f9a714d0983f2386bdf26afc1d7bd9fa_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f9a714d0983f2386bdf26afc1d7bd9fa_JaffaCakes118
Size

31KB
MD5

f9a714d0983f2386bdf26afc1d7bd9fa
SHA1

b62269c2194d159609680aee82d338373a3ab384
SHA256

33032a3e32943bb33206423e9e59add2b9835cfbd012c7f68bbb14e7e09e13e9
SHA512

e435ef880fb5396356caab6da18d68d49043e1269ecb28c6a31813e44ac52b1c189d9f5147ab15316af6533089f4ac096480d1be18e076885555d4b81bbc0d13
SSDEEP

768:Ln9BnurMH0Fwbszi/eG8L9tTuQgwZKY5Nu2Y2C7sE8p1c24wAnATh:LnHnurMH06Azi8L95uQgwZKY5Nu2Y2Cg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f9a714d0983f2386bdf26afc1d7bd9fa_JaffaCakes118

Files

f9a714d0983f2386bdf26afc1d7bd9fa_JaffaCakes118
.dll windows:6 windows x86 arch:x86

f7f068ed6211293dcf3926eeef66b64a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CopyFileW
CreateFileW
DeleteFileW
EnumSystemCodePagesW
FindClose
FindFirstFileA
FindFirstFileW
FindNextFileA
FindNextFileW
FreeLibrary
GetAtomNameW
GetConsoleAliasA
GetConsoleDisplayMode
GetFileAttributesExW
GetFileSize
GetLastError
GetProcessHeap
GetProcessHeaps
GetSystemDirectoryW
GlobalAlloc
HeapAlloc
HeapFree
HeapReAlloc
InterlockedExchangeAdd
MultiByteToWideChar
OpenWaitableTimerA
ReadConsoleInputW
ReadFile
SetLastError
WideCharToMultiByte
WritePrivateProfileStringA
lstrcatA
lstrcatW
lstrcpyA
lstrcpyW
lstrlenA
lstrlenW

wsock32

MigrateWinsockConfiguration
WSAIsBlocking
ord1107
WSASetBlockingHook
gethostbyname
ord1101
ord1103

ole32

CLIPFORMAT_UserSize
CLSIDFromProgID
HENHMETAFILE_UserFree
HGLOBAL_UserFree
HPALETTE_UserUnmarshal
OleCreateLinkFromDataEx
OleGetIconOfFile
ReleaseStgMedium
SNB_UserFree

winmm

joyGetPos
mmioStringToFOURCCW
waveInAddBuffer
waveInGetErrorTextW

rtutils

LogErrorA
RouterLogDeregisterW
TraceDumpExA
TraceGetConsoleA
TraceVprintfExW

crypt32

CertAddCTLContextToStore
CryptGetMessageCertificates
CryptSetOIDFunctionValue

resutils

ClusWorkerCheckTerminate
ResUtilDupString
ResUtilGetProperties
ResUtilIsPathValid
ResUtilSetBinaryValue
ResUtilSetMultiSzValue
ResUtilVerifyPropertyTable

advapi32

RegCloseKey
RegCreateKeyExW
RegDeleteValueW
RegSetValueExW

msvcrt

_adjust_fdiv
_initterm
free
malloc
memcpy
memset
swprintf
wcscmp

Exports

Exports

ogewuixxbm

Sections

.text
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 424B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 740B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f7f068ed6211293dcf3926eeef66b64a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

wsock32

ole32

winmm

rtutils

crypt32

resutils

advapi32

msvcrt

Exports

Exports

Sections

.text Size: 19KB - Virtual size: 18KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 5KB - Virtual size: 5KB

.rsrc Size: 512B - Virtual size: 424B

.reloc Size: 1024B - Virtual size: 740B

.text
Size: 19KB - Virtual size: 18KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 512B - Virtual size: 424B

.reloc
Size: 1024B - Virtual size: 740B