515356a46335e6e0c4360c242531581f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

515356a46335e6e0c4360c242531581f_JaffaCakes118
Size

2.0MB
MD5

515356a46335e6e0c4360c242531581f
SHA1

ebbb147eb2806bb9a41bd4b0eb39f04ba0d58c74
SHA256

7e110923f3d5c0022e92882b0a164d7e1ea920652e7f65476df24962909a5a36
SHA512

643eb230828881fc2d2a5a8628825ffb82eca5392257af9cbe21af3da6f3498ae72aedfc98cf3fa2138a7c0e2832f9cc6dfacc9bce0d479ce5a85aae467a1e85
SSDEEP

49152:7VSui/1HLnGgDNctxuodyAWvUSNnzQRldUyf0UaMASW:5GHLGgDNcbuodyAWvHJzQ/dBn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
515356a46335e6e0c4360c242531581f_JaffaCakes118

Files

515356a46335e6e0c4360c242531581f_JaffaCakes118
.dll windows:6 windows x86 arch:x86

33baabd6ebcc319c948eaed1366ecbe5

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualAlloc
VirtualQuery
Sleep
AddVectoredExceptionHandler
GetProcAddress
GetTickCount64
MultiByteToWideChar
Beep
VirtualProtect
GetModuleHandleA
GetModuleFileNameA
QueryPerformanceFrequency
QueryPerformanceCounter
GlobalAlloc
GlobalLock
GlobalUnlock
GetCommandLineA
WriteConsoleW
HeapSize
GetCurrentProcess
GetProcessHeap
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetOEMCP
GetACP
IsValidCodePage
HeapReAlloc
ReadConsoleW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
HeapAlloc
HeapFree
GetConsoleMode
GetConsoleCP
WriteFile
VirtualFree
SetStdHandle
WriteProcessMemory
CreateDirectoryW
CreateFileW
DeleteFileW
FindClose
FindFirstFileExW
FindNextFileW
GetFileAttributesExW
GetFileInformationByHandle
RemoveDirectoryW
SetEndOfFile
SetFilePointerEx
AreFileApisANSI
CloseHandle
GetLastError
SetLastError
GetModuleHandleW
WideCharToMultiByte
FormatMessageW
EnterCriticalSection
LeaveCriticalSection
TryEnterCriticalSection
DeleteCriticalSection
GetCurrentThreadId
InitializeCriticalSectionAndSpinCount
CreateEventW
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
GetTickCount
EncodePointer
DecodePointer
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
SetEvent
ResetEvent
WaitForSingleObjectEx
UnhandledExceptionFilter
SetUnhandledExceptionFilter
TerminateProcess
IsProcessorFeaturePresent
IsDebuggerPresent
GetStartupInfoW
GetCurrentProcessId
InitializeSListHead
SignalObjectAndWait
CreateThread
SetThreadPriority
GetThreadPriority
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
RegisterWaitForSingleObject
UnregisterWait
GetCurrentThread
GetThreadTimes
FreeLibrary
FreeLibraryAndExitThread
GetModuleFileNameW
LoadLibraryExW
GetVersionExW
DuplicateHandle
ReleaseSemaphore
InterlockedPopEntrySList
InterlockedPushEntrySList
InterlockedFlushSList
QueryDepthSList
UnregisterWaitEx
CreateTimerQueue
LoadLibraryW
RtlUnwind
RaiseException
ReadFile
ExitProcess
GetModuleHandleExW
GetFileSizeEx
GetStdHandle
GetFileType
FlushFileBuffers

user32

SetWindowLongW
CallWindowProcW
FlashWindowEx
OpenClipboard
CloseClipboard
EmptyClipboard
GetClipboardData
SetClipboardData
GetKeyState
ClientToScreen
LoadCursorW
SetCursor
GetClientRect
SetCursorPos
GetAsyncKeyState
FindWindowW

d3dx9_43

D3DXAssembleShader

winmm

PlaySoundA

imm32

ImmSetCompositionWindow
ImmGetContext

Sections

.text
Size: 965KB - Virtual size: 965KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 957KB - Virtual size: 957KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 59KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

33baabd6ebcc319c948eaed1366ecbe5

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

d3dx9_43

winmm

imm32

Sections

.text Size: 965KB - Virtual size: 965KB

.rdata Size: 957KB - Virtual size: 957KB

.data Size: 28KB - Virtual size: 140KB

.reloc Size: 59KB - Virtual size: 59KB

.text
Size: 965KB - Virtual size: 965KB

.rdata
Size: 957KB - Virtual size: 957KB

.data
Size: 28KB - Virtual size: 140KB

.reloc
Size: 59KB - Virtual size: 59KB