f3077059f543bd5bde8016cd1ee1facc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f3077059f543bd5bde8016cd1ee1facc_JaffaCakes118
Size

84KB
MD5

f3077059f543bd5bde8016cd1ee1facc
SHA1

7b624e858ed82d33e66c7126b72e23ad3d6d05be
SHA256

c78a151ab2070407126d91011737e5bcac5c0edb8d1ceda88c893be8f9fd4ac7
SHA512

944091510befc8ea0540be186194f898be64aeba34e1053e53f9ce246bc63f8696aa89b84a46c2aac6e38ee89d00740b1bc96f0e7ebb8a2073ffa8eabe2bcc09
SSDEEP

1536:uDiN8/EaR6ydUWPWbm4ka4JMyouBKaMk7bBAgYmAfRzBpMSvJo:umNoRPWq4mronhQ3YjBpRvS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f3077059f543bd5bde8016cd1ee1facc_JaffaCakes118

Files

f3077059f543bd5bde8016cd1ee1facc_JaffaCakes118
.dll windows:4 windows x86 arch:x86

08189f323110baf42b7967e4d8740d12

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualUnlock
ChangeTimerQueueTimer
LockResource
WaitForMultipleObjectsEx
GetSystemTime
ResetEvent
FindNextVolumeW
EscapeCommFunction
FormatMessageW
FindResourceExA
SetConsoleTextAttribute
GetCommModemStatus
IsProcessorFeaturePresent
FindVolumeClose
VirtualFree
SetEvent
GetNumberFormatW
RemoveDirectoryA
ResumeThread
GetThreadContext
GetFileAttributesExA
GetWindowsDirectoryW
SetVolumeLabelA
GetThreadPriority
ReadFileEx
SetConsoleActiveScreenBuffer
GetSystemInfo
lstrcpyA
DnsHostnameToComputerNameW
FindFirstChangeNotificationW
BeginUpdateResourceA
FlushViewOfFile
FreeResource
IsBadReadPtr
GetExitCodeProcess
GetComputerNameExW
RemoveDirectoryW
HeapUnlock
EnumResourceLanguagesA
SetHandleInformation
SetCommTimeouts
GetVolumeNameForVolumeMountPointW
RtlMoveMemory
TerminateProcess
GetEnvironmentVariableA
SetErrorMode
CopyFileExW
PulseEvent
WriteConsoleInputA
SetFileApisToOEM
lstrcatW
SetHandleCount
GetOverlappedResult
SetConsoleMode
CreateMutexW
GetCommConfig
FindVolumeMountPointClose
VirtualQueryEx
IsDBCSLeadByte
GetSystemPowerStatus
GetSystemTimeAdjustment
GetFileTime
HeapDestroy
GetBinaryTypeA
GetProfileIntW
OpenEventA
FindFirstFileA
IsBadStringPtrW
OpenSemaphoreA
VerSetConditionMask
TransmitCommChar
SetProcessWorkingSetSize
InitializeCriticalSection
GetTimeFormatW
CreateJobObjectW
AddAtomA
RegisterWaitForSingleObjectEx
FindFirstFileExW
SleepEx
GlobalFree
lstrcpyW
GetProfileStringW
ProcessIdToSessionId
CreateProcessW
GetModuleHandleW
LCMapStringA
GetLastError
GetComputerNameA
InterlockedExchange
GetModuleFileNameA
LocalFree
InterlockedDecrement
HeapFree
CreateProcessA
InitializeCriticalSectionAndSpinCount
MapViewOfFile
LoadLibraryA
CreateFileA
CreateFileMappingA
WriteFile
CreateMutexA
CreateDirectoryA
GetProcessHeap
CloseHandle
LeaveCriticalSection
GetProcAddress
Sleep
SetLastError
UnlockFile
HeapAlloc

shell32

ExtractIconW
SHGetFolderPathW
SHGetInstanceExplorer
DragQueryFileW
SHCreateShellItem
ShellExecuteExW
SHGetSpecialFolderPathW

gdi32

CreateDIBPatternBrushPt
CreateFontIndirectW
AddFontResourceA
SelectPalette
CombineRgn
PolyPolygon
SetTextJustification
PaintRgn
StretchBlt
SetArcDirection
SetMetaFileBitsEx
GetGlyphOutlineW
CreateDiscardableBitmap
GetWindowExtEx
CreateBrushIndirect
EnumMetaFile
PolyPolyline
EnumEnhMetaFile
GetEnhMetaFileBits
SetMagicColors
AnimatePalette
ExtFloodFill
IntersectClipRect
SetDIBits
GetRgnBox
GetBitmapBits
SetGraphicsMode
DeleteDC
EndPath
PolyBezier
GetCharABCWidthsA
TranslateCharsetInfo
SetColorAdjustment
PlayEnhMetaFileRecord
FillPath
CreateICW
OffsetViewportOrgEx
SetDIBColorTable
CreateFontA
SelectObject
RemoveFontResourceW
ExtTextOutA
GetCharacterPlacementA
GetEnhMetaFileHeader
GetNearestPaletteIndex
StretchDIBits
CreateBitmap
CreateDIBitmap
CreateDCA

Exports

Exports

eapMaplog

Sections

.text
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

08189f323110baf42b7967e4d8740d12

Headers

File Characteristics

Imports

kernel32

shell32

gdi32

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 58KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 8KB - Virtual size: 6KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 60KB - Virtual size: 58KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 6KB

.reloc
Size: 4KB - Virtual size: 2KB