152ac6903aed001acb300f81bd7b197f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

152ac6903aed001acb300f81bd7b197f_JaffaCakes118
Size

112KB
MD5

152ac6903aed001acb300f81bd7b197f
SHA1

f28b5560613d5f3ff5bf7b47a091f887928305e7
SHA256

158cff9cb659d1fa8c3886e7ddf38a0c6d47069ef99945660798d2a408cd78c8
SHA512

050b941fcb8d87889bcf04a6409954c7923a1665c0410e786ee7a9ed8a6d2d842458495b4df952ae2546d8fe8f1ce0d6b800f7954ae76007cdda335c4e82e300
SSDEEP

1536:94NyhlZ342TT9yNJp2BYkH8Lio35/XmqpGrWmqpntHpCnUeOP/7bE58R:GNGvTClLi6/3pGrWmqNtJCAP/7Y5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
152ac6903aed001acb300f81bd7b197f_JaffaCakes118

Files

152ac6903aed001acb300f81bd7b197f_JaffaCakes118
.dll windows:4 windows x86 arch:x86

b7cbb39184ad4d13827acbcab7f63f00

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegSetValueA
RegQueryValueA

gdi32

DeleteDC
DeleteObject
GetClipBox
GetDCOrgEx
GetGlyphIndicesW
LPtoDP
SelectObject

kernel32

LoadResource
FindResourceA
CloseHandle
CreateFileMappingA
GetCurrentProcessId
GetModuleHandleA
GetPrivateProfileStringW
IsBadReadPtr
LocalAlloc
LocalFree
MapViewOfFile
UnmapViewOfFile
lstrlenA
VirtualAlloc
CompareStringW
CompareStringA
GetTimeZoneInformation
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
IsValidLocale
EnumSystemLocalesA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
GetLocaleInfoW
GetLocaleInfoA
MultiByteToWideChar
GetCurrentThreadId
GetCommandLineA
HeapFree
GetVersionExA
HeapAlloc
GetProcessHeap
GetProcAddress
ExitProcess
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
GetLastError
InterlockedDecrement
GetCurrentThread
Sleep
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
WriteFile
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetConsoleCtrlHandler
FreeLibrary
InterlockedExchange
LoadLibraryA
InitializeCriticalSection
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
HeapReAlloc
RtlUnwind
HeapSize
SetEnvironmentVariableA

rpcrt4

RpcMgmtInqServerPrincNameA

user32

SetRectEmpty
ScreenToClient
OffsetRect
IsWindow
WindowFromDC
IntersectRect
GetFocus
GetClientRect
GetActiveWindow
ClientToScreen
wsprintfA
IsRectEmpty

Exports

Exports

Dnbilmkn

Sections

.text
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b7cbb39184ad4d13827acbcab7f63f00

Headers

File Characteristics

Imports

advapi32

gdi32

kernel32

rpcrt4

user32

Exports

Exports

Sections

.text Size: 72KB - Virtual size: 71KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 20KB - Virtual size: 22KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 72KB - Virtual size: 71KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 20KB - Virtual size: 22KB

.reloc
Size: 4KB - Virtual size: 3KB