1564dd795a0d01a31b97eeda8b69d401_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

1564dd795a0d01a31b97eeda8b69d401_JaffaCakes118
Size

112KB
MD5

1564dd795a0d01a31b97eeda8b69d401
SHA1

9157815eea1f3c23ab284c0b881bcfdc85088010
SHA256

9ffba6124b46c9b6f071739e9c62038f465eb90d0fa11b719455bbc044f75072
SHA512

7075aaf9ab3aafc9170785a3850fbabe77d36498e02ef19dfe3dec935f5081c58594c9907af9394a85bfbb812aa39f48c87ea31c7e4ee7bb0c379f2fd990c158
SSDEEP

1536:9Mj+3maNwrwWlpnffp9is5z88+SGKsErx5AA+RQvcQqAn0Y2brNLNyJSius0UJOI:9jZN2fR9R5zQZfQYmulLNyJ11YAH/It

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1564dd795a0d01a31b97eeda8b69d401_JaffaCakes118

Files

1564dd795a0d01a31b97eeda8b69d401_JaffaCakes118
.dll windows:4 windows x86 arch:x86

5a970bafdee86b8dfb053512b0a32945

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentProcessId
GetFileAttributesExA
GetModuleHandleA
GetPrivateProfileSectionW
GetStringTypeExA
GetSystemDefaultLangID
GetSystemInfo
GetTempPathW
GetTimeZoneInformation
GetVersionExA
GetWindowsDirectoryA
GetConsoleOutputCP
GetCommandLineA
HeapCreate
MulDiv
OpenEventW
OpenJobObjectW
ReadFile
SetEnvironmentVariableA
SetFileTime
TlsGetValue
WaitForMultipleObjectsEx
lstrcmpA
GlobalAddAtomA
GetConsoleAliasA
GetBinaryTypeA
FormatMessageA
Beep
FlushConsoleInputBuffer
FindNextVolumeW
FindAtomW
FindAtomA
ExitProcess
EnumTimeFormatsA
DuplicateHandle
DeleteCriticalSection
CreateSemaphoreA
CloseHandle
BindIoCompletionCallback
HeapAlloc

ole32

PropVariantClear
IsEqualGUID

advapi32

FileEncryptionStatusA
SetSecurityDescriptorDacl
RegisterEventSourceA
RegQueryValueExA
OpenTraceW
LsaSetInformationTrustedDomain
LsaRemoveAccountRights
LookupPrivilegeNameW
I_ScSetServiceBitsA
GetSecurityDescriptorDacl
GetAclInformation
GetAce
AddAccessDeniedAce
SetUserFileEncryptionKey

shell32

SHFileOperationW
SHGetSpecialFolderPathW
ShellExecuteA

dinput

DirectInputCreateW

user32

GetForegroundWindow
UpdateWindow
ShowWindow
BeginDeferWindowPos
CharLowerBuffA
CreateWindowExA
DefWindowProcA
DialogBoxParamA
DispatchMessageA
EmptyClipboard
EnumPropsA
GetCaretPos
SetSystemCursor
GetKeyState
GetTopWindow
MessageBoxW
MsgWaitForMultipleObjects
OpenClipboard
PeekMessageA
RegisterClassA

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

Sections

.text
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5a970bafdee86b8dfb053512b0a32945

Headers

File Characteristics

Imports

kernel32

ole32

advapi32

shell32

dinput

user32

version

Sections

.text Size: 76KB - Virtual size: 75KB

.data Size: 24KB - Virtual size: 23KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 76KB - Virtual size: 75KB

.data
Size: 24KB - Virtual size: 23KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 4KB - Virtual size: 3KB