232a1e74db691d7f084e5a32ea47257d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

232a1e74db691d7f084e5a32ea47257d_JaffaCakes118
Size

213KB
MD5

232a1e74db691d7f084e5a32ea47257d
SHA1

6875e17cda262b91b4955ed095c3a9fbee9e859f
SHA256

b5613f38c5d9c308c4cdee23460d40ec973e587e348b6e0ec9b556874962e97b
SHA512

a1f79021fe57ad0904a891fb1a2452ecc6553b65877ec9acf5e9df1c22d1ff37f50a6b3ab82e2b486fafd3d572260379dd958d0c420415d2bf07c41e5cf3ec19
SSDEEP

3072:9qz4UW8/X0dPIdrwCJMDQpg5dmShGs4vWz+kLJG+9jSBhpwhkzXlFZ9:b+yDQKmfs4vWzzLJzW9NzXt9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
232a1e74db691d7f084e5a32ea47257d_JaffaCakes118

Files

232a1e74db691d7f084e5a32ea47257d_JaffaCakes118
.dll windows:5 windows x86 arch:x86

62143ad3602394f4683fcef1ac7af882

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetWindowsDirectoryA
DosDateTimeToFileTime
VirtualAllocEx
AddAtomW
AddConsoleAliasW
CallNamedPipeW
CancelDeviceWakeupRequest
CompareStringW
ContinueDebugEvent
CopyFileA
CopyFileExW
CopyFileW
CreateFiber
CreateFileW
CreateMailslotW
CreateNamedPipeA
CreateRemoteThread
CreateSemaphoreA
CreateSemaphoreW
CreateWaitableTimerW
DebugBreak
DeleteAtom
DeleteCriticalSection
DeleteTimerQueueEx
DisconnectNamedPipe
DnsHostnameToComputerNameA
DuplicateHandle
EndUpdateResourceW
EnterCriticalSection
EnumCalendarInfoW
EnumDateFormatsExA
EnumLanguageGroupLocalesA
EnumSystemCodePagesW
EnumTimeFormatsA
EnumUILanguagesW
EscapeCommFunction
ExpandEnvironmentStringsW
FillConsoleOutputAttribute
FindFirstChangeNotificationA
FindFirstChangeNotificationW
FindFirstVolumeMountPointA
FindFirstVolumeMountPointW
FindFirstVolumeW
FindNextChangeNotification
FindNextFileA
FindNextVolumeA
FindNextVolumeMountPointW
FindResourceA
FindResourceExA
FindResourceExW
FindResourceW
FlushInstructionCache
FreeLibraryAndExitThread
FreeUserPhysicalPages
GenerateConsoleCtrlEvent
GetAtomNameA
GetCalendarInfoW
GetCommMask
GetCommModemStatus
GetCommandLineA
GetCommandLineW
GetCompressedFileSizeW
GetComputerNameA
GetConsoleAliasExesA
GetConsoleAliasesLengthA
GetConsoleTitleA
GetCurrentThreadId
GetDefaultCommConfigW
GetEnvironmentStrings
GetEnvironmentStringsA
GetExitCodeThread
GetFileAttributesExW
GetHandleInformation
GetLocaleInfoA
GetNamedPipeHandleStateA
GetNamedPipeHandleStateW
GetNamedPipeInfo
GetNumberFormatW
GetNumberOfConsoleInputEvents
GetNumberOfConsoleMouseButtons
GetPriorityClass
GetPrivateProfileIntA
GetPrivateProfileSectionW
GetPrivateProfileStringW
GetPrivateProfileStructW
GetProcessAffinityMask
GetProcessShutdownParameters
GetProcessTimes
GetProfileIntA
GetProfileIntW
GetProfileStringW
lstrcatA
GetStartupInfoA
GetStringTypeExW
GetStringTypeW
GetSystemDefaultUILanguage
GetSystemTimeAdjustment
GetThreadLocale
GetThreadPriorityBoost
GetUserDefaultLangID
GetWindowsDirectoryW
GlobalAddAtomA
GlobalAlloc
GlobalCompact
GlobalFindAtomA
GlobalFlags
GlobalGetAtomNameW
GlobalMemoryStatus
Heap32ListFirst
Heap32Next
HeapValidate
InitAtomTable
InitializeCriticalSectionAndSpinCount
InterlockedExchangeAdd
IsBadStringPtrW
IsProcessorFeaturePresent
LeaveCriticalSection
LoadLibraryExW
LoadResource
LocalAlloc
LocalCompact
LocalLock
MapViewOfFile
Module32First
MoveFileExA
MoveFileW
OpenSemaphoreA
OpenWaitableTimerA
PeekConsoleInputW
Process32First
Process32FirstW
Process32NextW
QueryPerformanceFrequency
QueueUserAPC
ReadConsoleInputW
ReadFileScatter
ReadProcessMemory
RemoveDirectoryW
ReplaceFileW
RtlZeroMemory
SetCommConfig
SetConsoleScreenBufferSize
SetCurrentDirectoryA
SetDefaultCommConfigA
SetEvent
SetFileApisToANSI
SetFileAttributesA
SetLastError
SetLocalTime
SetProcessAffinityMask
SetStdHandle
SetSystemPowerState
SetThreadLocale
SleepEx
SwitchToFiber
SwitchToThread
SystemTimeToFileTime
TlsGetValue
Toolhelp32ReadProcessMemory
TransactNamedPipe
TransmitCommChar
UnhandledExceptionFilter
UnlockFileEx
VerLanguageNameA
VirtualLock
VirtualProtect
VirtualUnlock
WaitForDebugEvent
WaitForMultipleObjects
WaitForMultipleObjectsEx
WaitForSingleObjectEx
WriteConsoleOutputAttribute
WritePrivateProfileStringA
WritePrivateProfileStructW
_lclose
_llseek
_lopen
_lread
lstrcat
lstrcmp
lstrcmpA
lstrcmpi
lstrlen
GetShortPathNameA
CreateFileA
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
RtlUnwind
IsDebuggerPresent

