ed0dd190a3c077aa93da1884fab5b4df_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ed0dd190a3c077aa93da1884fab5b4df_JaffaCakes118
Size

59KB
MD5

ed0dd190a3c077aa93da1884fab5b4df
SHA1

9353d33f930b52347d982118f4af0c4846e2944c
SHA256

1ef90b782a7351386b755180570e0fe5237227d4d78dd7ca719b40918cc3167e
SHA512

bdc62a66f912f70b3dffa4942b5633a103ad3fcb83b138f728dd81703b92f5eb6815b32a0d4ee2bee3632125348c8fef1d37dc7a36b60b75326c99e32e2c1eb8
SSDEEP

1536:Au2E86lmu6y0G2Yiw6CmU94T2TcztiTE:AfYm/zhwDmdqSO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ed0dd190a3c077aa93da1884fab5b4df_JaffaCakes118

Files

ed0dd190a3c077aa93da1884fab5b4df_JaffaCakes118
.dll windows:5 windows x86 arch:x86

26dd8f90833c42595de30ff2e6a7705d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

imagehlp

ImageNtHeader
BindImageEx
ImageRvaToSection

kernel32

OpenProcess
DeleteFileA
VirtualFree
IsProcessorFeaturePresent
VirtualQuery
WaitForMultipleObjects
VirtualQueryEx
FindClose
WriteProcessMemory
GetCommandLineA
GetTempPathA
SetFilePointer
VirtualAlloc
GetVersion
SetCurrentDirectoryA
SetEndOfFile
MapViewOfFile
WideCharToMultiByte
WritePrivateProfileStructA
ReadFile
GetCurrentThread
lstrcmpA
OutputDebugStringA
SetFileAttributesA
GetPriorityClass
SetPriorityClass
ResumeThread
FindFirstFileA
VirtualProtectEx
GlobalAlloc
GetPrivateProfileStringA
IsBadReadPtr
VirtualUnlock
GetModuleFileNameA
WriteFile
CreateFileMappingA
CloseHandle
TerminateProcess
lstrlenA
WritePrivateProfileStringA
GetCurrentDirectoryA
CreateFileA
GetCurrentProcessId
GetModuleHandleA
FindNextFileA
CreatePipe
VirtualLock
lstrlenW
UnmapViewOfFile

user32

LoadCursorA
GetAsyncKeyState
MessageBeep
FindWindowA
SendMessageA
CallWindowProcA
wvsprintfA
GetSysColorBrush
EnableWindow
SetClipboardData
CharLowerA
OpenClipboard
CloseClipboard
CreatePopupMenu
SetFocus
AppendMenuA
DestroyCursor
EndDialog
IsIconic
CheckRadioButton
GetWindowDC
EnumClipboardFormats
CheckMenuRadioItem
wsprintfA
SetForegroundWindow
SendDlgItemMessageA
EmptyClipboard
IsZoomed
GetClassInfoA
LoadBitmapA
DestroyMenu

mqpetscc

_Rteps
_LExp
_LPoly
_LXbig
_FDenorm
_FNan
_FDtest
_FXbig
_Strxfrm
_FExp
_Cosh
_Stof
_Getctype
_Sinh
_LDtest
_Eps
_FDscale
_Stold
_LDenorm
_Inf
_Xbig
_Stod
_FRteps
_FInf
_Getcoll
_FSnan

msvcrt

_timezone
mktime
gmtime
sprintf
free
realloc
malloc
strchr
strncmp

gdi32

SetTextColor
SetBkMode
GetDeviceCaps

shell32

SHGetFileInfoA
DragQueryFileA
DragAcceptFiles

comctl32

ImageList_Create
ImageList_Destroy
ImageList_Remove
ImageList_ReplaceIcon
InitCommonControlsEx

advapi32

RegCreateKeyExA
RegDeleteKeyA
OpenProcessToken

comdlg32

GetSaveFileNameA

Exports

Exports

CreateProcessNotify
calcsdtc

Sections

.text
Size: 50KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

26dd8f90833c42595de30ff2e6a7705d

Headers

File Characteristics

Imports

imagehlp

kernel32

user32

mqpetscc

msvcrt

gdi32

shell32

comctl32

advapi32

comdlg32

Exports

Exports

Sections

.text Size: 50KB - Virtual size: 52KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 2KB - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 50KB - Virtual size: 52KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB