101b111fbb950784edf032099aaeeaf6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

101b111fbb950784edf032099aaeeaf6_JaffaCakes118
Size

64KB
MD5

101b111fbb950784edf032099aaeeaf6
SHA1

cc69f0b2173dff618ca81b93963e6a93e0f23cd5
SHA256

dacf33af4a9b7b570e05ee6813926598f83583a11d6715ba1b33801dbb3df783
SHA512

bf5d7f9f76cd22224f4a1bf9a17425fd2accba1b3ca354d13afaad22f2c69fa6d94f970dc8a985475f9a833b5b988e4122f3caae31f67bc0379f333164f02d35
SSDEEP

1536:xX7bqF+FD8nNwhQZ4AsRk2wP9kQ85wzeiAuqZQapv:xXHSYQNvZ4Asq2wP9kQt/nqZQ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
101b111fbb950784edf032099aaeeaf6_JaffaCakes118

Files

101b111fbb950784edf032099aaeeaf6_JaffaCakes118
.dll windows:4 windows x86 arch:x86

036c6a95bc8916430cf56dfb40f01c60

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LocalReAlloc
GetFileAttributesExW
ReadProcessMemory
FlushConsoleInputBuffer
GetTimeZoneInformation
SetLocalTime
LocalAlloc
IsBadHugeWritePtr
WriteProfileStringA
GetProcessAffinityMask
LockFileEx
GetExitCodeThread
CreateFileW
LoadResource
CreateWaitableTimerA
GetSystemTime
HeapSetInformation
SwitchToThread
CancelIo
FindNextVolumeMountPointW
FindVolumeMountPointClose
DeleteTimerQueueTimer
DeleteCriticalSection
OpenFile
FindFirstChangeNotificationA
VerifyVersionInfoW
GetComputerNameExW
GetFullPathNameW
CreateMailslotA
CompareFileTime
RemoveDirectoryW
CreateMailslotW
GetTimeFormatA
OpenEventA
GetEnvironmentVariableW
GlobalAddAtomW
GlobalFindAtomA
CreateFileA
GetStringTypeA
SetEvent
TerminateProcess
UnregisterWaitEx
OpenProcess
CreateIoCompletionPort
GetBinaryTypeW
GetHandleInformation
WaitForSingleObjectEx
GetShortPathNameA
CreateToolhelp32Snapshot
CreateProcessA
CopyFileA
WaitForSingleObject
HeapFree
CreateFileMappingA
CreateDirectoryA
MapViewOfFile
lstrcatW
CreateThread
GetComputerNameA
ReleaseMutex
UnmapViewOfFile
GetProcAddress
EnterCriticalSection
HeapAlloc
GetSystemTimeAsFileTime
GetModuleHandleA
VirtualQuery
CreateMutexA
LoadLibraryA
VirtualProtect
lstrcpyW
GetProcessHeap
MoveFileExA
GlobalAddAtomA
GetModuleFileNameA

ole32

CoFileTimeNow
CoGetCallContext
OleDuplicateData
OleRun
StgCreateDocfile
CoSwitchCallContext
OleCreateLink
StgIsStorageFile
CreateItemMoniker
RegisterDragDrop
CoFreeUnusedLibrariesEx

gdi32

GetTextExtentExPointA
GetROP2
GetDIBits
GetKerningPairsA
CreateEnhMetaFileA
GetMetaFileBitsEx
ExtCreatePen
GetSystemPaletteEntries
GetRandomRgn
GetTextMetricsA
GetEnhMetaFileA
Chord
SetStretchBltMode
GetViewportExtEx
SetBkMode
AnimatePalette
EnumFontFamiliesW
ModifyWorldTransform
CreateBrushIndirect
SetDIBits
FillRgn
LPtoDP
GetViewportOrgEx
SetWindowExtEx
EnumMetaFile
GetPixelFormat
TranslateCharsetInfo

Exports

Exports

DllInit
DllInstall

Sections

.text
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

036c6a95bc8916430cf56dfb40f01c60

Headers

File Characteristics

Imports

kernel32

ole32

gdi32

Exports

Exports

Sections

.text Size: 48KB - Virtual size: 45KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 48KB - Virtual size: 45KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 1KB