ResumeThread
SetFileAttributesA
GetProcAddress
FreeLibrary
InterlockedExchange
GetLastError
LoadLibraryA
RaiseException
LocalReAlloc
GetFileAttributesA
HeapDestroy
GetProcessHeap
LockFile
UnlockFile
CompareFileTime
SystemTimeToFileTime
GlobalAddAtomA
LoadResource
GetCommandLineW
FindResourceW
lstrcmpA
FindResourceA
lstrcpyA
GetSystemTime
VirtualProtectEx
MulDiv
SetFileTime
ExpandEnvironmentStringsA
GetModuleHandleW
SetEnvironmentVariableW
GetCurrentProcess
GetFileInformationByHandle
WaitForMultipleObjects
LocalAlloc

user32

IsCharAlphaNumericA
GetWindow
SetClipboardViewer
UpdateWindow
GetClipboardViewer
SetWindowPos
SetCursorPos
MessageBoxA
GetDC
OpenIcon
EndPaint
SetWindowRgn
DrawTextW
GetParent
IsWindowEnabled
SetParent
BeginPaint
TranslateMessage
GetWindowTextW
PeekMessageA
TranslateAcceleratorA
SetClassLongA
GetWindowRgn
CreateWindowExW
DispatchMessageA
ValidateRgn
CallWindowProcA
SetWindowTextW
SetMessageQueue
GetMessageTime
GetMessagePos
GetClassLongA
MoveWindow
GetWindowLongW
GetClassWord
SwitchToThisWindow

gdi32

DPtoLP
GetCharWidthA
GetTextMetricsW
SetDCPenColor
Chord
GetPixel
RestoreDC
GetDeviceCaps
UnrealizeObject
DeleteObject
CreateCompatibleDC
GetObjectW
GetDCPenColor
SetTextJustification

advapi32

RevertToSelf
ImpersonateNamedPipeClient
ImpersonateSelf
GetOldestEventLogRecord
GetEventLogInformation
DeregisterEventSource
WriteEncryptedFileRaw
CloseEncryptedFileRaw
GetTokenInformation
ReportEventW

Exports

Exports

_AssignRelativeData@12
_CreateRelativeData@4
_DeleteRelativeData@16
_GetSizeOfRelativeData@4
_SeekRelativeData@4

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

GLOBAL
Size: 512B - Virtual size: 248B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

IMPORTS
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

CONST
Size: 512B - Virtual size: 560B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

TLS
Size: 512B - Virtual size: 128B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 80KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 840B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c060c6122a1aca72fd4ec68796a01dd9

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Exports

Exports

Sections

.text Size: 13KB - Virtual size: 12KB

GLOBAL Size: 512B - Virtual size: 248B

IMPORTS Size: 3KB - Virtual size: 3KB

CONST Size: 512B - Virtual size: 560B

TLS Size: 512B - Virtual size: 128B

.rsrc Size: 80KB - Virtual size: 80KB

.reloc Size: 1024B - Virtual size: 840B

.text
Size: 13KB - Virtual size: 12KB

GLOBAL
Size: 512B - Virtual size: 248B

IMPORTS
Size: 3KB - Virtual size: 3KB

CONST
Size: 512B - Virtual size: 560B

TLS
Size: 512B - Virtual size: 128B

.rsrc
Size: 80KB - Virtual size: 80KB

.reloc
Size: 1024B - Virtual size: 840B