07d62d5c57a8e2a1fdcb9bd756fd4de4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

07d62d5c57a8e2a1fdcb9bd756fd4de4_JaffaCakes118
Size

307KB
MD5

07d62d5c57a8e2a1fdcb9bd756fd4de4
SHA1

dcbd875df027740d0fe55d8c0cb7f9c6962292dd
SHA256

13b19dc737bcc4ead0ac1e10fd25741135fb6365a619789a5d27c5decbf3467d
SHA512

9916e3bcc1e4c7004e508be503dec5482c762e1d3ff997711444a68e3c0b482605ad700d38178e6c4895d0321ff6b15bc30036ef7be97b54dd8a3fa11e8eb4e0
SSDEEP

6144:kn1PDGEDDrzDjyTxZkv8IioJnS+rReli2NkMPpG/NG4:9EDDP3yL7Ibg+lO1mMR8G4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
07d62d5c57a8e2a1fdcb9bd756fd4de4_JaffaCakes118

Files

07d62d5c57a8e2a1fdcb9bd756fd4de4_JaffaCakes118
.dll windows:4 windows x86 arch:x86

03c7a97571038a0f92b43583117e3e57

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shell32

SHFileOperationA
SHChangeNotify
SHCreateProcessAsUserW

rpcrt4

RpcBindingFree
RpcBindingCopy

ole32

CoTaskMemFree
CoTaskMemAlloc

dbghelp

ImageRvaToSection
FindDebugInfoFile
FindFileInPath
ImagehlpApiVersion

version

VerQueryValueW

user32

CloseClipboard
CloseDesktop
CharNextA
CloseWindow
CloseWindowStation
GetDC
GetKeyboardLayout
GetKeyboardLayoutList
GetMenuCheckMarkDimensions
GetMonitorInfoA
GetSysColor
GetSystemMetrics
ReleaseDC
CharPrevA

kernel32

EnterCriticalSection
ExpandEnvironmentStringsW
FindClose
FindFirstFileW
FormatMessageW
FreeLibrary
GetCurrentProcess
GetCurrentProcessId
GetCurrentThread
GetCurrentThreadId
GetDiskFreeSpaceExW
GetFileAttributesW
GetFileType
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetProcessHeap
GetProcessTimes
GetShortPathNameA
GetStringTypeExW
GetSystemDefaultLCID
GetSystemDirectoryW
CloseHandle
GetSystemTimeAsFileTime
GetSystemWindowsDirectoryW
GetTempPathW
GetTickCount
GetTimeZoneInformation
GetUserDefaultLCID
GetVersion
GetVersionExA
GlobalAlloc
GlobalFree
GlobalMemoryStatus
HeapAlloc
HeapCreate
HeapDestroy
DeleteFileW
HeapLock
HeapReAlloc
HeapSize
HeapUnlock
InitializeCriticalSection
InterlockedCompareExchange
InterlockedExchange
IsDBCSLeadByte
IsDebuggerPresent
IsProcessorFeaturePresent
IsValidCodePage
IsValidLocale
LeaveCriticalSection
LoadLibraryA
LoadLibraryExW
LoadLibraryW
LocalAlloc
LocalFree
MultiByteToWideChar
OutputDebugStringA
QueryPerformanceCounter
RaiseException
ReleaseMutex
ReleaseSemaphore
RemoveDirectoryW
SetFileAttributesW
SetLastError
SetLocalTime
SetUnhandledExceptionFilter
Sleep
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualProtect
WaitForSingleObject
WideCharToMultiByte
WriteFile
DeleteCriticalSection
CreateSemaphoreA
CreateMutexA
CreateFileW
HeapFree
CreateDirectoryW
GetSystemInfo

advapi32

CopySid
GetLengthSid
ConvertStringSecurityDescriptorToSecurityDescriptorW
ConvertSidToStringSidA
CheckTokenMembership
AllocateAndInitializeSid
AddAccessDeniedAce
AddAccessAllowedAce
UnregisterTraceGuids
TraceEvent
SetSecurityDescriptorDacl
RegisterTraceGuidsA
RegSetValueExW
RegSetValueExA
RegQueryValueExW
RegQueryValueExA
RegQueryInfoKeyW
RegOpenKeyExW
RegOpenKeyExA
RegEnumKeyW
RegCreateKeyExW
RegCloseKey
OpenThreadToken
InitializeSecurityDescriptor
InitializeAcl
GetTraceLoggerHandle
GetTraceEnableLevel
GetTokenInformation
GetSecurityDescriptorDacl
FreeSid

shlwapi

ChrCmpIA
PathFileExistsA
StrCmpNA
StrChrA

gdi32

DeleteObject
DeleteDC
CreateSolidBrush
CreateDCA
GetDeviceCaps

dsound

ord9

Exports

Exports

FreeGlobalObjects
GetContextSpellingSession
GetNextToken
RunCssWordBreaker

Sections

.text
Size: 241KB - Virtual size: 243KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 35KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

03c7a97571038a0f92b43583117e3e57

Headers

File Characteristics

Imports

shell32

rpcrt4

ole32

dbghelp

version

user32

kernel32

advapi32

shlwapi

gdi32

dsound

Exports

Exports

Sections

.text Size: 241KB - Virtual size: 243KB

.rdata Size: 35KB - Virtual size: 36KB

.data Size: 15KB - Virtual size: 16KB

.idata Size: 5KB - Virtual size: 8KB

.rsrc Size: 6KB - Virtual size: 8KB

.text
Size: 241KB - Virtual size: 243KB

.rdata
Size: 35KB - Virtual size: 36KB

.data
Size: 15KB - Virtual size: 16KB

.idata
Size: 5KB - Virtual size: 8KB

.rsrc
Size: 6KB - Virtual size: 8KB