1acc7e8b21eb611cd8aa7aaf82782778_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1acc7e8b21eb611cd8aa7aaf82782778_JaffaCakes118
Size

187KB
MD5

1acc7e8b21eb611cd8aa7aaf82782778
SHA1

9154fdd18d7f619de7c016fb0ba40b77b4e47a11
SHA256

8ab665f3bf8a8487c5af95d8b1087762d8077288ed7baab5a23248e8ca64fe08
SHA512

23ceaf8d5709e52ee8d669db2772b94fef4a80348ec64051309c4d1dac65c2c1363b93bfa0917a4a373d46f52fdc83e6f31a7034473049374051e6bb6564fd47
SSDEEP

3072:UaaLSVonW+Ld9CGePMolfkDjqn65QrHcu3tc4ZcwaY0e:dauVUW8dgG7oFk665Qr8mtLFv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1acc7e8b21eb611cd8aa7aaf82782778_JaffaCakes118

Files

1acc7e8b21eb611cd8aa7aaf82782778_JaffaCakes118
.dll windows:4 windows x86 arch:x86

6c0cc384dc68a378ef528ac0a9076889

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrlenA
GetThreadLocale
GetCurrentProcessId
LoadLibraryA
GetCurrentThreadId
GetLocalTime
CloseHandle
GetCurrentThread
CreateFileA
LoadLibraryExA
MulDiv
LockResource
ExitProcess
FindFirstFileA
FindClose
GetDiskFreeSpaceA
SetEndOfFile
LocalFree
ResetEvent
lstrcmpiA
SetFilePointer
lstrcpyA
GetFileAttributesA
GetModuleHandleA
GetOEMCP
lstrcmpA
GetVersionExA
HeapFree
GetFullPathNameA
CompareStringA
EnumCalendarInfoA
HeapDestroy
FindResourceA
HeapAlloc
Sleep
GlobalAlloc
VirtualFree
WaitForSingleObject
ReadFile
VirtualAlloc
GetProcAddress
CreateEventA
GetCurrentProcess

comdlg32

GetOpenFileNameA
GetFileTitleA
ChooseColorA
GetSaveFileNameA

shell32

SHGetSpecialFolderLocation
Shell_NotifyIconA
SHFileOperationA
SHGetDesktopFolder

version

VerQueryValueA
VerInstallFileA

user32

GetCursorPos
CharLowerA
EnumThreadWindows
TrackPopupMenu
IsWindowEnabled
DrawIconEx
IsWindowVisible
GetDCEx
FrameRect
GetMenuItemID
CreateIcon
GetKeyState
EnumWindows
SetCursor
GetMenuStringA
GetCursor
GetIconInfo
EndPaint
GetFocus
SetWindowTextA
MessageBoxA
EnumChildWindows
DefMDIChildProcA
BeginDeferWindowPos
CheckMenuItem
GetClipboardData
FindWindowA
GetMenuItemInfoA
GetActiveWindow
IsChild
ShowWindow

msvcrt

__p__commode
swprintf
_unlock
wcscspn
time
sprintf
wcsncmp
_errno
malloc
memset
rand

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 165KB - Virtual size: 332KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.init
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 610B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6c0cc384dc68a378ef528ac0a9076889

Headers

File Characteristics

Imports

kernel32

comdlg32

shell32

version

user32

msvcrt

Sections

.text Size: 12KB - Virtual size: 11KB

.rdata Size: 2KB - Virtual size: 2KB

.edata Size: 165KB - Virtual size: 332KB

.init Size: 5KB - Virtual size: 5KB

.reloc Size: 1024B - Virtual size: 610B

.text
Size: 12KB - Virtual size: 11KB

.rdata
Size: 2KB - Virtual size: 2KB

.edata
Size: 165KB - Virtual size: 332KB

.init
Size: 5KB - Virtual size: 5KB

.reloc
Size: 1024B - Virtual size: 610B