394785ee2a4a29be463fcb2b4aaed03a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

394785ee2a4a29be463fcb2b4aaed03a_JaffaCakes118
Size

1.1MB
MD5

394785ee2a4a29be463fcb2b4aaed03a
SHA1

5f6c103bd0c5b29e8460719675946564eb655e8f
SHA256

1881cee29b41883d80e4266f23ecac73a5efa7883331af9af0e160fa3c5ec82b
SHA512

4354b41def881c1c11ad261bb10c15066c999d9b8858e0c95a4320154296a03a025eadca5980ee14ec026f2bc97763bf118902d1f23999ab5ae9cbac3114d49c
SSDEEP

24576:+T/7ZNdhLUDuxICtkCBgZgyI0D+ngwNrHc3xnOScA:YlxIVC2Z/6nVr83xnOScA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
394785ee2a4a29be463fcb2b4aaed03a_JaffaCakes118

Files

394785ee2a4a29be463fcb2b4aaed03a_JaffaCakes118
.dll windows:6 windows x86 arch:x86

61e391785804bf9f54224d866b992e11

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FindNextFileA
GetFullPathNameA
FindClose
GetTickCount
GetModuleHandleA
Sleep
GetProcAddress
GetModuleHandleW
InitializeCriticalSection
DeleteCriticalSection
GetCurrentProcess
GetStdHandle
WriteConsoleA
lstrlenA
ReadConsoleA
FreeConsole
K32GetModuleInformation
SetStdHandle
GetCurrentProcessId
VirtualProtect
GetTickCount64
QueryPerformanceFrequency
QueryPerformanceCounter
FindFirstFileA
GlobalLock
GlobalUnlock
FreeLibraryAndExitThread
DisableThreadLibraryCalls
CreateThread
CreateDirectoryW
SetEndOfFile
WriteConsoleW
HeapSize
CreateFileW
GetProcessHeap
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
FindNextFileW
FindFirstFileExW
HeapReAlloc
ReadConsoleW
DeleteFileW
GetPrivateProfileStringA
GlobalAlloc
WritePrivateProfileStringA
GetLastError
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
TryEnterCriticalSection
GetCurrentThreadId
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
EncodePointer
DecodePointer
MultiByteToWideChar
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
CloseHandle
SetEvent
ResetEvent
WaitForSingleObjectEx
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
InitializeSListHead
TerminateProcess
SignalObjectAndWait
SetThreadPriority
GetThreadPriority
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
RegisterWaitForSingleObject
UnregisterWait
GetCurrentThread
GetThreadTimes
FreeLibrary
GetModuleFileNameW
LoadLibraryExW
GetVersionExW
VirtualAlloc
VirtualFree
DuplicateHandle
ReleaseSemaphore
InterlockedPopEntrySList
InterlockedPushEntrySList
InterlockedFlushSList
QueryDepthSList
UnregisterWaitEx
CreateTimerQueue
LoadLibraryW
RtlUnwind
RaiseException
ReadFile
ExitProcess
GetModuleHandleExW
HeapFree
HeapAlloc
GetFileType
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
MoveFileExW
GetFileSizeEx
SetFilePointerEx
FlushFileBuffers
WriteFile
GetConsoleCP
GetConsoleMode

user32

CloseClipboard
EmptyClipboard
GetClipboardData
SetClipboardData
GetKeyState
LoadCursorA
ClientToScreen
OpenClipboard
SetCursor
GetClientRect
SetCursorPos
FlashWindowEx
SetWindowLongA
CallWindowProcA

imm32

ImmSetCompositionWindow
ImmGetContext

Sections

.text
Size: 576KB - Virtual size: 575KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 488KB - Virtual size: 487KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

61e391785804bf9f54224d866b992e11

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

imm32

Sections

.text Size: 576KB - Virtual size: 575KB

.rdata Size: 488KB - Virtual size: 487KB

.data Size: 14KB - Virtual size: 39KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 30KB - Virtual size: 30KB

.text
Size: 576KB - Virtual size: 575KB

.rdata
Size: 488KB - Virtual size: 487KB

.data
Size: 14KB - Virtual size: 39KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 30KB - Virtual size: 30KB