1a1b1e8199edf7a7393f5d2094d1dc49_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1a1b1e8199edf7a7393f5d2094d1dc49_JaffaCakes118
Size

84KB
MD5

1a1b1e8199edf7a7393f5d2094d1dc49
SHA1

434c1f293c7762edaff2c0d7b51c463509437863
SHA256

4828382c96c6e6c1e95ae637c6f761ff21e8f90d2a1e02036353ab0a005ecdc4
SHA512

c8742a51570ba81c91e446394125e3824e1a2b72083b0b43fc19ea5a3486cb58f445db4a04ed89391ac895033cca07d845133a85947d4a6f76812456d65fe657
SSDEEP

1536:qjrrQhUFyoEy6KJ6yk+8773jlcNkrc2XNgfSzP+vkIaL:/6FytyJ6yk+scNkr1Svk1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1a1b1e8199edf7a7393f5d2094d1dc49_JaffaCakes118

Files

1a1b1e8199edf7a7393f5d2094d1dc49_JaffaCakes118
.dll windows:4 windows x86 arch:x86

feb11f6bed4b7250c614ea51c779b20e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DisableThreadLibraryCalls
GetShortPathNameA
GetThreadLocale
GetStringTypeExA
HeapAlloc
HeapCreate
InitializeCriticalSection
HeapDestroy
GetSystemInfo
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
FlushInstructionCache
GetCurrentProcess
SearchPathA
GetVersionExA
lstrcpynA
GetWindowsDirectoryA
GetTempPathA
GetCurrentThreadId
OutputDebugStringA
SetEnvironmentVariableA
GetEnvironmentVariableA
DebugBreak
CreateDirectoryA
FreeLibrary
GetProcAddress
LoadLibraryA
GetSystemTime
WinExec
lstrcmpA
FindClose
FindNextFileA
FindFirstFileA
HeapReAlloc
HeapFree
GetSystemDirectoryA
GetModuleFileNameA
MoveFileA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetPrivateProfileIntA
lstrcmpiA
DeleteFileA
lstrlenA
GetFileSize
MoveFileExA
CopyFileA
CloseHandle
WriteFile
ReadFile
InterlockedIncrement
CreateFileA
InterlockedDecrement
lstrcatA
GetSystemDefaultLangID
lstrcpyA
SetCurrentDirectoryA
GetPrivateProfileSectionA
GetLastError

user32

MapWindowPoints
SetWindowPos
ShowWindow
GetClientRect
GetWindow
LoadImageA
GetSystemMetrics
SystemParametersInfoA
EndDialog
ExitWindowsEx
wsprintfA
MessageBoxA
GetDlgItem
GetParent
SetPropA
SetWindowTextA
GetCapture
GetWindowLongA
InvalidateRect
SetCapture
GetWindowRect
ClientToScreen
PtInRect
ReleaseCapture
LoadCursorA
SetCursor
GetPropA
CallWindowProcA
RemovePropA
CharLowerA
SetWindowLongA
PostMessageA
DialogBoxParamA
wvsprintfA
SetDlgItemTextA
CharNextA
LoadStringA
SendMessageA
GetActiveWindow
FindWindowA

gdi32

GetObjectA
CreateFontIndirectA
DeleteObject
SetTextColor

advapi32

RegDeleteValueA
RegDeleteKeyA
RegOpenKeyExA
GetUserNameA
RegQueryValueExA
RegEnumKeyExA
LookupPrivilegeValueA
OpenProcessToken
AdjustTokenPrivileges
RegEnumKeyA
RegQueryInfoKeyA
RegFlushKey
FreeSid
RegEnumValueA
RegCloseKey
RegCreateKeyExA
RegSetValueExA

shell32

ShellExecuteA

ole32

OleInitialize
OleUninitialize

shlwapi

SHDeleteKeyA
StrToIntA
SHDeleteValueA

setupapi

SetupIterateCabinetA

Exports

Exports

install

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

feb11f6bed4b7250c614ea51c779b20e

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

shlwapi

setupapi

Exports

Exports

Sections

.text Size: 40KB - Virtual size: 39KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 24KB - Virtual size: 26KB

.rsrc Size: 8KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 40KB - Virtual size: 39KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 24KB - Virtual size: 26KB

.rsrc
Size: 8KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 3KB