245c80a82073593cf8f0621f742d1b32_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

245c80a82073593cf8f0621f742d1b32_JaffaCakes118
Size

128KB
MD5

245c80a82073593cf8f0621f742d1b32
SHA1

9212cb90bd895fefbcfa1e5979b3ce535d748e72
SHA256

d69f61f779b581dbc8a078769f1d6ba9b365dbb3421c4a913e77011d228517f3
SHA512

baba2322ab9efc2ac583ba923fe12282e178cad5fdaa1c8e6bbee9a8807bad5bc5a974038240f9af8e2f85a23ad61701633c5dacb6c4c1c7fd9928072876b1e2
SSDEEP

3072:qUxM82xKJUjdiatsOBhIm2VOrsIlzvVSbu/yf3S:vxNKbxtBhFhs7um3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
245c80a82073593cf8f0621f742d1b32_JaffaCakes118

Files

245c80a82073593cf8f0621f742d1b32_JaffaCakes118
.dll windows:4 windows x86 arch:x86

119d368b7ff439556c209058173c99e1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WriteConsoleW
GetStdHandle
FreeLibrary
GetProcAddress
LoadLibraryW
GetSystemDirectoryW
GetFileAttributesW
FindNextFileW
FindClose
FindFirstFileW
DeleteFileW
SetFileAttributesW
CopyFileW
CreateDirectoryW
GetSystemTimeAsFileTime
GetCurrentProcess
TerminateProcess
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
InterlockedCompareExchange
Sleep
InterlockedExchange
UnhandledExceptionFilter
LoadLibraryA
InterlockedDecrement
lstrcmpiA
lstrlenA
CreateProcessW
GetVersionExW
lstrlenW
ResetEvent
DeviceIoControl
WaitForSingleObject
GetOverlappedResult
CancelIo
AddAtomW
GetProcessHeap
InterlockedIncrement
LocalAlloc
CloseHandle
GetModuleHandleW
UnregisterWait
RegisterWaitForSingleObject
lstrcmpW
FormatMessageW
ExpandEnvironmentStringsW
GetModuleFileNameW
ProcessIdToSessionId
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
HeapSize
GetCPInfo
GetOEMCP
GetACP
GetSystemInfo
GetEnvironmentStringsW
GetLastError
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
GetStartupInfoA
SetHandleCount
GetModuleHandleA
ExitProcess
VirtualQuery
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
RtlUnwind
HeapFree
HeapAlloc
WideCharToMultiByte
WriteFile
LocalFree
GetFileType
GetConsoleMode
GetSystemWindowsDirectoryW
VirtualProtect
CreateFileW
GetCommandLineA

user32

DispatchMessageA
MessageBoxA
PostQuitMessage
GetMessageA
LoadStringW
DestroyIcon
DestroyWindow
LoadCursorW
RegisterClassExW
SystemParametersInfoW
LoadImageW
FindWindowW
PostMessageW
AppendMenuW
IsWindowVisible
GetDoubleClickTime
RegisterHotKey
ShowWindow
GetMenuItemCount
GetMenuItemInfoW
DestroyMenu
DefWindowProcW
KillTimer
SetTimer
SendMessageW
GetSystemMetrics
NotifyWinEvent
InsertMenuItemW
CreateWindowExW
SendNotifyMessageW
EnumWindows

advapi32

RegDeleteValueW
RegQueryInfoKeyW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegCloseKey

gdi32

DeleteObject

ole32

CoUninitialize
CoRevokeClassObject
CoRegisterClassObject
CoInitialize
CoRegisterPSClsid

rpcrt4

NdrDllGetClassObject

Sections

.text
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

119d368b7ff439556c209058173c99e1

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

ole32

rpcrt4

Sections

.text Size: 60KB - Virtual size: 57KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 40KB - Virtual size: 72KB

.rsrc Size: 8KB - Virtual size: 6KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 60KB - Virtual size: 57KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 40KB - Virtual size: 72KB

.rsrc
Size: 8KB - Virtual size: 6KB

.reloc
Size: 8KB - Virtual size: 4KB