29824b0e1b51801f2f03b797f3341a5d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

29824b0e1b51801f2f03b797f3341a5d_JaffaCakes118
Size

262KB
MD5

29824b0e1b51801f2f03b797f3341a5d
SHA1

aa181e49a9c7a0d288e42b8f0f4ac802772291be
SHA256

3367ee51a938e15219d1ec5a44e2225632f8c76589e8574b8c68a6dfbc32271b
SHA512

f3f15b0ee40c165c25c933c481cdadd43bc91642967bffd70ae21eb6089547eae7070c9125661043e2e66b050bf786e2952e1a597e18a16558bb816defd8ef51
SSDEEP

6144:QzL6jZZyWp2Y2zQFYuEenLC8JfKjSw5FgVA5rdha3WMKt:6MZZ7R2zQFVEeBMSw566z5t

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29824b0e1b51801f2f03b797f3341a5d_JaffaCakes118

Files

29824b0e1b51801f2f03b797f3341a5d_JaffaCakes118
.dll windows:1 windows x86 arch:x86

e6eb3ec016574a2cea888792406569f6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateDirectoryW
ExitProcess
FlushFileBuffers
GetCommConfig
GetCommMask
GetCommState
GetConsoleAliasExesW
GetConsoleCursorInfo
GetConsoleOutputCP
GetFileSize
GetModuleFileNameA
GetShortPathNameA
GetSystemTimeAdjustment
GetTempPathA
GetTickCount
GetTimeZoneInformation
GlobalSize
InitializeCriticalSection
LeaveCriticalSection
OutputDebugStringA
PeekConsoleInputA
PostQueuedCompletionStatus
RtlFillMemory
RtlMoveMemory
RtlZeroMemory
SetFileAttributesA
SetFileAttributesW
Sleep
Toolhelp32ReadProcessMemory
TransactNamedPipe
UnlockFileEx
VirtualProtect
VirtualUnlock
WaitForDebugEvent
WriteFile
WriteFileEx
WritePrivateProfileStructA
_lread
lstrcatW
lstrcmpA
lstrcmpiA

user32

AdjustWindowRectEx
AppendMenuA
CharUpperBuffA
CharUpperBuffW
CheckMenuItem
CountClipboardFormats
CreateMenu
CreateWindowStationW
DdeCreateStringHandleW
DdeDisconnect
DdeInitializeA
DefMDIChildProcA
DeferWindowPos
DlgDirSelectExW
EnumPropsExA
FindWindowW
GetAltTabInfoA
GetClassWord
GetScrollRange
GetShellWindow
GetSystemMetrics
GetWindowLongA
GetWindowLongW
IsCharAlphaA
IsRectEmpty
LoadCursorA
LoadImageW
ScrollWindowEx
SetClassLongA
SetClassWord
SetMenu
SetUserObjectSecurity
ShowCaret
ShowWindow
TabbedTextOutA
WindowFromPoint
wvsprintfA

gdi32

CreateEllipticRgn
DeviceCapabilitiesExA
ExtCreateRegion
FillRgn
GdiComment
GetCharABCWidthsFloatA
GetClipBox
GetClipRgn
GetColorAdjustment
GetColorSpace
GetDeviceGammaRamp
GetPath
GetPixel
GetPixelFormat
GetTextCharacterExtra
GetTextFaceA
GetTextFaceW
PolyPatBlt
ResetDCW
SetColorAdjustment
gdiPlaySpoolStream

comctl32

CreateMappedBitmap
DrawStatusTextW
GetEffectiveClientRect
ImageList_Add
ImageList_SetDragCursorImage
ImageList_SetImageCount
UninitializeFlatSB

shell32

FindExecutableW
SHQueryRecycleBinA

advapi32

AccessCheckByTypeResultListAndAuditAlarmA
ChangeServiceConfig2A
CloseEventLog
CloseServiceHandle
CreatePrivateObjectSecurity
CreateProcessAsUserW
CreateRestrictedToken
CryptGetDefaultProviderA
ElfReportEventA
GetMultipleTrusteeW
IsValidSecurityDescriptor
LookupPrivilegeNameW
LookupSecurityDescriptorPartsA
LsaGetUserName
LsaSetSecret
QueryServiceConfig2A
ReadEventLogA
RegSaveKeyW
SetSecurityInfoExA
StartServiceA

msvcrt

_cabs
_exit
_pipe
_sleep
_wexeclpe
_winver
_wputenv
ctime
ispunct
modf

Exports

Exports

AFJvuBmxatlCdP
BuibWVbba
Deueofh
DtWjrJkVcd
EdfJginzlARjkc
FlulquYxQhU
Gwyewk
HUijifFf
Jqqfqifbfrqr
KhismMtu
MgUaIynu
MuzYGeidE
ORKvCd
OwdqbiptlbFEd
Pdvijh
QdewhHL
RvzXajncGZix
UempqEavjrvtvt
XqtizlfJc
YEqczZyjfnHAlQ
YihVgeqsmjxWt

Sections

.text
Size: 9KB - Virtual size: 10KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 211KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.vdata
Size: 512B - Virtual size: 498B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vdata
Size: 243KB - Virtual size: 449KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 824B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e6eb3ec016574a2cea888792406569f6

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comctl32

shell32

advapi32

msvcrt

Exports

Exports

Sections

.text Size: 9KB - Virtual size: 10KB

.data Size: 5KB - Virtual size: 211KB

.vdata Size: 512B - Virtual size: 498B

.vdata Size: 243KB - Virtual size: 449KB

.rsrc Size: 1024B - Virtual size: 824B

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 9KB - Virtual size: 10KB

.data
Size: 5KB - Virtual size: 211KB

.vdata
Size: 512B - Virtual size: 498B

.vdata
Size: 243KB - Virtual size: 449KB

.rsrc
Size: 1024B - Virtual size: 824B

.reloc
Size: 2KB - Virtual size: 1KB