14c36d5a5abb2de37f2a40ed328ccfff_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

14c36d5a5abb2de37f2a40ed328ccfff_JaffaCakes118
Size

124KB
MD5

14c36d5a5abb2de37f2a40ed328ccfff
SHA1

eb21c2bb2430b39016e927fb8895b591615f5481
SHA256

b06a898948e6a122069e79eaf1403204e6e2f899e0439d4dc3b7655e1533f607
SHA512

440190caea33e4231e07026ea8f45dce03f55f2de2f95134b70c23ec3d1741c818c8c5616200645816e762afed946b8a86d8ce9f69622a55c4db6844a02215f7
SSDEEP

3072:Kd3vTlwYZMUi8UWABlmnnCP0KunPRjf5kRN6:Kd3L2SMUKkMURbU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
14c36d5a5abb2de37f2a40ed328ccfff_JaffaCakes118

Files

14c36d5a5abb2de37f2a40ed328ccfff_JaffaCakes118
.dll windows:4 windows x86 arch:x86

106a1c0600cabdad293233f9b0d69316

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateEventA
CreateFileMappingA
GetTickCount
CreateMutexA
HeapFree
ExitProcess
WriteFile
UnmapViewOfFile
OpenEventA
GetComputerNameA
GetProcAddress
HeapAlloc
lstrlenW
lstrlenA
CreateFileA
GetProcessHeap
LoadLibraryA
GetVolumeInformationA
ReleaseMutex
InterlockedCompareExchange
LocalFree
GetLastError
CreateDirectoryA
SetLastError
InterlockedDecrement
LeaveCriticalSection
CloseHandle
CreateProcessA
GetModuleHandleA
WaitForSingleObject
MapViewOfFile
GetModuleFileNameA
InterlockedIncrement
GetCurrentProcessId
Sleep
GetCommandLineA
CopyFileA
EnterCriticalSection

ole32

CoUninitialize
CoCreateGuid
CoTaskMemAlloc
CreateBindCtx
CoInitialize
OleSetContainedObject
OleCreate

user32

SetTimer
GetSystemMetrics
TranslateMessage
DefWindowProcA
GetMessageA
SetWindowLongA
SendMessageA
GetParent
DestroyWindow
GetWindowThreadProcessId
KillTimer
CreateWindowExA
UnhookWindowsHookEx
PostMessageA
DispatchMessageA
RegisterWindowMessageA
SetWindowsHookExA
PostQuitMessage
GetWindowLongA
FindWindowA
GetClassNameA

oleaut32

SysAllocStringLen
SysAllocString
SysFreeString

shlwapi

UrlUnescapeW
StrStrIW

advapi32

RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegCreateKeyExA
GetUserNameA
RegDeleteValueA

shell32

SHGetFolderPathA

Exports

Exports

syscrtSched

Sections

.text
Size: 104KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

106a1c0600cabdad293233f9b0d69316

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

shlwapi

advapi32

shell32

Exports

Exports

Sections

.text Size: 104KB - Virtual size: 102KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 8KB - Virtual size: 7KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 104KB - Virtual size: 102KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 8KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 2KB