f72d1d083118c2e6f4b4a6a35580f546_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f72d1d083118c2e6f4b4a6a35580f546_JaffaCakes118
Size

80KB
MD5

f72d1d083118c2e6f4b4a6a35580f546
SHA1

b1386aadd353032b82f53ab9023f5750d67993ae
SHA256

c025535acc0082531829f8534eb7684f94ae62f7b195f5215271341f6f0fdeaf
SHA512

6dc38915332f9a3078b724c5ccf246c7410529562f1c6f395f4ec09dc62ead32b3eaf93bc77fcda9257b1643d1d42f0bf5f561bfd73664594aed261e44e4f9f0
SSDEEP

1536:qgfKGi+lIgmz8YMnZOBL+8Z5lSgyuRCbFF/xjGFbQAzJ2ctzFwmxfSkO031BMOmF:qgfKGRuh8Y8pk0gyuuj/xjG5QAzJ2ctp

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f72d1d083118c2e6f4b4a6a35580f546_JaffaCakes118

Files

f72d1d083118c2e6f4b4a6a35580f546_JaffaCakes118
.dll windows:4 windows x86 arch:x86

b673c35e8c0092d6e35056068194b938

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InterlockedDecrement
LocalFree
GetProcAddress
VirtualProtect
HeapAlloc
SetLastError
MapViewOfFile
GetSystemTimeAsFileTime
WriteFile
GetCommandLineA
GetVolumeInformationA
InterlockedExchange
GetProcessHeap
UnmapViewOfFile
LoadLibraryA
GetModuleFileNameA
GetCurrentProcessId
CopyFileA
VirtualQuery
GetTickCount
InterlockedCompareExchange
CloseHandle
WriteConsoleA
ReadFileEx
IsDBCSLeadByteEx
HeapUnlock
SetEnvironmentVariableA
SetProcessWorkingSetSize
EndUpdateResourceA
GetComputerNameW
HeapValidate
CreateMailslotW
GetSystemDirectoryW
SetComputerNameExW
GetProfileStringA
BackupWrite
FindFirstVolumeW
DeleteFileA
FindNextChangeNotification
DosDateTimeToFileTime
EnumResourceNamesW
ReadConsoleA
SetConsoleMode
GetLogicalDriveStringsA
GetUserDefaultUILanguage
LocalReAlloc
GetCPInfo
SetInformationJobObject
DeleteVolumeMountPointW
GetCurrentActCtx
SetConsoleTitleA
PeekConsoleInputA
GetFileInformationByHandle
GetFullPathNameW
PeekConsoleInputW
ReadFile
GetWindowsDirectoryW
DeleteCriticalSection
SetCurrentDirectoryW
GetCalendarInfoW
CreateIoCompletionPort
SetHandleInformation
GetDiskFreeSpaceExW
WaitForSingleObjectEx
LocalHandle
DeleteFileW
CallNamedPipeA
GetDefaultCommConfigW
DeleteTimerQueue
GlobalReAlloc
GetCommConfig
FreeLibraryAndExitThread
ResetEvent
AddRefActCtx
LCMapStringW
WriteFileEx
LoadResource
PulseEvent
TerminateThread
SetConsoleCursorPosition
ActivateActCtx
GetEnvironmentStrings
ClearCommError
CopyFileExW
RegisterWaitForSingleObjectEx
GetLongPathNameW
WaitNamedPipeW
SetConsoleCtrlHandler
lstrcpyW

ole32

CoCreateFreeThreadedMarshaler
CoQueryProxyBlanket
GetHGlobalFromStream
OleCreate
CreatePointerMoniker
CoFileTimeNow
CoEnableCallCancellation
CreateGenericComposite
CreateDataCache
OleLoad
StgIsStorageFile
OleCreateMenuDescriptor
CoCreateInstanceEx
DoDragDrop
CoImpersonateClient
StringFromGUID2
StgIsStorageILockBytes
CreateAntiMoniker
CreateDataAdviseHolder
CoDisableCallCancellation
CoAddRefServerProcess
RevokeDragDrop
OleGetAutoConvert
CoCreateInstance
CoUninitialize
CoInitialize
CoInitializeEx
CoTaskMemFree

oleaut32

SysAllocString
SysFreeString
SysReAllocStringLen
SysAllocStringLen

shell32

SHBindToParent
SHGetFolderPathA
SHAppBarMessage
SHGetMalloc
ShellAboutA
DragQueryFileA
ShellExecuteExA
CommandLineToArgvW

Exports

Exports

QuickUserOffice

Sections

.text
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b673c35e8c0092d6e35056068194b938

Headers

File Characteristics

Imports

kernel32

ole32

oleaut32

shell32

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 58KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 8KB - Virtual size: 6KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 60KB - Virtual size: 58KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 8KB - Virtual size: 6KB

.reloc
Size: 4KB - Virtual size: 2KB