340ab9157d745219b65f6bdb75909a19_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

340ab9157d745219b65f6bdb75909a19_JaffaCakes118
Size

121KB
MD5

340ab9157d745219b65f6bdb75909a19
SHA1

755775e8fc6d34b095052048980d7e3baf252d5e
SHA256

2bde3a0369b79f46b300b638fa1020c4c6153f8b81aea74961787d7fe62cb8c8
SHA512

d26c28d15e4eb9240dd91ea76779a33adf3e76edcfa16545f5ef1ae798ebcfd089c3f86bfd5821894c8a46aafdeb0483786c7b2a3adb6a52a3cbe05cd6449b98
SSDEEP

1536:dVfuzrWZVAeqDGIr+CHKlCUAs3P20OJ52dAv1vGYRGRvD5fnL8:LfuzrWZoGIiCHG7u0JSv1pKvVL8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
340ab9157d745219b65f6bdb75909a19_JaffaCakes118

Files

340ab9157d745219b65f6bdb75909a19_JaffaCakes118
.dll windows:4 windows x86 arch:x86

cda30a3bb02979e3411adcccb5ccb1f9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ntdll

PfxInsertPrefix
memcmp
RtlSetBits
NtRequestPort
RtlTimeToSecondsSince1970
RtlAssert
NtAdjustPrivilegesToken
RtlReAllocateHeap
strrchr
NtSecureConnectPort
RtlConvertVariantToProperty
RtlSubtreeSuccessor
NtSetUuidSeed
RtlFindNextForwardRunClear
RtlDosSearchPath_U
NtSetSystemTime
RtlFreeSid
RtlUnicodeStringToInteger
_stricmp
NtCreatePagingFile
wcscat
strcspn
RtlCreateTimer
_wcsicmp
RtlCompareMemoryUlong
RtlCheckRegistryKey
RtlAllocateHandle
_atoi64
RtlValidAcl
NtSetQuotaInformationFile
NtReleaseMutant
RtlIntegerToUnicodeString

kernel32

CompareStringW
SetErrorMode
ContinueDebugEvent
RegisterWowBaseHandlers
GlobalUnWire
GetEnvironmentStringsA
SetVolumeLabelW
lstrcmpiW
SetConsoleHardwareState
IsBadCodePtr
ExitProcess
MulDiv
GetConsoleCP
WriteConsoleOutputCharacterA
EnumCalendarInfoA
GetCurrencyFormatW
EnumSystemLocalesW
GetLogicalDrives
ReadConsoleOutputAttribute
GetLogicalDriveStringsW
GetCommMask
ExitProcess
InterlockedExchange
GetTempPathW
RegisterWowExec
GetConsoleCommandHistoryLengthA
EnumSystemLocalesA
VirtualAlloc
MoveFileExA
SetTimeZoneInformation
VirtualFree
OpenProfileUserMapping
lstrcpyW
WaitForDebugEvent

gdi32

GetClipRgn
GetObjectA
GetTransform
GetPixel
GetCharWidthW
GetObjectW
WidenPath
SetTextColor
GetICMProfileA
GetDIBits
EnumICMProfilesA
GetEnhMetaFileW
GetMetaRgn
GetWinMetaFileBits
GetKerningPairsA
UpdateICMRegKeyA
EnumICMProfilesW
GetTextCharacterExtra
GdiGetBatchLimit
GdiQueryFonts
EndPath
GetEnhMetaFilePixelFormat
GetCharacterPlacementW
GdiGetLocalDC
GetDeviceCaps
OffsetViewportOrgEx
SetMagicColors
ResetDCA
GetTextColor
bMakePathNameW

ole32

CoAddRefServerProcess
CreateOleAdviseHolder
CoCopyProxy
HPALETTE_UserFree
WdtpInterfacePointer_UserUnmarshal
StgIsStorageFile
CoIsHandlerConnected
StgCreateDocfileOnILockBytes
CoFreeLibrary
OleConvertOLESTREAMToIStorageEx
CreateGenericComposite
HMETAFILE_UserMarshal
OleQueryCreateFromData
OleRegEnumVerbs
PropVariantClear
CreateStreamOnHGlobal
CoGetCallerTID
IIDFromString
SNB_UserUnmarshal
CoDisconnectObject
OleCreateEmbeddingHelper
HPALETTE_UserUnmarshal
OleCreateFromData
CoFileTimeNow
CreateFileMoniker
HWND_UserMarshal
CLSIDFromProgID
StgGetIFillLockBytesOnILockBytes
ProgIDFromCLSID
UtGetDvtd32Info
OleGetIconOfClass
PropSysFreeString
CoQueryReleaseObject

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 75KB - Virtual size: 200KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.adata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cda30a3bb02979e3411adcccb5ccb1f9

Headers

File Characteristics

Imports

ntdll

kernel32

gdi32

ole32

Sections

.text Size: 40KB - Virtual size: 40KB

.data Size: 75KB - Virtual size: 200KB

.adata Size: 4KB - Virtual size: 4KB

.reloc Size: 1KB - Virtual size: 4KB

.text
Size: 40KB - Virtual size: 40KB

.data
Size: 75KB - Virtual size: 200KB

.adata
Size: 4KB - Virtual size: 4KB

.reloc
Size: 1KB - Virtual size: 4KB