f59bbcb6f2ea5d7bb91085e041738318_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f59bbcb6f2ea5d7bb91085e041738318_JaffaCakes118
Size

477KB
MD5

f59bbcb6f2ea5d7bb91085e041738318
SHA1

836d01e78b28d0fc8c72dd24ad2e69e43023935d
SHA256

fe8067abb3c536e5f94c74f4c5102f3fc58e8fd4dc0b87f305710b9a33582447
SHA512

30e8d694e4e885e224d50a3c22e704c112266bb1efd8e876a98bc33f44c2a6308f016f032fc77be5a9f80a7b097a2ecbbaf6aea928776638f1fcff2430a4eccb
SSDEEP

12288:i/0AlMggrnLmkuyOdXpKeB4DpzH5TKcf7p:i/DlMggzLmkrOXpKeB4DpzZTV7p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f59bbcb6f2ea5d7bb91085e041738318_JaffaCakes118

Files

f59bbcb6f2ea5d7bb91085e041738318_JaffaCakes118
.dll windows:6 windows x86 arch:x86

2f1ce0219bdd004f36b59e5cfb6a0d9b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateEventW
CreateSemaphoreA
DeleteCriticalSection
DuplicateHandle
EnterCriticalSection
ExitProcess
ExpandEnvironmentStringsW
FlushInstructionCache
FormatMessageW
FreeLibrary
FreeLibraryAndExitThread
GetConsoleOutputCP
GetConsoleScreenBufferInfo
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetEnvironmentVariableA
GetExitCodeThread
GetFileAttributesW
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetModuleHandleExW
GetProcAddress
GetStdHandle
GetSystemInfo
GetThreadContext
GetTickCount
GetTimeZoneInformation
GlobalMemoryStatus
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
LoadLibraryW
LocalFree
LockFileEx
MultiByteToWideChar
OpenThread
QueryPerformanceCounter
QueryPerformanceFrequency
RaiseException
ReleaseSemaphore
ResumeThread
RtlCaptureContext
SetEndOfFile
SetEvent
Sleep
SuspendThread
SwitchToThread
SystemTimeToTzSpecificLocalTime
TerminateProcess
TerminateThread
TryEnterCriticalSection
TzSpecificLocalTimeToSystemTime
VerSetConditionMask
VerifyVersionInfoW
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WaitForSingleObject
WideCharToMultiByte
WriteFile
lstrlenW

vcruntime140

__CxxFrameHandler3
__current_exception
__current_exception_context
__processing_throw
memchr
memcmp
memcpy
memmove
memset

advapi32

RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegEnumValueW
RegFlushKey
RegOpenKeyExW
RegOpenKeyW
RegQueryInfoKeyW
RegQueryValueExW
RegSetValueExW

ws2_32

WSACleanup
WSAGetLastError
WSAIoctl
WSAStartup
accept
bind
closesocket
connect
gethostbyaddr
gethostbyname
getpeername
getprotobyname
getprotobynumber
getservbyname
getservbyport
getsockname
getsockopt
htonl
inet_addr
inet_ntoa
ioctlsocket
listen
ntohl
ntohs
recv
recvfrom
send
sendto
setsockopt
shutdown
socket

ucrtbase

__acrt_iob_func
__stdio_common_vfprintf
__stdio_common_vfscanf
__stdio_common_vfwprintf
__stdio_common_vfwscanf
__stdio_common_vsprintf
__stdio_common_vsscanf
__stdio_common_vswprintf
__stdio_common_vswscanf
_beginthreadex
_errno
_fdopen
_fgetc_nolock
_fileno
_fputc_nolock
_fputwc_nolock
_fseeki64
_ftelli64
_get_osfhandle
_initterm
_initterm_e
_localtime32
_lock_file
_tzset
_unlock_file
_wfopen
_wopen
abort
calloc
exit
fclose
ferror
fflush
fgetc
floor
fopen
fputc
fread
free
fseek
ftell
fwrite
getenv
isspace
log10
malloc
putchar
qsort
realloc
set_terminate
strerror
strlen
strtod
toupper
wcslen

Sections

.text
Size: 318KB - Virtual size: 317KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 98KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.minfo
Size: 1024B - Virtual size: 672B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 237B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 26KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2f1ce0219bdd004f36b59e5cfb6a0d9b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

vcruntime140

advapi32

ws2_32

ucrtbase

Sections

.text Size: 318KB - Virtual size: 317KB

.rdata Size: 98KB - Virtual size: 98KB

.data Size: 32KB - Virtual size: 32KB

.minfo Size: 1024B - Virtual size: 672B

.tls Size: 512B - Virtual size: 237B

.reloc Size: 26KB - Virtual size: 25KB

.text
Size: 318KB - Virtual size: 317KB

.rdata
Size: 98KB - Virtual size: 98KB

.data
Size: 32KB - Virtual size: 32KB

.minfo
Size: 1024B - Virtual size: 672B

.tls
Size: 512B - Virtual size: 237B

.reloc
Size: 26KB - Virtual size: 25KB