b271cbe6c34c81ce58557c9605d2a2fd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b271cbe6c34c81ce58557c9605d2a2fd_JaffaCakes118
Size

157KB
MD5

b271cbe6c34c81ce58557c9605d2a2fd
SHA1

520d3d9f61a7550eb0c595cd48eb9f03e8098183
SHA256

f24e98166dec896b4cc339d14fbc1c145ffb1bd907ae29f98292a78ae24df38e
SHA512

23a5cff9bacd90e47cff4a72e309e5555670cefdb76ed268327c4bfefdf164a107f8ef94d3f5f828683954a36a47ae4af48b2d6821953fcc6d33cc13075dd5b8
SSDEEP

3072:4crcPXUUhkacnTj7OL2E0rG8BNcBNrVqHI1g:0PL6acH6Sn5mCo1g

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b271cbe6c34c81ce58557c9605d2a2fd_JaffaCakes118

Files

b271cbe6c34c81ce58557c9605d2a2fd_JaffaCakes118
.dll windows:6 windows x86 arch:x86

884c351764062a2a8fd45e0231b264df

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WideCharToMultiByte
MultiByteToWideChar
ExitProcess
GlobalLock
GlobalAlloc
Sleep
GlobalUnlock
GetProcAddress
DisableThreadLibraryCalls
GetDiskFreeSpaceA
GetSystemInfo
GetModuleHandleA
CreateThread
IsBadCodePtr
SetEnvironmentVariableA
CreateFileW
GetStringTypeW
LCMapStringW
CompareStringW
HeapReAlloc
HeapSize
OutputDebugStringW
GetFileAttributesExW
CreateProcessA
GetExitCodeProcess
WaitForSingleObject
CloseHandle
RtlUnwind
GetLastError
HeapFree
EncodePointer
DecodePointer
GetModuleHandleExW
AreFileApisANSI
GetCommandLineA
GetCurrentThreadId
IsDebuggerPresent
IsProcessorFeaturePresent
GetProcessHeap
HeapAlloc
RaiseException
SetStdHandle
GetFileType
EnterCriticalSection
LeaveCriticalSection
WriteFile
GetConsoleCP
GetConsoleMode
DeleteCriticalSection
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
InitializeCriticalSectionAndSpinCount
GetCurrentProcess
TerminateProcess
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
GetStdHandle
GetModuleFileNameW
LoadLibraryExW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetModuleFileNameA
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetFilePointerEx
WriteConsoleW
FlushFileBuffers

user32

GetCursorPos
SetRect
GetAsyncKeyState
GetForegroundWindow
ScreenToClient
SetClipboardData
CloseClipboard
GetKeyState
MessageBeep
MessageBoxA
EmptyClipboard
OpenClipboard

d3dx9_43

D3DXCreateFontA

Sections

.text
Size: 96KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 47KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

884c351764062a2a8fd45e0231b264df

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

d3dx9_43

Sections

.text Size: 96KB - Virtual size: 96KB

.rdata Size: 47KB - Virtual size: 46KB

.data Size: 5KB - Virtual size: 13KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 7KB - Virtual size: 6KB

.text
Size: 96KB - Virtual size: 96KB

.rdata
Size: 47KB - Virtual size: 46KB

.data
Size: 5KB - Virtual size: 13KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 7KB - Virtual size: 6KB