23a5084dbff70457b5c0c4267c3e7c63_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

23a5084dbff70457b5c0c4267c3e7c63_JaffaCakes118
Size

80KB
MD5

23a5084dbff70457b5c0c4267c3e7c63
SHA1

cb66c4e29eeb1c2d66d960d36d7972510bafc939
SHA256

dc09974e1baa797c6149234c60102c2002ab01d7c917381fe4c9cf8197dbf7ce
SHA512

ca41147943d881fca256e7964bf7bbeec4a59fa936a1349ff41258b397f699d99f9bb880a102ea916e9434ee9304888f3728b282ecc6f24bf067b33464702437
SSDEEP

1536:kwf+Zemh5vBiqdixH//dEPHcGHNJN1zW2W:r+ZxvvBiPfm/co31z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
23a5084dbff70457b5c0c4267c3e7c63_JaffaCakes118

Files

23a5084dbff70457b5c0c4267c3e7c63_JaffaCakes118
.dll windows:4 windows x86 arch:x86

a5c323f4c28d5c49e651135d7a63e1e6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LocalFree
GetProcessHeap
ExitProcess
UnmapViewOfFile
GetProcAddress
GetLastError
LoadLibraryA
GetTickCount
LeaveCriticalSection
InterlockedCompareExchange
CreateProcessA
MapViewOfFileEx
ReleaseActCtx
GetDiskFreeSpaceW
HeapSize
GetStartupInfoW
UnlockFile
SetCurrentDirectoryW
FindAtomA
LocalAlloc
EnumResourceNamesA
CompareStringA
GetCurrentDirectoryW
FindNextChangeNotification
CreateEventW
GlobalAddAtomA
GetLogicalDrives
GetLongPathNameW
WriteConsoleA
UnregisterWaitEx
SetProcessShutdownParameters
FindNextFileA
SetStdHandle
EnumUILanguagesW
CreateMailslotW
GetCommProperties
PeekConsoleInputA
GetUserDefaultUILanguage
ReplaceFileW
MultiByteToWideChar
GetLocalTime
OpenThread
DuplicateHandle
lstrcmpiA
AddRefActCtx
WriteFileEx
CreateThread
IsValidCodePage
SetConsoleActiveScreenBuffer
SetSystemTime
WaitForSingleObjectEx
VerifyVersionInfoA
GetAtomNameA
GetTempFileNameW
CompareStringW
CreateFileMappingW
LockFileEx
DeviceIoControl
VerifyVersionInfoW
LocalHandle
lstrcmpW
GlobalFlags
FindFirstFileExW
HeapSetInformation
FreeEnvironmentStringsW
GetShortPathNameA
SetComputerNameExW
ChangeTimerQueueTimer
GetNumberFormatW
SetHandleInformation
GetEnvironmentStringsW
EscapeCommFunction
EnumSystemLocalesA
SearchPathA
UpdateResourceA
ClearCommError
InitializeCriticalSection
SetErrorMode
GetVersionExA
DosDateTimeToFileTime

ole32

OleSave
OleCreateFromFile
OleSetMenuDescriptor
CoCreateInstance
OleGetAutoConvert
CoWaitForMultipleHandles
CoFileTimeNow
GetHGlobalFromStream
CoUnmarshalInterface
OleCreateStaticFromData
OleSaveToStream
MkParseDisplayName
CoSwitchCallContext
CoRevertToSelf
CoGetCallContext
CoInitializeEx
StgCreateDocfileOnILockBytes
CoDisableCallCancellation
CoTaskMemAlloc
CoUninitialize
CoTaskMemFree

oleaut32

SysAllocString

shlwapi

StrCatBuffW
StrNCatW
PathMakePrettyW
PathCombineW
StrFormatKBSizeW
StrToIntA
PathAddBackslashA
StrDupW
UrlCanonicalizeW
PathFindExtensionA
UrlCreateFromPathW
StrCmpNIA
SHRegGetValueW
PathCompactPathExW
SHRegGetBoolUSValueW
PathQuoteSpacesW
PathFindNextComponentW
StrStrW
StrStrIA
StrChrA
PathStripToRootW
StrDupA

Exports

Exports

CPlApplet

Sections

.text
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a5c323f4c28d5c49e651135d7a63e1e6

Headers

File Characteristics

Imports

kernel32

ole32

oleaut32

shlwapi

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 57KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 8KB - Virtual size: 6KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 60KB - Virtual size: 57KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 8KB - Virtual size: 6KB

.reloc
Size: 4KB - Virtual size: 2KB