22ee4c611ab2716fd42fa79aa6323188_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

22ee4c611ab2716fd42fa79aa6323188_JaffaCakes118
Size

128KB
MD5

22ee4c611ab2716fd42fa79aa6323188
SHA1

39b3702cff3d2acc50ce3b7058ce3dd3fd283efa
SHA256

ba681e6bd8c019236e08b6056209d2d98aa54215f955c37d5fa2943a5be84cb9
SHA512

c0cd3032e641a7ae1f92af9646b5bd1d91e2aed1318869c0e8c01d9bf59969953d77a07f016c9fb64cfa593fda93fa9809aeca15b60f012fbca0a3239e57adba
SSDEEP

3072:q5jQ2xIJhd7tyGrImSVOrsIl/vVSbu/yf34:yjQKy1rF1snum3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
22ee4c611ab2716fd42fa79aa6323188_JaffaCakes118

Files

22ee4c611ab2716fd42fa79aa6323188_JaffaCakes118
.dll windows:4 windows x86 arch:x86

119d368b7ff439556c209058173c99e1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WriteConsoleW
GetStdHandle
FreeLibrary
GetProcAddress
LoadLibraryW
GetSystemDirectoryW
GetFileAttributesW
FindNextFileW
FindClose
FindFirstFileW
DeleteFileW
SetFileAttributesW
CopyFileW
CreateDirectoryW
GetSystemTimeAsFileTime
GetCurrentProcess
TerminateProcess
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
InterlockedCompareExchange
Sleep
InterlockedExchange
UnhandledExceptionFilter
LoadLibraryA
InterlockedDecrement
lstrcmpiA
lstrlenA
CreateProcessW
GetVersionExW
lstrlenW
ResetEvent
DeviceIoControl
WaitForSingleObject
GetOverlappedResult
CancelIo
AddAtomW
GetProcessHeap
InterlockedIncrement
LocalAlloc
CloseHandle
GetModuleHandleW
UnregisterWait
RegisterWaitForSingleObject
lstrcmpW
FormatMessageW
ExpandEnvironmentStringsW
GetModuleFileNameW
ProcessIdToSessionId
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
HeapSize
GetCPInfo
GetOEMCP
GetACP
GetSystemInfo
GetEnvironmentStringsW
GetLastError
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
GetStartupInfoA
SetHandleCount
GetModuleHandleA
ExitProcess
VirtualQuery
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
RtlUnwind
HeapFree
HeapAlloc
WideCharToMultiByte
WriteFile
LocalFree
GetFileType
GetConsoleMode
GetSystemWindowsDirectoryW
VirtualProtect
CreateFileW
GetCommandLineA

user32

DispatchMessageA
MessageBoxA
PostQuitMessage
GetMessageA
LoadStringW
DestroyIcon
DestroyWindow
LoadCursorW
RegisterClassExW
SystemParametersInfoW
LoadImageW
FindWindowW
PostMessageW
AppendMenuW
IsWindowVisible
GetDoubleClickTime
RegisterHotKey
ShowWindow
GetMenuItemCount
GetMenuItemInfoW
DestroyMenu
DefWindowProcW
KillTimer
SetTimer
SendMessageW
GetSystemMetrics
NotifyWinEvent
InsertMenuItemW
CreateWindowExW
SendNotifyMessageW
EnumWindows

advapi32

RegDeleteValueW
RegQueryInfoKeyW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegCloseKey

gdi32

DeleteObject

ole32

CoUninitialize
CoRevokeClassObject
CoRegisterClassObject
CoInitialize
CoRegisterPSClsid

rpcrt4

NdrDllGetClassObject

Sections

.text
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

119d368b7ff439556c209058173c99e1

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

ole32

rpcrt4

Sections

.text Size: 60KB - Virtual size: 57KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 40KB - Virtual size: 72KB

.rsrc Size: 8KB - Virtual size: 6KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 60KB - Virtual size: 57KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 40KB - Virtual size: 72KB

.rsrc
Size: 8KB - Virtual size: 6KB

.reloc
Size: 8KB - Virtual size: 4KB