0fa652352bcb962c896e82aaab33b3bc_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0fa652352bcb962c896e82aaab33b3bc_JaffaCakes118
Size

144KB
MD5

0fa652352bcb962c896e82aaab33b3bc
SHA1

00263053bc846d92d1ccabc8403292d413cc8a2e
SHA256

cea670413f16f372522a3680ae4e86ce4b0d23dafd5a4dad2eef1340987442c7
SHA512

531b238f84924d0f2b01c0ea6400b6a035c0246cd203fdcd90f7206818e81e014c28f344b858a25e4c72faeb83b15dc15862ef43ab6b74873640f0fc5f2acf3a
SSDEEP

3072:VR+IOUI9+p4fb0Gvq5Edkf6vqjiCf+WKrt0joTZ:VBOUO+p4fAYB4Vug0t0j

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0fa652352bcb962c896e82aaab33b3bc_JaffaCakes118

Files

0fa652352bcb962c896e82aaab33b3bc_JaffaCakes118
.dll windows:4 windows x86 arch:x86

bc531171cd407d45f800f28ca2c8597b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessIoCounters
Toolhelp32ReadProcessMemory
GetPriorityClass
EnumResourceLanguagesA
SetConsoleIcon
FlushConsoleInputBuffer
VirtualAlloc
SetConsoleScreenBufferSize
SetFilePointer
GetSystemDirectoryA
QueryDosDeviceA
GetSystemPowerStatus
EnumResourceTypesA
HeapSize
CreateFileMappingW
ReleaseMutex
ResetWriteWatch
UnlockFileEx
SetLocalTime
GetModuleFileNameA
GetCurrentThread
SetFileAttributesA
GetProcessHeap
OpenWaitableTimerA
GetConsoleHardwareState
SetFileApisToOEM
UpdateResourceA
SetEvent
SetConsoleCP
IsBadHugeReadPtr
GetEnvironmentStringsA
WriteConsoleA
CreateDirectoryA
SetCurrentDirectoryA
GetCommModemStatus
WriteConsoleA
GetLogicalDriveStringsA
OpenMutexA
SetProcessPriorityBoost
GetConsoleCP
ReadConsoleOutputCharacterA
GetTempFileNameA
ExpandEnvironmentStringsA
VirtualAlloc
LocalAlloc
GetEnvironmentVariableA
GetThreadLocale
WriteConsoleOutputCharacterA
GetFileInformationByHandle
SetConsoleMaximumWindowSize
FlushFileBuffers
GetCurrentThreadId
UpdateResourceA
FindFirstFileExW
RegisterWaitForInputIdle
GetFileAttributesExA
IsValidCodePage
GetFileTime
OpenEventA
GetExitCodeProcess
GetCommState
GetDiskFreeSpaceExA
GetProcessWorkingSetSize
GetProcessShutdownParameters
QueryPerformanceFrequency
CancelWaitableTimer
PurgeComm

wininet

FtpSetCurrentDirectoryW
FtpSetCurrentDirectoryW

winmm

timeGetTime
timeGetSystemTime

Exports

Exports

Ypgjhnj
CreateFeprimxsqs
Cdeuxmdprng
SetMnqbpcrkwie
AddAhmdcqhx
Ctkykwyqh
Qskhyclks
WriteXwhymkdq

Sections

.idata
Size: - Virtual size: 684B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.text
Size: 132KB - Virtual size: 181KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bc531171cd407d45f800f28ca2c8597b

Headers

File Characteristics

Imports

kernel32

wininet

winmm

Exports

Exports

Sections

.idata Size: - Virtual size: 684B

.text Size: 132KB - Virtual size: 181KB

.idata Size: 4KB - Virtual size: 2KB

.rsrc Size: 4KB - Virtual size: 1KB

.idata
Size: - Virtual size: 684B

.text
Size: 132KB - Virtual size: 181KB

.idata
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 4KB - Virtual size: 1KB