0a5bf1ae63c3dde48571b23243f0ecbe_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0a5bf1ae63c3dde48571b23243f0ecbe_JaffaCakes118
Size

5.4MB
MD5

0a5bf1ae63c3dde48571b23243f0ecbe
SHA1

d364cce9a533d6dc1d61ce0f4d9dd496dcc5cfc6
SHA256

da24d95978e1ffa2d186d65bbc2d4d7a3a8a55cfe90c9ba6e7dbaec62c23190e
SHA512

2596c751c42921364d8ce12fcf1586cd9180ed781d708cc8e1063fe0d28481514087927e692305cf2eae9a9d1f6e757813bc6217243ff8c3f3aca6096e2b0eec
SSDEEP

49152:RZfrOJBoPChCZqbnj5P7Hp2AS4G1/yDgMf59zPxKcvHzDB6t3+C0/aJfyLg7Ie4W:i7hnFyyDgB2642o7lft7u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a5bf1ae63c3dde48571b23243f0ecbe_JaffaCakes118

Files

0a5bf1ae63c3dde48571b23243f0ecbe_JaffaCakes118
.dll windows:6 windows x64 arch:x64

5cd3b93388ffdf3f2f27af6ba86bdc15

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_HIGH_ENTROPY_VA
IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

FreeLibrary
Sleep
LoadLibraryA
GetProcAddress
OpenFileMappingA
CreateMutexA
WaitForSingleObject
MultiByteToWideChar
GetModuleHandleA
UnmapViewOfFile
ReleaseMutex
CloseHandle
Beep
MapViewOfFile
OutputDebugStringA
WriteConsoleW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
SetEvent
ResetEvent
WaitForSingleObjectEx
CreateEventW
GetModuleHandleW
RtlCaptureContext
RtlLookupFunctionEntry
RtlVirtualUnwind
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
WideCharToMultiByte
GetStringTypeW
EncodePointer
DecodePointer
SetLastError
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
CompareStringW
LCMapStringW
GetLocaleInfoW
GetCPInfo
VirtualProtect
InitializeCriticalSection
LoadLibraryW
GetLastError
RtlPcToFileHeader
RaiseException
RtlUnwindEx
InterlockedFlushSList
LoadLibraryExW
GetCurrentProcess
TerminateProcess
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
HeapFree
HeapAlloc
GetStdHandle
GetFileType
GetDateFormatW
GetTimeFormatW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetExitCodeProcess
CreateProcessW
GetFileAttributesExW
GetTimeZoneInformation
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
GetProcessHeap
FlushFileBuffers
WriteFile
GetConsoleCP
GetConsoleMode
ReadFile
GetFileSizeEx
SetFilePointerEx
ReadConsoleW
HeapReAlloc
SetStdHandle
HeapSize
CreateFileW
RtlUnwind

user32

SetRect
FillRect
IsWindowVisible
GetCursorPos

d3dx11_43

D3DX11CompileFromMemory

d3dcompiler_43

D3DReflect
D3DGetInputSignatureBlob

opengl32

wglGetProcAddress

gdi32

DeleteObject
GetCurrentObject
GetObjectW
CreateSolidBrush

Exports

Exports

?Xn81SLZobHz7FUpjAk6qLw5PSfkL0ssyP89MLp72mtAwaig02OMNHdLVZGwZq0oiqSFHS70utSVthWUuV8y0Q5LRLmZvOMbw4Ba@@YA_KPEAX@Z
FW1CreateFactory

Sections

.text
Size: 886KB - Virtual size: 886KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1.5MB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 229KB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

_RDATA
Size: 512B - Virtual size: 148B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2.7MB - Virtual size: 2.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5cd3b93388ffdf3f2f27af6ba86bdc15

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

d3dx11_43

d3dcompiler_43

opengl32

gdi32

Exports

Exports

Sections

.text Size: 886KB - Virtual size: 886KB

.rdata Size: 1.5MB - Virtual size: 1.5MB

.data Size: 229KB - Virtual size: 2.4MB

.pdata Size: 31KB - Virtual size: 31KB

_RDATA Size: 512B - Virtual size: 148B

.rsrc Size: 2.7MB - Virtual size: 2.7MB

.reloc Size: 16KB - Virtual size: 15KB

.text
Size: 886KB - Virtual size: 886KB

.rdata
Size: 1.5MB - Virtual size: 1.5MB

.data
Size: 229KB - Virtual size: 2.4MB

.pdata
Size: 31KB - Virtual size: 31KB

_RDATA
Size: 512B - Virtual size: 148B

.rsrc
Size: 2.7MB - Virtual size: 2.7MB

.reloc
Size: 16KB - Virtual size: 15KB