0f54af2eb4f2fe2288964d4c86ba3b2b_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0f54af2eb4f2fe2288964d4c86ba3b2b_JaffaCakes118
Size

450KB
MD5

0f54af2eb4f2fe2288964d4c86ba3b2b
SHA1

3acd41e2cf37512319bce127a2f033e04e261242
SHA256

913ebc4dc55802714c4f110e1630d990e5318deded8496dbcdc2225c23354fc3
SHA512

3adbe256d306e2b4246a986c04a1e961a476803c7d30433e9030377a94f871403a0529b72d9366f5ff8ee81f631bbd5c3345cea0e2c29043f574f07cb41a306a
SSDEEP

12288:/j9E1EkI9EglDFCoINhC/PwHpFzcSQQFyIBkiqiXMRC:/5E1B8lpp0hqYHpZcSQQiiPXL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f54af2eb4f2fe2288964d4c86ba3b2b_JaffaCakes118

Files

0f54af2eb4f2fe2288964d4c86ba3b2b_JaffaCakes118
.dll windows:5 windows x86 arch:x86

f26bbea8cc130299df9f339750c9fc86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

setupapi

SetupDiOpenDeviceInterfaceW
SetupDiOpenClassRegKey
SetupDiGetHwProfileFriendlyNameExW
SetupDiGetDeviceInfoListClass
SetupDiGetClassRegistryPropertyW
SetupDiGetClassDevsA
SetupCommitFileQueueA
CM_Set_HW_Prof_Ex
CM_Request_Device_EjectA
CM_Get_Resource_Conflict_DetailsW
CM_Get_Res_Des_Data_Ex
CM_Get_DevNode_Custom_PropertyW
CM_Enable_DevNode
CM_Disable_DevNode_Ex
CM_Create_Range_List
CMP_Report_LogOn

ntdll

RtlxUnicodeStringToAnsiSize
RtlUpdateTimer
RtlUnicodeToOemN
RtlSetAllBits
RtlNtStatusToDosError
RtlInitUnicodeString
RtlGetUserInfoHeap
RtlGetOwnerSecurityDescriptor
RtlFindClearBitsAndSet
RtlEqualPrefixSid
ZwAdjustPrivilegesToken
RtlDeleteSecurityObject
RtlDeleteAtomFromAtomTable
RtlCreateUserThread
RtlCreateAcl
RtlApplyRXactNoFlush
RtlAddAccessDeniedAceEx
NtSetDefaultLocale
NtReadFileScatter
NtQueryTimerResolution
NtPrivilegeObjectAuditAlarm
NtNotifyChangeDirectoryFile
NtFlushVirtualMemory
NtCloseObjectAuditAlarm
NtAllocateUuids
LdrFlushAlternateResourceModules
ZwCompleteConnectPort
ZwImpersonateThread
RtlEqualComputerName

kernel32

GetCompressedFileSizeA
ExitProcess
EscapeCommFunction
EnumSystemLanguageGroupsA
EnumSystemCodePagesA
EnumDateFormatsExA
EnumCalendarInfoA
DeleteFileA
CreateSemaphoreA
CreateMutexW
CompareStringA
CancelTimerQueueTimer
CancelDeviceWakeupRequest
FindFirstFileExA
FindFirstVolumeMountPointA
FreeUserPhysicalPages
GetCommState
lstrcpyW
lstrcpyA
WriteFileGather
VerifyVersionInfoA
VerLanguageNameW
VerLanguageNameA
SetupComm
SetLastError
SetFilePointerEx
SetCommMask
ResetEvent
PrepareTape
OpenWaitableTimerW
OpenSemaphoreA
MoveFileWithProgressA
LocalSize
LCMapStringA
HeapAlloc
GlobalUnWire
GlobalFindAtomW
GetTickCount
GetProfileIntA
GetProcessPriorityBoost
GetProcAddress
GetPrivateProfileIntW
GetMailslotInfo
GetLocalTime
GetFileSize
GetDateFormatA
GetCommandLineA
FatalAppExitA

version

GetFileVersionInfoSizeW
GetFileVersionInfoSizeA
GetFileVersionInfoW
VerFindFileA
VerInstallFileA
VerInstallFileW
VerQueryValueA
VerQueryValueW
GetFileVersionInfoA

winmm

midiOutMessage
midiOutGetID
midiOutSetVolume
midiStreamOut
midiStreamPosition
mixerGetDevCapsA
mixerGetDevCapsW
mmTaskBlock
mmGetCurrentTask
midiOutLongMsg
mixerGetLineInfoW

comdlg32

FindTextW
GetOpenFileNameW
GetFileTitleW

user32

PostMessageA
LoadIconA
GetMenu
GetDC
EndDialog
DestroyWindow
DefDlgProcA
CharUpperA
CharToOemA
ActivateKeyboardLayout
SendMessageA
UpdateWindow
RegisterClassA

Exports

Exports

BHffjxKFiDvzcHrjm
IbrMuceFjkkfv
Ihi
KptCZL
Lilheqbckuflfpd
SkXklhWccupwyHvkmry
csgjXecpfR
eHazdsbuiawhrsUulz
ihsv
ihxfjowX
qgrrh
ukopygpzziTu
xnonukvdIx
yoqxp

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 362KB - Virtual size: 667KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f26bbea8cc130299df9f339750c9fc86

Headers

DLL Characteristics

File Characteristics

Imports

setupapi

ntdll

kernel32

version

winmm

comdlg32

user32

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 59KB

.data Size: 362KB - Virtual size: 667KB

.rsrc Size: 26KB - Virtual size: 26KB

.text
Size: 60KB - Virtual size: 59KB

.data
Size: 362KB - Virtual size: 667KB

.rsrc
Size: 26KB - Virtual size: 26KB