3ad0509305d28d65fe4f878f35b39c33_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3ad0509305d28d65fe4f878f35b39c33_JaffaCakes118
Size

72KB
MD5

3ad0509305d28d65fe4f878f35b39c33
SHA1

4cc099fe63e9dea7dc86f87f3baf59f0c2542405
SHA256

881a2e56ab70df93ea439a91036745214bb05a7a270ab45fe7e3308f0680496c
SHA512

20baed391cd16de42956704609f7b44d8dfdda68b920fb2ceeb656f9759a95234dd92f07a457af5431229efd3ce3b5374d53bd70101513344038c9e842190e2f
SSDEEP

1536:HgbjBr92qGsiDiBb+hBVxeEV4RvLLMjuK90w17+hE1ud:Hgb1r4sDSvONzLnw1ShE1u

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ad0509305d28d65fe4f878f35b39c33_JaffaCakes118

Files

3ad0509305d28d65fe4f878f35b39c33_JaffaCakes118
.dll windows:4 windows x86 arch:x86

22a422b24dc3462276fd9d37627be895

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ReadConsoleInputA
GetCommandLineA
FindFirstVolumeMountPointW
GetProfileIntA
IsDebuggerPresent
GetComputerNameA
HeapWalk
GetLocalTime
DebugBreak
WriteConsoleA
GetSystemDefaultLCID
GetPrivateProfileIntA
SetConsoleInputExeNameA
ChangeTimerQueueTimer
GetCurrentThread
PeekConsoleInputA
OutputDebugStringA
GetVolumeNameForVolumeMountPointA
GetModuleFileNameA
SetConsoleTitleA
CancelTimerQueueTimer
GetModuleFileNameA
GetUserDefaultUILanguage
GetConsoleWindow
QueryPerformanceCounter
OutputDebugStringA
WriteProfileStringA
VirtualAllocEx
ExitVDM
FlushFileBuffers
GetLocaleInfoA
GetThreadIOPendingFlag
_lread
SetProcessPriorityBoost
UpdateResourceA
IsValidLocale
WaitCommEvent
OpenMutexA
GetDllDirectoryA
ResetEvent
GetConsoleTitleA
CompareStringA
LCMapStringA
BuildCommDCBAndTimeoutsA
GetSystemWindowsDirectoryA
GetLogicalDriveStringsA
MapViewOfFile
ExpungeConsoleCommandHistoryA
GlobalSize
GetDefaultCommConfigA
CopyFileExW
SetMessageWaitingIndicator
ReadConsoleA
AddAtomA
FindNextVolumeMountPointA
GetVolumePathNameA
GetDriveTypeA
Heap32Next
GetDiskFreeSpaceExA
HeapReAlloc
SetFileAttributesA
HeapSize
UnlockFile
GlobalHandle
GlobalUnlock
Process32First
IsValidCodePage
GlobalMemoryStatusEx
GetStartupInfoA
WriteConsoleOutputCharacterW
GetFileAttributesExA
GetEnvironmentVariableA
IsBadStringPtrA
CreateFileA
WaitNamedPipeA
FileTimeToDosDateTime
CreateEventA
FlushViewOfFile
GetCommMask
GetFileSize
GetEnvironmentStringsA
BuildCommDCBA
Thread32First
ExitThread
GetWindowsDirectoryA
GetCurrentProcessId
Module32First
ReadFile
GetCurrentThreadId
HeapAlloc
SetCurrentDirectoryA
VirtualAllocEx
SetConsoleOutputCP
IsSystemResumeAutomatic

winmm

timeGetSystemTime

user32

GetSystemMenu
SetSystemCursor
CreateIconFromResource
GetWindowTextA
SetClassLongA
SetWindowPos
GetMessageTime
CharLowerBuffA
TrackPopupMenu
CheckRadioButton
DrawFocusRect
CascadeChildWindows
LoadImageA
CalcMenuBar
ImpersonateDdeClientWindow
TranslateAccelerator
RegisterClassA
CreateDialogParamA
IsWindowVisible
TranslateMDISysAccel
IsDlgButtonChecked
LoadCursorA
SetMenu
GetCaretPos
GetKeyState
MonitorFromRect
PeekMessageA
PostThreadMessageA
BroadcastSystemMessageA
ChildWindowFromPoint
GetKBCodePage
ShowWindow
LoadCursorFromFileW
SetClassWord
CascadeChildWindows
GetWindowTextLengthA
AdjustWindowRectEx
InsertMenuItemW
CopyIcon
TrackPopupMenuEx
DispatchMessageA
RegisterWindowMessageA
DrawTextExA
IsWindowVisible
FlashWindowEx
LoadCursorFromFileW
EnumDesktopsA
TranslateMessage
GetListBoxInfo
LoadImageA
CharUpperA
GetAsyncKeyState
LoadAcceleratorsA
IsCharAlphaA
RegisterClassExA
SendMessageA
TranslateMessage
MessageBeep
CreateIconFromResource
DrawTextA
CreateMDIWindowA
DrawStateA
LoadCursorFromFileA
DestroyCaret
AppendMenuA
LoadKeyboardLayoutEx
LoadCursorFromFileW
TranslateAccelerator
DefFrameProcA
CascadeChildWindows
SetCursorPos
SetMenuInfo
SetPropA
GetScrollRange
CheckMenuRadioItem
UnregisterUserApiHook
SendMessageCallbackA
GetCaretPos
IsGUIThread
SendMessageTimeoutA
CheckMenuItem
InsertMenuA
SetInternalWindowPos
GetAsyncKeyState
RemoveMenu
SendIMEMessageExA

Exports

Exports

Iluolaueojw
ClosePpjbyamvclg
Lnychynt

Sections

.idata
Size: - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.itext
Size: 56KB - Virtual size: 181KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

22a422b24dc3462276fd9d37627be895

Headers

File Characteristics

Imports

kernel32

winmm

user32

Exports

Exports

Sections

.idata Size: - Virtual size: 3KB

.itext Size: 56KB - Virtual size: 181KB

.idata Size: 8KB - Virtual size: 4KB

.rsrc Size: 4KB - Virtual size: 1KB

.idata
Size: - Virtual size: 3KB

.itext
Size: 56KB - Virtual size: 181KB

.idata
Size: 8KB - Virtual size: 4KB

.rsrc
Size: 4KB - Virtual size: 1KB