0ee21c940d4307e3f2e352397a74c5ea_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0ee21c940d4307e3f2e352397a74c5ea_JaffaCakes118
Size

88KB
MD5

0ee21c940d4307e3f2e352397a74c5ea
SHA1

76f40ad9bb5eff9b7a6b5443ca77bba35c0fdbbc
SHA256

0d4cc489b2c9651d2199868eeabf4361a42b3866e028f9af94a28bfcea72d007
SHA512

50a904d3b89475ea503d456574f4c72cf6d83aeedfdb417140d2da83808a3cf7d53420eb2ae4f1dc8721d2354870f36c69b18263a0dde052a14c1669bedb748d
SSDEEP

1536:QQPu/Ipl66EaOxQD6lvnEQfLik435yx/KT18vaEdYbaI+ggZ4Z/OnSfLzRk4:VK8fE5lvnn4pyx/a18ldYbaI+ggCmnyr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ee21c940d4307e3f2e352397a74c5ea_JaffaCakes118

Files

0ee21c940d4307e3f2e352397a74c5ea_JaffaCakes118
.dll windows:4 windows x86 arch:x86

5ddc763dcce1619c2a7a08e3c937d07c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetComputerNameW
ResumeThread
FindResourceW
LoadResource
LockResource
GetLocaleInfoW
GetNumberFormatW
SetEvent
CreateEventW
GetExitCodeThread
lstrcpyW
WaitForSingleObject
CreateThread
lstrcmpW
IsBadStringPtrW
GetTickCount
FormatMessageW
lstrlenW
LocalAlloc
LoadLibraryW
FreeLibraryAndExitThread
InterlockedDecrement
lstrcmpiW
GetLastError
ReleaseMutex
DeleteCriticalSection
LocalFree
lstrcpynW
FreeLibrary
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
RtlUnwind
InterlockedCompareExchange
Sleep
InterlockedExchange
DisableThreadLibraryCalls
VirtualAlloc
VirtualFree
LoadLibraryA
GetProcAddress
WideCharToMultiByte
GetVersionExA
CreateEventA
OutputDebugStringA
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetFileAttributesW
GetDriveTypeW
lstrcatW
GetVolumePathNameW
GetVolumeInformationW
GlobalFree
GetCommandLineA
VirtualProtect
CloseHandle
GlobalAlloc

user32

IsWindow
GetAsyncKeyState
CharUpperW
CharNextW
GetDialogBaseUnits
GetWindowRect
IsWindowEnabled
LoadStringW
IsDlgButtonChecked
GetDlgItemInt
GetDlgCtrlID
WinHelpW
GetParent
SetWindowLongW
RemovePropW
GetDlgItem
EnableWindow
SendMessageW
FindWindowW
PostMessageW
DestroyMenu
SetDlgItemInt
SetPropW
GetWindowLongW
wsprintfW
EndDialog
CheckDlgButton
GetFocus
GetNextDlgTabItem
SetFocus
SetWindowTextW
SetTimer
GetCaretBlinkTime
PeekMessageW
SetDlgItemTextW
CheckRadioButton
SendDlgItemMessageW
LoadImageW
MessageBoxW
LoadIconW
DestroyWindow
GetDesktopWindow
KillTimer
MsgWaitForMultipleObjectsEx
UnregisterClassW

advapi32

DeregisterEventSource
RegOpenCurrentUser
RegDeleteValueW
RegSetValueExW
RegQueryValueExW
RegOpenKeyExW
ImpersonateLoggedOnUser
RevertToSelf
RegCreateKeyExW
RegisterEventSourceW
ReportEventW
RegCloseKey

ole32

CoUninitialize
CoTaskMemAlloc

msvcr71

_except_handler3
_CxxThrowException
memcpy
_amsg_exit
_initterm
free
__dllonexit
_adjust_fdiv
_XcptFilter
memset
malloc
__CppXcptFilter
_onexit

Sections

.text
Size: 74KB - Virtual size: 74KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5ddc763dcce1619c2a7a08e3c937d07c

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

msvcr71

Sections

.text Size: 74KB - Virtual size: 74KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 36KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 74KB - Virtual size: 74KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 36KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 2KB