223d284796ff2825bcbdc8e90945afc0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

223d284796ff2825bcbdc8e90945afc0_JaffaCakes118
Size

1.5MB
MD5

223d284796ff2825bcbdc8e90945afc0
SHA1

917a503ddc7e658012a08d1fc7711359f86fa172
SHA256

17d9f445a6973f253dfaa0ebb8d989abf858c6466c73ff96d813505b69c20be2
SHA512

4a36c015378e1c5bb6020b4c99d8a9df5f37124013e4635ab201fea760f7b69eca17b0842da6848d1c27656eeed9ebf37294c91a553d51f51fbbe8ede2c7cfaa
SSDEEP

12288:tVCD+TaPD/KuygwYicQhgRBt6LB6GcGhBa4/:tV++TkD/eWicDRHSYGcGhBa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
223d284796ff2825bcbdc8e90945afc0_JaffaCakes118

Files

223d284796ff2825bcbdc8e90945afc0_JaffaCakes118
.dll windows:5 windows x86 arch:x86

37558d11c560cf611189f508b163b8e4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

MulDiv
DisableThreadLibraryCalls
CreateThread
LoadLibraryA
GetModuleHandleA
WideCharToMultiByte
MultiByteToWideChar
GetLastError
GetFileSize
MapViewOfFile
CreateFileMappingA
CreateFileA
CreateFileW
GetVersionExA
CloseHandle
UnmapViewOfFile
HeapFree
GetProcessHeap
GetProcAddress
LockResource
LoadResource
SizeofResource
FindResourceA
FindResourceW
WriteFile
IsProcessorFeaturePresent
GetSystemTimeAsFileTime
HeapAlloc
RtlUnwind
GetCurrentThreadId
GetCommandLineA
InterlockedIncrement
InterlockedDecrement
GetModuleHandleW
ExitProcess
DeleteCriticalSection
LeaveCriticalSection
FatalAppExitA
EnterCriticalSection
VirtualFree
Sleep
HeapReAlloc
HeapCreate
HeapDestroy
GetStdHandle
GetModuleFileNameA
RaiseException
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThread
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
GetStringTypeA
GetStringTypeW
SetConsoleCtrlHandler
FreeLibrary
InterlockedExchange
InitializeCriticalSectionAndSpinCount
HeapSize
SetFilePointer
GetConsoleCP
GetConsoleMode
LCMapStringA
LCMapStringW
GetTimeZoneInformation
GetLocaleInfoW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
ReadFile
FlushFileBuffers
CompareStringA
CompareStringW
SetEnvironmentVariableA
VirtualAlloc
VirtualProtect

user32

DrawTextA
GetAsyncKeyState
GetSystemMetrics
DrawTextW

gdi32

SetBkMode
CreateDIBSection
SetMapMode
CreateFontIndirectA
GetObjectA
CreateCompatibleDC
DeleteDC
DeleteObject
ExtTextOutA
GetTextExtentPoint32A
SetTextAlign
SetBkColor
SetTextColor
SelectObject
CreateFontA
GetDeviceCaps

winmm

sndPlaySoundA

advapi32

RegQueryValueExA
RegOpenKeyA
RegCloseKey

Sections

.text
Size: 414KB - Virtual size: 414KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1.0MB - Virtual size: 1.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 15KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

37558d11c560cf611189f508b163b8e4

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winmm

advapi32

Sections

.text Size: 414KB - Virtual size: 414KB

.rdata Size: 70KB - Virtual size: 70KB

.data Size: 21KB - Virtual size: 32KB

.data1 Size: 2KB - Virtual size: 2KB

.rsrc Size: 1.0MB - Virtual size: 1.0MB

.reloc Size: 15KB - Virtual size: 14KB

.text
Size: 414KB - Virtual size: 414KB

.rdata
Size: 70KB - Virtual size: 70KB

.data
Size: 21KB - Virtual size: 32KB

.data1
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1.0MB - Virtual size: 1.0MB

.reloc
Size: 15KB - Virtual size: 14KB