faff4d30ed2d7f3579519687b929c3ce_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

faff4d30ed2d7f3579519687b929c3ce_JaffaCakes118
Size

84KB
MD5

faff4d30ed2d7f3579519687b929c3ce
SHA1

abb8ed5550176775f25c664820ddcd46177bb391
SHA256

6ccdc8fce696f8219986bf8765e228bbd91500284938d0808f3db43f12fb5be2
SHA512

d59f81fab4435ba341a53063dbaf8ee8e55286e794cc14c1c739e941a18e1785db3d6d72575aa046e32e534b834b0a4cece42a8da84a9dd057b75e1960f2da9a
SSDEEP

1536:O6GQh5AhhnO6Qcd/GK3LZtHrGtyYCc5trbu4FIATUV1Uv:OFdhhjTd/GK3LZxeDm4FIATUV1S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
faff4d30ed2d7f3579519687b929c3ce_JaffaCakes118

Files

faff4d30ed2d7f3579519687b929c3ce_JaffaCakes118
.dll windows:4 windows x86 arch:x86

1281bab5fa275533c318ff7aa1405747

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

EnumSystemLocalesA
TerminateThread
GetCurrencyFormatA
SearchPathW
CompareFileTime
GlobalAlloc
FindFirstFileA
IsWow64Process
CreatePipe
FindActCtxSectionStringW
SetWaitableTimer
VerifyVersionInfoA
DeleteFileW
GlobalFindAtomA
GetDriveTypeW
FindNextChangeNotification
GetConsoleCP
UpdateResourceA
SetConsoleTitleA
lstrcmpiW
ProcessIdToSessionId
GetTapeParameters
WriteProcessMemory
FatalAppExitA
LocalSize
CreateWaitableTimerA
GetVersionExW
FindFirstFileExW
ResumeThread
GetDriveTypeA
LocalReAlloc
SetConsoleWindowInfo
GetVolumeInformationW
GlobalAddAtomA
GetFileInformationByHandle
SystemTimeToFileTime
HeapReAlloc
RtlMoveMemory
SwitchToThread
SleepEx
WTSGetActiveConsoleSessionId
ReleaseActCtx
IsBadReadPtr
lstrlenW
GetLastError
GetSystemTimeAsFileTime
GetProcessHeap
CreateProcessA
HeapAlloc
GetModuleFileNameA
CreateFileMappingA
lstrlenA
CreateFileA
GetVolumeInformationA
LoadLibraryA
WriteFile
GetSystemDirectoryA
GetProcAddress
QueueUserAPC
GetCurrentProcessId

ole32

CreateDataAdviseHolder
CoCreateInstance
CoGetMalloc
CoQueryProxyBlanket
CoInitializeEx
OleDestroyMenuDescriptor
GetHGlobalFromStream
CoLockObjectExternal
PropVariantCopy
PropVariantClear
CoReleaseMarshalData
OleCreateLink
OleLoadFromStream
CoSwitchCallContext
OleCreateMenuDescriptor
CoInitialize
CoTaskMemAlloc

user32

LoadAcceleratorsA
LoadCursorW
GetSysColorBrush
GetDlgCtrlID
CharPrevW
DestroyAcceleratorTable
OpenDesktopW
ValidateRect
GetQueueStatus
CharLowerW
CreateAcceleratorTableW
OpenIcon
CallWindowProcW
DialogBoxParamW
DefMDIChildProcA
wvsprintfW
IsWindowEnabled
SendNotifyMessageA
GetTopWindow
InSendMessage
GetWindowTextW
DrawTextA
GetInputState
CheckMenuItem
MessageBoxIndirectW
EndDialog
MapVirtualKeyA
GetWindowLongA
MonitorFromPoint
SubtractRect
ScreenToClient
CallWindowProcA
FillRect
RegisterHotKey
GetMenuItemCount
GetClassInfoExA
SetDlgItemTextA
BeginDeferWindowPos
SendMessageTimeoutA
CopyImage
PostMessageW
SendInput
MoveWindow
BringWindowToTop
IsRectEmpty
RemovePropW
DefDlgProcA
IsDialogMessageA
WindowFromPoint
SetWindowRgn
GetForegroundWindow
GetKeyNameTextA
CreateDialogParamA
CreateCaret
SetMenu
EnableWindow
GetUpdateRgn
DispatchMessageW
GetClassNameA
GetParent
PostMessageA
GetMessageA
ChildWindowFromPoint

oleaut32

SysReAllocString

shlwapi

PathIsUNCW
PathSkipRootW
PathUndecorateW
StrDupA
PathIsPrefixW
StrRChrW
StrCmpNW
StrCmpNIW
PathGetCharTypeW
PathParseIconLocationW
UrlCombineW
UrlUnescapeW
PathIsUNCServerW
SHDeleteKeyW

advapi32

RegCreateKeyExA
RegCloseKey
RegSetValueExA
GetInheritanceSourceW
RegCreateKeyA
RegisterServiceCtrlHandlerExW
RegQueryValueExW
OpenEventLogW
QueryServiceStatus
ImpersonateLoggedOnUser
ChangeServiceConfigW
LockServiceDatabase
RegConnectRegistryW
RegDeleteKeyW
SetTokenInformation
DeregisterEventSource
RegisterServiceCtrlHandlerA
ChangeServiceConfigA
CloseEventLog
GetOldestEventLogRecord
ImpersonateAnonymousToken
ImpersonateSelf
ElfRegisterEventSourceW
RegCreateKeyExW
RegQueryValueExA

Exports

Exports

mfcnet64

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1281bab5fa275533c318ff7aa1405747

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

shlwapi

advapi32

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 59KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 8KB - Virtual size: 6KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 60KB - Virtual size: 59KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 6KB

.reloc
Size: 4KB - Virtual size: 2KB