e836c6fb83da66b7b620cde4effdc03e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

e836c6fb83da66b7b620cde4effdc03e_JaffaCakes118
Size

93KB
MD5

e836c6fb83da66b7b620cde4effdc03e
SHA1

8a953ed4d82e4b15c023fbd3207b25060a2afd38
SHA256

87a3bbd5ca72346393efbb5c2a9b3800f4d38e56bb9d9c2a36edbb48f448da37
SHA512

9af4ff24e42521265459ff123228957edebf4bb4445eea4d79db6a10e0bbf655b1b6fb0c4cf6459d26a2e035e62f26ce4cb066d359a8fdeb85e47229df43a3f0
SSDEEP

1536:Mk23aww6z5IFHSjBENQntHfxq1AOeGFPtx0DPRssbXih3lRfDBdgalA/Xu:s3azlSFtHpq/e2n+uLh3lBj2/Xu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e836c6fb83da66b7b620cde4effdc03e_JaffaCakes118

Files

e836c6fb83da66b7b620cde4effdc03e_JaffaCakes118
.dll windows:4 windows x86 arch:x86

038852ab3d7116a992ba3ac277d5a5d8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

AllocateAndInitializeSid
FreeSid
GetLengthSid
InitializeAcl
InitializeSecurityDescriptor
RegCloseKey
RegCreateKeyA
RegCreateKeyExA
RegDeleteValueA
RegOpenKeyA
RegOpenKeyExA
RegQueryValueExA
RegSetKeySecurity
RegSetValueExA
SetSecurityDescriptorDacl

winmm

mixerGetDevCapsA
mixerGetID
mixerGetNumDevs
mixerOpen
waveInGetDevCapsA
waveInGetNumDevs
mixerClose

setupapi

SetupDiSetClassInstallParamsA
SetupDiGetDeviceInterfaceDetailA
SetupDiGetDeviceInstanceIdA
SetupDiGetClassDevsA
SetupDiEnumDeviceInterfaces
SetupDiEnumDeviceInfo
SetupDiDestroyDeviceInfoList
SetupDiCallClassInstaller

kernel32

lstrlenA
lstrcpyA
lstrcmpiA
lstrcmpA
WriteFile
WinExec
WideCharToMultiByte
WaitForSingleObject
WaitForMultipleObjects
VirtualFree
VirtualAlloc
UnhandledExceptionFilter
TerminateProcess
Sleep
SetHandleCount
SetEvent
CloseHandle
CreateEventA
CreateFileA
CreateMutexA
CreateProcessA
DeviceIoControl
ExitProcess
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetACP
GetCPInfo
GetCommandLineA
GetCurrentProcess
GetEnvironmentStringsA
GetEnvironmentStringsW
GetFileType
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeW
GetVersion
GetVersionExA
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
LCMapStringA
LCMapStringW
LoadLibraryA
LocalAlloc
LocalFree
MultiByteToWideChar
RtlUnwind
SearchPathA

user32

TranslateMessage
TrackPopupMenu
SystemParametersInfoA
ShowWindow
SetForegroundWindow
SendMessageA
ReleaseDC
RegisterClassA
CreatePopupMenu
CreateWindowExA
DefWindowProcA
DestroyMenu
DispatchMessageA
GetClassNameA
GetCursorPos
GetDC
GetDesktopWindow
GetMenuCheckMarkDimensions
GetMessageA
GetSysColor
GetWindow
InsertMenuItemA
LoadCursorA
LoadIconA
LoadImageA
LoadStringA
PostMessageA
PostQuitMessage

Sections

.text
Size: 79KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

038852ab3d7116a992ba3ac277d5a5d8

Headers

File Characteristics

Imports

advapi32

winmm

setupapi

kernel32

user32

Sections

.text Size: 79KB - Virtual size: 80KB

.data Size: 9KB - Virtual size: 12KB

.rsrc Size: 1KB - Virtual size: 4KB

.reloc Size: 2KB - Virtual size: 4KB

.text
Size: 79KB - Virtual size: 80KB

.data
Size: 9KB - Virtual size: 12KB

.rsrc
Size: 1KB - Virtual size: 4KB

.reloc
Size: 2KB - Virtual size: 4KB