14d74260ca3165657c7e6a55258d9ad5_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

14d74260ca3165657c7e6a55258d9ad5_JaffaCakes118
Size

220KB
MD5

14d74260ca3165657c7e6a55258d9ad5
SHA1

9498aa16580a5f2af2bdb3df7a3e876717b417fd
SHA256

0b9ee9463d0fef744afa4877c2f8473a60f6c718d13ee90d81746b4e5534b504
SHA512

34379dbc3478964f5218914123501e3d813afa00f7a794fbaed67b2f55872eb0d5780c218c79ba62e59998b3be9cb326cfa3373413bde929ad93d38957a83a3a
SSDEEP

3072:I3TdxcgVsWJOV0Faww9vLitrw94+OVGbElp6wkTsPoK+qdZk3nBt/dWZ3Ig3:I3TdxzQV6SoaEXvP7NZkXDQZ3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14d74260ca3165657c7e6a55258d9ad5_JaffaCakes118

Files

14d74260ca3165657c7e6a55258d9ad5_JaffaCakes118
.dll windows:4 windows x86 arch:x86

8e352cfb955c12fa13088d653808e1c8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SizeofResource
lstrcmpW
lstrlenW
LockResource
GetModuleFileNameA
GetFileSize
SetFilePointer
MapViewOfFile
lstrcpynA
SetEndOfFile
CreateDirectoryW
GlobalLock
SetFileTime
WriteFile
GetSystemDirectoryW
LoadLibraryW
GetVersionExW
GetFileAttributesW
ReadFile
GetModuleFileNameW
CreateFileW
MultiByteToWideChar
GlobalUnlock
OpenMutexW
GetLastError
GetProcAddress
FindClose
WideCharToMultiByte
CreateFileMappingW
lstrcmpiW
lstrcatW
FindNextFileW
GetFileTime
CloseHandle
GetCurrentProcessId
lstrcpyW
lstrcpyA
LocalAlloc
LocalFree
FreeLibrary
InterlockedExchange
LoadLibraryA
RaiseException
CreateFileA
SetEnvironmentVariableA
CompareStringW
CompareStringA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
FlushFileBuffers
GetConsoleMode
GetConsoleCP
GetLocaleInfoW
SetConsoleCtrlHandler
LoadResource
FindResourceW
FindResourceExW
VirtualQuery
lstrlenA
InterlockedExchangeAdd
lstrcmpA
IsValidCodePage
IsValidLocale
GetACP
GetLocaleInfoA
GetThreadLocale
GetVersionExA
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
HeapDestroy
HeapAlloc
HeapFree
HeapReAlloc
HeapSize
GetProcessHeap
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCommandLineA
DuplicateHandle
RtlUnwind
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetOEMCP
GetModuleHandleA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThread
LCMapStringA
LCMapStringW
GetStdHandle
GetTimeZoneInformation
Sleep
ExitProcess
GetTimeFormatA
GetDateFormatA
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
SetStdHandle
FatalAppExitA
VirtualAlloc
GetStringTypeA
GetStringTypeW
GetUserDefaultLCID
EnumSystemLocalesA

user32

CloseClipboard
SetTimer
GetTopWindow
KillTimer
GetParent
wsprintfA
wsprintfW
GetKeyboardLayout
GetClassNameW
OpenClipboard
GetWindow
UnregisterClassA

advapi32

RegCloseKey
RegOpenKeyExW
RegDeleteValueW
RegQueryValueExW
RegCreateKeyExW
RegSetValueExW

shell32

SHGetSpecialFolderPathW

Exports

Exports

NSModule

Sections

.text
Size: 168KB - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8e352cfb955c12fa13088d653808e1c8

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

Exports

Exports

Sections

.text Size: 168KB - Virtual size: 166KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 8KB - Virtual size: 20KB

.reloc Size: 12KB - Virtual size: 9KB

.text
Size: 168KB - Virtual size: 166KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 8KB - Virtual size: 20KB

.reloc
Size: 12KB - Virtual size: 9KB