0f8df2adb01c8dee50bb41e302afcae6_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0f8df2adb01c8dee50bb41e302afcae6_JaffaCakes118
Size

103KB
MD5

0f8df2adb01c8dee50bb41e302afcae6
SHA1

8f5d8a583883f4ea936c3ea9de8f18940062a11f
SHA256

b6b3e215930d09fac1d2d1d7fb4dab63ea1f5f664f133588ba0b1bcc16741a6d
SHA512

4ff9882583d250d7d7bcb2922be5404c93d6d98cfee33c2345eb44bf573c53ed9c5407deac993aa21032c408e7f822e3689ef36ae72069eb9a4eaa2aef8835f1
SSDEEP

3072:GGc65JgPAx2kDdEkahRqaRZK/OSvmboq:GLnpwdGZK2Svqt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f8df2adb01c8dee50bb41e302afcae6_JaffaCakes118

Files

0f8df2adb01c8dee50bb41e302afcae6_JaffaCakes118
.dll windows:4 windows x86 arch:x86

5fd891c7e44ec50885e1e5f529867517

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetCommState
GetCommState
lstrcpyA
ClearCommError
ReadFile
lstrcpynW
GetCommTimeouts
SetCommTimeouts
WriteFile
GlobalFree
CreateThread
LoadLibraryW
WideCharToMultiByte
LocalAlloc
LocalReAlloc
CreateFileW
LocalSize
FormatMessageW
IsDBCSLeadByte
lstrcatW
SetLastError
HeapFree
HeapAlloc
CloseHandle
Sleep
GetLastError
FreeLibraryAndExitThread
GetWindowsDirectoryW
lstrcpyW
lstrlenW
GetDateFormatA
lstrcmpiW
MultiByteToWideChar
GetProcAddress
GetProcessHeap
OpenFile
LeaveCriticalSection
EnterCriticalSection
lstrcmpA
FreeLibrary
GetModuleHandleA
GetModuleFileNameA
LoadLibraryA
SetCurrentDirectoryA
VirtualFree
VirtualAlloc
ExitProcess
GlobalHandle
GlobalAlloc
GlobalLock
GlobalUnlock
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
CreateMutexW
DisableThreadLibraryCalls
ReleaseMutex
WaitForSingleObject
InitializeCriticalSection
DeleteCriticalSection
GetCurrentProcess
GetTimeFormatA
SetupComm
lstrlenA
PurgeComm
EscapeCommFunction
LocalFree
GetLocalTime
DeviceIoControl
SetFilePointer
GetVersion
GetCommandLineA
VirtualProtect
lstrcmpW
GetTickCount

user32

SetDlgItemTextW
LoadCursorW
MessageBoxIndirectW
SetCursor
IsDlgButtonChecked
SetWindowLongW
GetParent
PostMessageW
IsCharAlphaW
LoadStringA
ShowWindow
CharPrevW
IsCharAlphaA
GetWindowLongW
DialogBoxParamW
DispatchMessageW
PeekMessageW
LoadStringW
TranslateMessage
MsgWaitForMultipleObjects
IsCharAlphaNumericW
wsprintfW
CharNextW
GetDlgItem
UpdateWindow
InvalidateRect
EnableWindow
SendMessageW
CheckRadioButton
WinHelpW
EndDialog
IsCharLowerA
wvsprintfA

advapi32

RegDeleteValueW
RegEnumKeyW
RegCreateKeyExW
RegQueryInfoKeyW
RegEnumValueW
RegDeleteKeyW
RegQueryValueExW
RegOpenKeyExW
RegOpenKeyW
RegSetValueExW
RegCloseKey
RegQueryValueExA
RegEnumKeyExW

msvcrt

memmove
free
_initterm
malloc
_adjust_fdiv
_except_handler3
__CxxFrameHandler

Sections

.text
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5fd891c7e44ec50885e1e5f529867517

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcrt

Sections

.text Size: 92KB - Virtual size: 92KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 1024B - Virtual size: 35KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 92KB - Virtual size: 92KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 1024B - Virtual size: 35KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 3KB