19aca5da05ee8e5862e1d1ee50e84cec_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

19aca5da05ee8e5862e1d1ee50e84cec_JaffaCakes118
Size

158KB
MD5

19aca5da05ee8e5862e1d1ee50e84cec
SHA1

7b3652f8d51bf74174e1e5364dbbf901a2ebcba1
SHA256

df818c2dccacc532ba0205749329b7e46d1f6616b40da55e0d994105bd988bd2
SHA512

23f24e5d23f1b9f1f3263c563db522a4988e4b85cca4dfd056e049590e9386af04d945d30bf40ec335f4908ea625aeb033302087a2af54adabc980fc29a1e71e
SSDEEP

3072:g2a+jZLHUBGGrW1t/kc37wZYf7cQdnA+8EPOumgBZoT:g9Aj53oYzbA+82da

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
19aca5da05ee8e5862e1d1ee50e84cec_JaffaCakes118

Files

19aca5da05ee8e5862e1d1ee50e84cec_JaffaCakes118
.dll windows:5 windows x86 arch:x86

ee9b7d11d1ecc8ef1d3cfac09e665216

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

crypt32

CertFreeCertificateContext
CertCloseStore
CertCreateCertificateContext
CertEnumCertificatesInStore
CertGetIssuerCertificateFromStore
CertOpenStore
CertAddCertificateContextToStore
CertVerifySubjectCertificateContext

kernel32

GetModuleFileNameA
SetErrorMode
GetQueuedCompletionStatus
WaitForSingleObject
TerminateThread
Sleep
PostQueuedCompletionStatus
CreateIoCompletionPort
CloseHandle
CreateThread
CancelIo
WideCharToMultiByte
MultiByteToWideChar
FreeLibrary
GetProcAddress
LoadLibraryA
GetLastError
GlobalFree
GetComputerNameA
GetModuleHandleA
GetSystemDirectoryW
GetVolumeInformationW
GetTickCount
InterlockedExchange
GetFileSize
WriteFile
ReadFile
GetModuleFileNameW
CreateFileW
WriteConsoleW
SetStdHandle
GetConsoleMode
GetConsoleCP
SetFilePointer
GetStringTypeW
LCMapStringW
HeapReAlloc
RtlUnwind
EnterCriticalSection
LeaveCriticalSection
LoadLibraryW
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
DeleteCriticalSection
GetStartupInfoW
GetFileType
InitializeCriticalSectionAndSpinCount
SetHandleCount
HeapDestroy
HeapCreate
FlushFileBuffers
SetLastError
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
IsValidCodePage
DecodePointer
EncodePointer
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
GetCurrentThreadId
GetCommandLineA
RaiseException
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
IsProcessorFeaturePresent
GetStdHandle
HeapSize
GetModuleHandleW
ExitProcess
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP

ole32

CoSetProxyBlanket
CoInitialize
CoCreateInstance
CoInitializeSecurity

oleaut32

SysFreeString
VariantClear
VariantInit
SafeArrayGetLBound
SafeArrayCreate
SafeArrayGetDim
SafeArrayGetElement
SafeArrayPutElement
SafeArrayGetUBound
SysAllocString

ws2_32

listen
WSAIoctl
closesocket
WSAStartup
WSASocketA
htonl
htons
ntohs
gethostbyname
bind
shutdown
getsockname
setsockopt
WSARecv
WSASend
inet_addr
inet_ntoa
gethostname
ntohl
WSAGetLastError

Exports

Exports

CrashAddData
CrashCleanup
CrashErrors
CrashInit
CrashSend
CrashSetCallback
DllMain
__Reserved00
__Reserved01
__Reserved05
__Reserved06

Sections

.text
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ee9b7d11d1ecc8ef1d3cfac09e665216

Headers

DLL Characteristics

File Characteristics

Imports

crypt32

kernel32

ole32

oleaut32

ws2_32

Exports

Exports

Sections

.text Size: 115KB - Virtual size: 114KB

.rdata Size: 24KB - Virtual size: 24KB

.data Size: 6KB - Virtual size: 13KB

.reloc Size: 11KB - Virtual size: 11KB

.text
Size: 115KB - Virtual size: 114KB

.rdata
Size: 24KB - Virtual size: 24KB

.data
Size: 6KB - Virtual size: 13KB

.reloc
Size: 11KB - Virtual size: 11KB