0ce9fe5ce0f5c932ef65ea950161f0e2_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0ce9fe5ce0f5c932ef65ea950161f0e2_JaffaCakes118
Size

128KB
MD5

0ce9fe5ce0f5c932ef65ea950161f0e2
SHA1

e843acb61a803d7f0a0d9171d68bfa58ed4e75fd
SHA256

a87ecf0a3628617922f180cb1f93beeabf5310e78406bf18fe6a6a0f58352193
SHA512

3a6cdbb0de213176d90888b3dd4a40a1e4628421976e176d224d4cac96ea94871a04dd8203a29dbae7760a68b693ef5c3693c5cdd7c015c973435ceb1953fd75
SSDEEP

3072:Z3Yy5hqishWGyeE8/TEcx6fMFO8C1Txbb3:V5hqiy/EGiMU9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ce9fe5ce0f5c932ef65ea950161f0e2_JaffaCakes118

Files

0ce9fe5ce0f5c932ef65ea950161f0e2_JaffaCakes118
.dll windows:4 windows x86 arch:x86

5bc61840795a3f452fd2b1261b087254

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileW
GetACP
SetEnvironmentVariableW
FillConsoleOutputAttribute
SetConsoleCursorPosition
WideCharToMultiByte
WriteConsoleOutputW
ReadConsoleOutputW
GetConsoleCP
GetEnvironmentVariableA
MultiByteToWideChar
SetConsoleActiveScreenBuffer
SetEvent
WriteFile
GetLargestConsoleWindowSize
ScrollConsoleScreenBufferW
WriteConsoleOutputCharacterW
IsDBCSLeadByte
ReadConsoleInputA
ReadConsoleInputW
SetConsoleMode
CreateEventW
SetConsoleCtrlHandler
ExitProcess
CreateThread
GetCurrentProcess
TerminateProcess
LocalAlloc
SetConsoleTitleW
LocalFree
WriteConsoleW
ResetEvent
WaitForSingleObject
UnhandledExceptionFilter
InterlockedIncrement
InterlockedDecrement
Sleep
VirtualAlloc
GetSystemInfo
VirtualFree
InterlockedCompareExchange
GetSystemDirectoryA
CreateFileA
lstrcmpiA
lstrcpynA
lstrlenW
HeapDestroy
ReadFile
GetTickCount
DisableThreadLibraryCalls
GetProcAddress
GetModuleHandleA
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentVariableW
GetConsoleScreenBufferInfo
SetConsoleScreenBufferSize
SetConsoleWindowInfo
GetCommandLineA
SetUnhandledExceptionFilter
VirtualProtect

user32

CreateWindowExW
PostMessageW
IsCharAlphaW
IsCharAlphaNumericW
LoadStringW
TranslateMessage
CharNextA
GetMessageW
DispatchMessageW
RegisterClassW
GetWindowLongW
GetKeyboardType
DestroyWindow
SetRectEmpty

advapi32

LookupAccountSidW
GetUserNameW
RegEnumKeyExA
RegDeleteValueA
RegDeleteKeyA
RegCloseKey

ole32

CoCreateInstanceEx
CoUninitialize
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateFreeThreadedMarshaler
CoInitializeEx

rpcrt4

I_RpcMapWin32Status
NdrClientCall2
RpcStringFreeW
RpcBindingFromStringBindingW
RpcStringBindingComposeW
RpcBindingFree

msvcrt

_adjust_fdiv
realloc
memmove
_stricmp
_wtoi64
memset
wcsncmp
toupper
_wcsicmp
iswctype
_wcsnicmp
_wtoi
malloc
free
calloc
memchr
strncmp
_initterm
_strnicmp
atoi
_except_handler3
memcpy
exit

Sections

.text
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5bc61840795a3f452fd2b1261b087254

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

rpcrt4

msvcrt

Sections

.text Size: 108KB - Virtual size: 107KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 36KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 108KB - Virtual size: 107KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 36KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 3KB