advapi32

RegOpenKeyExW

oleaut32

DispCallFunc
DispGetIDsOfNames
DispGetParam
ClearCustData
GetActiveObject
GetAltMonthNames
LHashValOfNameSys
LHashValOfNameSysA
LPSAFEARRAY_Size
LPSAFEARRAY_UserFree
LPSAFEARRAY_UserMarshal
LoadTypeLibEx
OaBuildVersion
OleCreateFontIndirect
OleCreatePictureIndirect
OleCreatePropertyFrame
OleCreatePropertyFrameIndirect
OleIconToCursor
OleLoadPictureEx
OleLoadPictureFile
OleLoadPictureFileEx
OleLoadPicturePath
QueryPathOfRegTypeLi
RegisterActiveObject
RevokeActiveObject
SafeArrayAccessData
SafeArrayAllocDescriptorEx
SafeArrayCreateEx
SafeArrayCreateVector
SafeArrayDestroyData
SafeArrayGetDim
SafeArrayGetRecordInfo
SafeArrayGetVartype
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayRedim
SafeArraySetIID
SafeArraySetRecordInfo
SafeArrayUnlock
SysAllocString
SysAllocStringByteLen
SysAllocStringLen
SysFreeString
SysReAllocStringLen
SysStringByteLen
SysStringLen
SystemTimeToVariantTime
VARIANT_UserSize
VarAdd
VarAnd
VarBoolFromCy
VarBoolFromDate
VarBoolFromDec
VarBoolFromDisp
VarBoolFromI1
VarBoolFromR4
VarBoolFromR8
VarBoolFromStr
VarBoolFromUI1
VarBstrCat
VarBstrCmp
VarBstrFromCy
VarBstrFromDisp
VarBstrFromI1
VarBstrFromR4
VarBstrFromUI1
VarBstrFromUI2
VarCyCmp
VarCyCmpR8
VarCyFromBool
VarCyFromDate
VarCyFromDec
VarCyFromDisp
VarCyFromI1
VarCyFromR4
VarCyFromStr
VarCyFromUI1
VarCyInt
VarCyMul
VarCyRound
VarDateFromBool
VarDateFromCy
VarDateFromDec
VarDateFromDisp
VarDateFromI1
VarDateFromI2
VarDateFromR4
VarDateFromUI2
VarDateFromUI4
VarDateFromUdate
VarDateFromUdateEx
VarDecAdd
VarDecCmp
VarDecDiv
VarDecFix
VarDecFromDisp
VarDecFromI4
VarDecFromR4
VarDecFromStr
VarDecFromUI1
VarDecFromUI2
VarDecInt
VarDecNeg
VarDiv
VarEqv
VarFix
VarFormatCurrency
VarFormatFromTokens
VarI1FromBool
VarI1FromCy
VarI1FromDate
VarI1FromDec
VarI1FromI4
VarI1FromR4
VarI1FromR8
VarI1FromStr
VarI1FromUI1
VarI2FromCy
VarI2FromDate
VarI2FromDec
VarI2FromDisp
VarI2FromI4
VarI2FromR4
VarI2FromR8
VarI2FromStr
VarI2FromUI1
VarI2FromUI2
VarI2FromUI4
VarI4FromCy
VarI4FromDate
VarI4FromDec
VarI4FromDisp
VarI4FromI2
VarI4FromR8
VarI4FromUI1
VarI4FromUI2
VarI4FromUI4
VarIdiv
VarMonthName
VarMul
VarNeg
VarPow
VarR4CmpR8
VarR4FromDate
VarR4FromDec
VarR4FromI4
VarR4FromR8
VarR4FromStr
VarR4FromUI1
VarR4FromUI2
VarR8FromBool
VarR8FromCy
VarR8FromDate
VarR8FromDec
VarR8FromDisp
VarR8FromI1
VarR8FromI4
VarR8FromStr
VarR8FromUI4
VarR8Pow
VarSu
VarTokenizeFormatString
VarUI1FromCy
VarUI1FromDate
VarUI1FromDec
VarUI1FromDisp
VarUI1FromI4
VarUI1FromR8
VarUI1FromStr
VarUI1FromUI4
VarUI2FromBool
VarUI2FromDate
VarUI2FromDisp
VarUI2FromI1
VarUI2FromI4
VarUI2FromR4
VarUI2FromR8
VarUI2FromStr
VarUI2FromUI1
VarUI4FromBool
VarUI4FromCy
VarUI4FromDate
VarUI4FromI1
VarUI4FromI4
VarUI4FromStr
VarUI4FromUI1
VarUI4FromUI2
VarXor
VariantChangeTypeEx
VariantCopyInd
VariantInit
VariantTimeToDosDateTime
VariantTimeToSystemTime
VectorFromBstr
BSTR_UserUnmarshal
BSTR_UserSize
BSTR_UserMarshal
BSTR_UserFree
DosDateTimeToVariantTime

Sections

.text
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 271KB - Virtual size: 272KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data2
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data3
Size: 1024B - Virtual size: 1000B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

62143ad3602394f4683fcef1ac7af882

Headers

File Characteristics

Imports

kernel32

advapi32

oleaut32

Sections

.text Size: 5KB - Virtual size: 5KB

.rdata Size: 7KB - Virtual size: 7KB

.data Size: 271KB - Virtual size: 272KB

.data2 Size: 1024B - Virtual size: 1000B

.data3 Size: 1024B - Virtual size: 1000B

.CRT Size: 512B - Virtual size: 4B

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 5KB - Virtual size: 5KB

.rdata
Size: 7KB - Virtual size: 7KB

.data
Size: 271KB - Virtual size: 272KB

.data2
Size: 1024B - Virtual size: 1000B

.data3
Size: 1024B - Virtual size: 1000B

.CRT
Size: 512B - Virtual size: 4B

.reloc
Size: 3KB - Virtual size: 2KB