2540ddea844c96e61460392a8ee573ae_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2540ddea844c96e61460392a8ee573ae_JaffaCakes118
Size

165KB
MD5

2540ddea844c96e61460392a8ee573ae
SHA1

00dc35ed966fa42a059fad7fbbfd68a6532c62f5
SHA256

959cb34ef9b205cced80b3542e4d16e55ac91596b7cfa4ba4deb1bd3dac1f57d
SHA512

e2633eb593847268d355d9a86d9243eb1619f037cffb334315c850c0d93490ace588a909c145a5590e6a9ff766289da5fa3eaa451489531db34fdc661bad2965
SSDEEP

3072:q54comcMbgFbXoczloK0Js2a5kZwFmlGgaJZE:M4comcDF0wloK0OCZa1gaf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2540ddea844c96e61460392a8ee573ae_JaffaCakes118

Files

2540ddea844c96e61460392a8ee573ae_JaffaCakes118
.dll windows:4 windows x86 arch:x86

8af4e55ef5fa2af138decdfea757c9b9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FindNextFileA
DeleteFileA
FindFirstFileA
GetTempFileNameA
GetTempPathA
FreeLibrary
GetProcAddress
LoadLibraryA
UnmapViewOfFile
GetLastError
MapViewOfFile
CreateFileMappingA
GetFileSize
lstrcmpA
SetLastError
SetFileAttributesA
CopyFileA
Sleep
OpenEventA
GetVolumeInformationA
GetDriveTypeA
ExitProcess
GetModuleHandleA
GetModuleFileNameA
SetFilePointer
ReadFile
CreateProcessA
GetSystemTime
GetSystemDirectoryA
SetFileTime
lstrcatA
WriteFile
GetLocalTime
GetPrivateProfileStringA
FindClose
GetWindowsDirectoryW
GetEnvironmentVariableW
GetComputerNameW
GetTimeZoneInformation
MultiByteToWideChar
lstrcatW
lstrlenW
GetVersionExA
GetComputerNameA
WaitForSingleObject
ResumeThread
TerminateProcess
lstrcpyA
GetTickCount
FileTimeToSystemTime
GetWindowsDirectoryA
GetEnvironmentVariableA
CreateDirectoryA
CreateMutexA
ReleaseMutex
OutputDebugStringA
GetFileTime
SetEnvironmentVariableA
CompareStringW
CompareStringA
GetStringTypeW
GetStringTypeA
CreateFileA
lstrlenA
GetFileInformationByHandle
CloseHandle
FileTimeToLocalFileTime
FileTimeToDosDateTime
GetFileAttributesA
GetTempPathW
IsBadCodePtr
IsBadReadPtr
GetOEMCP
GetACP
GetCPInfo
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
HeapAlloc
HeapFree
GetFileType
EnterCriticalSection
LeaveCriticalSection
RaiseException
RtlUnwind
CreateThread
TlsSetValue
TlsGetValue
ExitThread
InterlockedDecrement
InterlockedIncrement
GetCommandLineA
GetVersion
GetCurrentProcess
HeapReAlloc
HeapSize
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
InitializeCriticalSection
DeleteCriticalSection
GetCurrentThreadId
TlsAlloc
TlsFree
SetStdHandle
SetEndOfFile
SetHandleCount
GetStdHandle
GetStartupInfoA
FlushFileBuffers
SetUnhandledExceptionFilter
UnhandledExceptionFilter
WideCharToMultiByte
LCMapStringA
LCMapStringW

user32

DefWindowProcA
wsprintfA
RegisterClassExA
CreateWindowExA
SendMessageA
CharLowerBuffA
wsprintfW
GetMessageA
TranslateMessage
DispatchMessageA

advapi32

RegEnumValueA
RegDeleteValueA
RegCreateKeyA
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
RegCloseKey

rpcrt4

UuidToStringA
UuidCreate
RpcStringFreeA

ws2_32

inet_ntoa
gethostbyname
WSAStartup
WSACleanup

Exports

Exports

AddAtomS
AddAtomT
Entry

Sections

.text
Size: 126KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 18KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8af4e55ef5fa2af138decdfea757c9b9

Headers

File Characteristics

Imports

kernel32

user32

advapi32

rpcrt4

ws2_32

Exports

Exports

Sections

.text Size: 126KB - Virtual size: 125KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 18KB - Virtual size: 28KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 10KB - Virtual size: 9KB

.text
Size: 126KB - Virtual size: 125KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 18KB - Virtual size: 28KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 10KB - Virtual size: 9KB