2adfa3fb6088f9ca79ef11f78dd78f3b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2adfa3fb6088f9ca79ef11f78dd78f3b_JaffaCakes118
Size

588KB
MD5

2adfa3fb6088f9ca79ef11f78dd78f3b
SHA1

30cb9fd1f94177670b0b2e9bc25fb60bf960a826
SHA256

c0f75ee5b6ea202149d03c7fa56e4550928d17196cc2f6fc106ae774e5640de0
SHA512

a91408e8d36f69f9c0c5f0a0b398a5ebf137b6c0f6a59e04c0ff1ec2fcccb9749e0b188f9d5763a6be90c6e112f0de01c5e2f5927209ae1337dd2f235cf3e217
SSDEEP

12288:whr4UCeaHTA80gIZ4BgmOEGVN9vtI0E5uO9FAOu8axTN:ga2g5gmO791I0E5uO9FANh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2adfa3fb6088f9ca79ef11f78dd78f3b_JaffaCakes118

Files

2adfa3fb6088f9ca79ef11f78dd78f3b_JaffaCakes118
.dll windows:5 windows x86 arch:x86

0fda4497453286b1daa098623dfc53ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

msvcr90.i386.pdb

Imports

kernel32

GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleW
Sleep
GetProcAddress
ExitProcess
WriteFile
GetStdHandle
GetSystemWindowsDirectoryW
GetSystemDirectoryW
GetLongPathNameW
GetCurrentThreadId
TlsGetValue
DebugBreak
OutputDebugStringA
GetCommandLineA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
ExitThread
CloseHandle
GetLastError
ResumeThread
CreateThread
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCurrentThread
FindNextFileA
FindFirstFileA
FindClose
FindNextFileW
FindFirstFileW
GetLogicalDrives
GetDiskFreeSpaceA
FileTimeToSystemTime
FileTimeToLocalFileTime
SetErrorMode
Beep
GetFileAttributesA
SetFileAttributesA
SetEnvironmentVariableA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetFullPathNameA
GetDriveTypeA
GetCurrentProcessId
CreateDirectoryA
MoveFileA
RemoveDirectoryA
DeleteFileA
GetFileAttributesW
SetEnvironmentVariableW
GetCurrentDirectoryW
SetCurrentDirectoryW
SetFileAttributesW
GetFullPathNameW
CreateDirectoryW
MoveFileW
RemoveDirectoryW
GetDriveTypeW
DeleteFileW
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
LoadLibraryA
FreeLibrary
CreateProcessW
ReadFile
DuplicateHandle
GetCurrentProcess
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetLocalTime
WideCharToMultiByte
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
SetLocalTime
MultiByteToWideChar
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetTimeFormatA
GetDateFormatA
RtlUnwind
RaiseException
HeapFree
HeapAlloc
GetProcessHeap
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
HeapSize
HeapReAlloc
VirtualAlloc
HeapValidate
HeapCompact
HeapWalk
VirtualProtect
GetSystemInfo
VirtualQuery
SetHandleCount
GetFileType
GetStartupInfoA
SetFilePointer
GetConsoleCP
GetConsoleMode
CreateFileA
FlushFileBuffers
CreatePipe
CreateFileW
SetStdHandle
ReadConsoleInputA
SetConsoleMode
PeekConsoleInputA
GetNumberOfConsoleInputEvents
ReadConsoleInputW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
IsDBCSLeadByteEx
ReadConsoleA
ReadConsoleW
SetEndOfFile
GetFileInformationByHandle
PeekNamedPipe
InterlockedExchange
LockFile
UnlockFile
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetConsoleCtrlHandler
InitializeCriticalSectionAndSpinCount
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
FreeEnvironmentStringsA
GetEnvironmentStrings
QueryPerformanceCounter
GetTickCount
GetStringTypeW
GetStringTypeA
LCMapStringA
LCMapStringW
CompareStringA
CompareStringW
GetLocaleInfoW
GetLocaleInfoA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
LoadLibraryW
GetModuleHandleA

Sections

.text
Size: 598KB - Virtual size: 598KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0fda4497453286b1daa098623dfc53ce

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

Sections

.text Size: 598KB - Virtual size: 598KB

.data Size: 17KB - Virtual size: 25KB

.rsrc Size: 1024B - Virtual size: 968B

.reloc Size: 14KB - Virtual size: 13KB

.text
Size: 598KB - Virtual size: 598KB

.data
Size: 17KB - Virtual size: 25KB

.rsrc
Size: 1024B - Virtual size: 968B

.reloc
Size: 14KB - Virtual size: 13KB