7ce3e683c63625f8cc42ff4d117fec19_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

7ce3e683c63625f8cc42ff4d117fec19_JaffaCakes118
Size

228KB
MD5

7ce3e683c63625f8cc42ff4d117fec19
SHA1

43de162d14fde1cffcc5fcff30e67e7cc9aba762
SHA256

e2635c25fa327cf23b9cd07557873c8f9e5ebc2d3b55317bfe2eac1816771a94
SHA512

b199e88529b38b83bf5507ecb70afe119f54056917fbae79bc7dcf0ff36c92befb3549885a3c2956d8104a3bdbee3099137f781beb82e5bfb30ab0018328e5a7
SSDEEP

6144:f0KMtYKQ2dbXkvZrYEI2Z2ZouyqOQAO/93S:8rtYKQ2xXkvZNZ/uyqnv3S

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7ce3e683c63625f8cc42ff4d117fec19_JaffaCakes118

Files

7ce3e683c63625f8cc42ff4d117fec19_JaffaCakes118
.dll windows:6 windows x86 arch:x86

c5282583f522b4ca9c88fb240470a5dc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetPrivateProfileIntA
GetPrivateProfileStringA
CloseHandle
GetCurrentProcessId
CreateToolhelp32Snapshot
Module32Next
GetStdHandle
AllocConsole
SetConsoleMode
GetConsoleScreenBufferInfo
SetConsoleScreenBufferSize
SetConsoleTitleA
InterlockedExchange
HeapCreate
VirtualProtect
HeapFree
GetCurrentProcess
InterlockedCompareExchange
Thread32Next
Thread32First
GetCurrentThreadId
SuspendThread
ResumeThread
Sleep
HeapReAlloc
HeapAlloc
GetThreadContext
GetProcAddress
GetModuleHandleW
FlushInstructionCache
SetThreadContext
OpenThread
VirtualFree
VirtualAlloc
VirtualQuery
SetEndOfFile
HeapSize
GetLastError
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
EncodePointer
DecodePointer
WideCharToMultiByte
MultiByteToWideChar
GetStringTypeW
LCMapStringW
GetLocaleInfoW
GetCPInfo
SetEvent
ResetEvent
WaitForSingleObjectEx
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
TerminateProcess
QueryPerformanceCounter
InitializeSListHead
RaiseException
RtlUnwind
InterlockedFlushSList
FreeLibrary
LoadLibraryExW
SetStdHandle
GetFileType
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
WriteFile
FlushFileBuffers
GetConsoleCP
GetConsoleMode
ReadFile
GetFileSizeEx
SetFilePointerEx
ReadConsoleW
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCommandLineA
GetCommandLineW
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetProcessHeap
CreateFileW
WriteConsoleW

user32

MessageBoxA

Sections

.text
Size: 151KB - Virtual size: 151KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c5282583f522b4ca9c88fb240470a5dc

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

Sections

.text Size: 151KB - Virtual size: 151KB

.rdata Size: 61KB - Virtual size: 61KB

.data Size: 4KB - Virtual size: 9KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 9KB - Virtual size: 9KB

.text
Size: 151KB - Virtual size: 151KB

.rdata
Size: 61KB - Virtual size: 61KB

.data
Size: 4KB - Virtual size: 9KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 9KB - Virtual size: 9KB