2fc5a80e6287229b6d4f7aeeaf5d76b1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2fc5a80e6287229b6d4f7aeeaf5d76b1_JaffaCakes118
Size

88KB
MD5

2fc5a80e6287229b6d4f7aeeaf5d76b1
SHA1

4b82096261fd9a082e4786cfa7129822392ade2a
SHA256

79b95477fc29d4c9d6a85371e13c33dda29a26409fb77b5dc7e53b99502ce67e
SHA512

e8cd54777fbc54c11e0d89b1c9d803dc4eceb5f279f7b369cb450aefde09b0bf969401069c12178d93cff0b9f371ec399968800796c77150fbafba82ef17cf3c
SSDEEP

1536:M9xFldhE6uuGs54Uo6WCz54PJ2E9P5ju7/a9Z9r:azldO6pmUoR8CJpPFuDa9Z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2fc5a80e6287229b6d4f7aeeaf5d76b1_JaffaCakes118

Files

2fc5a80e6287229b6d4f7aeeaf5d76b1_JaffaCakes118
.dll windows:4 windows x86 arch:x86

fa64e7181c750e864dfff693d04fb7f2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

imm32

ImmReleaseContext
ImmGetContext
ImmGetCompositionStringA

kernel32

OpenProcess
GetCurrentProcessId
WriteProcessMemory
ReadProcessMemory
VirtualQueryEx
GetModuleFileNameW
CreateFileMappingA
HeapFree
GetProcessHeap
UnmapViewOfFile
GetLocalTime
OpenFileMappingA
OutputDebugStringA
WideCharToMultiByte
HeapAlloc
GetTickCount
CopyFileA
GetPrivateProfileStringA
GetCurrentProcess
GlobalFree
GlobalUnlock
GlobalHandle
GlobalAlloc
GetSystemDirectoryA
DeleteFileA
CreateFileA
CloseHandle
WriteFile
GetModuleFileNameA
GetFileInformationByHandle
CreateThread
GetModuleHandleA
LoadLibraryA
GetProcAddress
VirtualProtect
InterlockedExchange
Sleep
GetFileSize
ReadFile
GlobalLock
GetTempPathA
MapViewOfFile

user32

GetDC
ReleaseDC
SetRect
SendMessageA
GetKeyState
GetWindowRect
PostThreadMessageA
DispatchMessageA
GetForegroundWindow
CallNextHookEx
UnhookWindowsHookEx
FindWindowExW
GetWindowThreadProcessId
GetWindowLongA
FindWindowExA
GetWindowTextA
MsgWaitForMultipleObjects
PeekMessageA
TranslateMessage

gdi32

GetObjectA
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
GetDeviceCaps
BitBlt
DeleteObject
GetDIBits
DeleteDC

shell32

SHGetSpecialFolderPathA

ole32

CoCreateInstance

avifil32

AVIMakeCompressedStream
AVISaveOptionsFree
AVIFileRelease
AVIStreamRelease
AVIFileExit
AVIStreamWrite
AVIFileInit
AVIFileOpenA
AVIFileCreateStreamA
AVIStreamSetFormat

msvfw32

ord2

winmm

waveInAddBuffer
waveInOpen
waveInClose
waveOutOpen
waveOutWrite
waveOutClose

shlwapi

SHGetValueA
SHSetValueA

msvcp60

??0_Lockit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ

msvcrt

abs
strftime
localtime
memcmp
strcmp
vsprintf
_memicmp
wcslen
atol
strcat
strchr
_access
_stricmp
atoi
fflush
fwrite
fclose
fopen
_mkdir
fseek
strncmp
printf
free
_ftol
_CIacos
srand
_wcsnicmp
_strlwr
_CIpow
_adjust_fdiv
malloc
rand
rename
strcpy
__dllonexit
_onexit
_stat
__CxxFrameHandler
memcpy
??2@YAPAXI@Z
memset
memmove
time
sprintf
strlen
strstr
strrchr
strncpy
_initterm

Exports

Exports

GetDLLVer
partInit

Sections

.text
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SHARDAT
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fa64e7181c750e864dfff693d04fb7f2

Headers

File Characteristics

Imports

version

imm32

kernel32

user32

gdi32

shell32

ole32

avifil32

msvfw32

winmm

shlwapi

msvcp60

msvcrt

Exports

Exports

Sections

.text Size: 47KB - Virtual size: 46KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 21KB - Virtual size: 42KB

.SHARDAT Size: 7KB - Virtual size: 6KB

.rsrc Size: 512B - Virtual size: 16B

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 47KB - Virtual size: 46KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 21KB - Virtual size: 42KB

.SHARDAT
Size: 7KB - Virtual size: 6KB

.rsrc
Size: 512B - Virtual size: 16B

.reloc
Size: 4KB - Virtual size: 4KB