e729d9003f1b9e1176c2753a41cbcce3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e729d9003f1b9e1176c2753a41cbcce3_JaffaCakes118
Size

105KB
MD5

e729d9003f1b9e1176c2753a41cbcce3
SHA1

c76cce85d4dceea82f98f51fdc15718000f9b85d
SHA256

6583a4456d4a94b2642229d743558758bfa3f439bb7234478f859a30b8cad137
SHA512

e5c9ebcf804a5e795714921f807a835f5e18ec75cde9003f3a8c340baadc38396229bbed3a85f9a561bb34a200e80e14b0756409750cb4a73a3972882db27de3
SSDEEP

3072:C6myqkGkUS7gZPsTwvdbeeiIPMEwjComPlWamS4:C6myqkGA7gZPsT2dKUPMEWC5PlWJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e729d9003f1b9e1176c2753a41cbcce3_JaffaCakes118

Files

e729d9003f1b9e1176c2753a41cbcce3_JaffaCakes118
.dll windows:4 windows x86 arch:x86

04ac9926424e1e97e1965f6b3c05a24e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LocalLock
LocalUnlock
LocalFree
GetCurrentThreadId
GetModuleHandleA
GetModuleFileNameW
WriteFile
WideCharToMultiByte
CreateFileW
SetFileAttributesW
GetUserDefaultLCID
CreatePipe
CreateFileA
MultiByteToWideChar
SetLocalTime
GetCPInfo
GetOEMCP
GetProcAddress
GetFileAttributesW
IsValidCodePage
GetFileType
GetCurrentProcess
DuplicateHandle
SetEnvironmentVariableA
GetConsoleMode
SetConsoleMode
CloseHandle
GetFileAttributesA
TlsGetValue
LocalAlloc
GetLastError
ExitProcess
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
RtlUnwind
ReadConsoleInputA
SetStdHandle
HeapFree
GetProcessHeap
SetEnvironmentVariableW
GetEnvironmentVariableW
LoadLibraryExW
FormatMessageW
SearchPathW
FindResourceW
UnmapViewOfFile
CreateFileMappingW
MapViewOfFile
FindResourceExW
LoadResource
CreateDirectoryW
FreeLibrary
UnhandledExceptionFilter
TerminateProcess
SetUnhandledExceptionFilter
InterlockedExchange
SetLastError
GlobalFree
GlobalUnlock
GlobalDeleteAtom
GlobalAddAtomA
GlobalLock
GlobalAlloc
GlobalFindAtomA
lstrcpyA
GlobalSize
lstrlenA
lstrcmpiA
GlobalGetAtomNameA
lstrcatA
lstrcmpA
TlsSetValue
VirtualProtect

user32

SetWindowLongA
SetTimer
SetWindowWord
PostMessageA
CreateWindowExA
EnumPropsA
ExitWindowsEx
EnumChildWindows
GetWindow
IsWindow
RegisterClipboardFormatA
RegisterClassA
KillTimer
GetDesktopWindow
GetWindowThreadProcessId
GetClassNameA
MessageBoxW
LoadStringW
GetForegroundWindow
GetWindowLongA
GetParent
FreeDDElParam
UnpackDDElParam
PackDDElParam
DefWindowProcA
SendMessageA
RemovePropA
GetPropA
DestroyWindow
SetPropA

advapi32

RegOpenKeyA
RegQueryValueA
AdjustTokenPrivileges
LookupPrivilegeValueW
OpenProcessToken
RegCloseKey

gdi32

CopyEnhMetaFileA
SetBitmapBits
GetObjectA
GetBitmapBits
DeleteMetaFile
DeleteObject
DeleteEnhMetaFile
CreateBitmap

msvcrt

_except_handler3
_adjust_fdiv
malloc
free
_onexit
__dllonexit
_wcsnicmp
_vsnwprintf
wcschr
_cexit
exit
_wcmdln
_initterm
srand
rand
time

msvcp60

?cout@std@@3V?$basic_ostream@DU?$char_traits@D@std@@@1@A
?cin@std@@3V?$basic_istream@DU?$char_traits@D@std@@@1@A
??5?$basic_istream@DU?$char_traits@D@std@@@std@@QAEAAV01@AAH@Z
??6std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@0@AAV10@PBD@Z
?endl@std@@YAAAV?$basic_ostream@DU?$char_traits@D@std@@@1@AAV21@@Z
??1_Winit@std@@QAE@XZ
??0_Winit@std@@QAE@XZ
??1Init@ios_base@std@@QAE@XZ
??0Init@ios_base@std@@QAE@XZ
??6?$basic_ostream@DU?$char_traits@D@std@@@std@@QAEAAV01@H@Z

Sections

.text
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

04ac9926424e1e97e1965f6b3c05a24e

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

msvcrt

msvcp60

Sections

.text Size: 64KB - Virtual size: 63KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 30KB - Virtual size: 59KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 64KB - Virtual size: 63KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 30KB - Virtual size: 59KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 3KB