37c97c908706969b2e3addf70b68dc13_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

37c97c908706969b2e3addf70b68dc13_JaffaCakes118
Size

5.9MB
MD5

37c97c908706969b2e3addf70b68dc13
SHA1

2d3e5e896c93ea2c852ad4a3ab95655c27388330
SHA256

93142e57b3d1b76b466802efe40e6d05ada10c6e870ae67a3a40aa54faf9a1b3
SHA512

880cba2bec6ac4a81ff0469c155e38806adc9c2063c923c0d3a8a469c1f28e5f4c7397a93ab5482009c735957d84cefe241af564b0d50c81e2bca12072d9c75e
SSDEEP

98304:k1PeqLR87k3EpwS0ry4v6vBo0BZ2zFlHdUjWY4HZ7b/VjL+VuPeYrBfMY7hNenf9:k1P9b7TU0d/RdeyfMYtNen3Rr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37c97c908706969b2e3addf70b68dc13_JaffaCakes118

Files

37c97c908706969b2e3addf70b68dc13_JaffaCakes118
.dll windows:4 windows x86 arch:x86

991f4f2eab0b033235bd47523a39f8e7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateThread
SetEvent
GetCurrentProcessId
OpenEventW
SetLastError
InterlockedIncrement
OpenMutexW
InterlockedDecrement
GetLastError
CreateMutexA
GetCurrentThreadId
CreateMutexW
ReleaseMutex
SetEnvironmentVariableW
WideCharToMultiByte
MultiByteToWideChar
LocalFree
VirtualAllocEx
VirtualQueryEx
VirtualFreeEx
ReadProcessMemory
GetFullPathNameW
OpenProcess
ProcessIdToSessionId
Sleep
GetExitCodeProcess
TerminateProcess
GetCurrentProcess
WriteFile
GetFileTime
GetFileSize
FindFirstFileW
FileTimeToLocalFileTime
GetFileInformationByHandle
ReadFile
SetFilePointer
CreateFileW
SetEndOfFile
SetFileAttributesW
FlushFileBuffers
LocalFileTimeToFileTime
FindClose
SetFileTime
lstrlenA
VirtualQuery
lstrcpynA
GetModuleHandleW
IsBadReadPtr
GetModuleFileNameW
IsBadStringPtrA
lstrcmpiA
GetModuleHandleA
VirtualProtect
CompareStringA
HeapFree
GetVersion
CreateFileMappingW
GetProcessHeap
lstrcatW
GetSystemDirectoryW
lstrcpynW
ExitThread
HeapAlloc
UnmapViewOfFile
FreeLibrary
DuplicateHandle
GetThreadTimes
SuspendThread
ResumeThread
GetThreadContext
TerminateThread
OpenThread
GetExitCodeThread
GetSystemDefaultUILanguage
GetVersionExA
GetProcAddress
ResetEvent
CreateEventW
WaitForMultipleObjectsEx
QueueUserAPC
SetThreadContext
GetTempPathW
GetCurrentDirectoryW
GetWindowsDirectoryW
GetTempFileNameW
TlsGetValue
TlsSetValue
TlsAlloc
TlsFree
GetFileAttributesW
LoadLibraryW
CreateProcessW
GetShortPathNameW
GetVolumeInformationW
CopyFileW
DeleteFileW
GetLongPathNameW
MoveFileExW
RemoveDirectoryW
Thread32First
Thread32Next
CreateToolhelp32Snapshot
VirtualFree
VirtualAlloc
MapViewOfFile
OpenFileMappingW
SystemTimeToFileTime
GetSystemTime
GetTickCount
FindNextFileW
GetComputerNameExW
SetConsoleCtrlHandler
CreateEventA
WaitForMultipleObjects
GetOverlappedResult
CancelIo
CreateNamedPipeW
QueryDosDeviceW
ConnectNamedPipe
DisconnectNamedPipe
CreateDirectoryW
FindResourceW
LoadResource
SizeofResource
LockResource
GetStartupInfoW
PeekNamedPipe
CreatePipe
WaitForSingleObject
ExitProcess
FreeConsole
LeaveCriticalSection
InitializeCriticalSection
EnterCriticalSection
DeleteCriticalSection
GetConsoleMode
SetConsoleMode
GetFileType
GetStdHandle
SetHandleInformation
HeapCreate
GetWindowsDirectoryA
GetProcessTimes
GetSystemTimeAdjustment
FindFirstFileA
FindNextFileA
GlobalMemoryStatus
QueryPerformanceCounter
GetCurrentThread
LoadLibraryA
GetComputerNameA
CreateFileA
GetEnvironmentVariableA
GetLocalTime
CreateFileMappingA
FileTimeToSystemTime
lstrcmpW
lstrlenW
lstrcmpA
lstrcpyW
GetTimeZoneInformation
GetComputerNameW
OpenEventA
CreateNamedPipeA
ExpandEnvironmentStringsA
WaitNamedPipeA
CreateProcessA
lstrcatA
CreateMailslotW
LoadLibraryExA
LoadLibraryExW
GetModuleFileNameA
GetCommandLineA
GetSystemTimeAsFileTime
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapReAlloc
GetTimeFormatA
GetDateFormatA
DeleteFileA
HeapSize
SetHandleCount
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringA
LCMapStringW
RtlUnwind
GetFileAttributesA
GetConsoleCP
RaiseException
CompareStringW
InterlockedExchange
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
SetEnvironmentVariableA
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
LocalAlloc
SetErrorMode
GetVolumeNameForVolumeMountPointW
DeviceIoControl
GetSystemDirectoryA
GetPrivateProfileStringW
WritePrivateProfileStringW
GetDriveTypeA
SetThreadPriority
CompareFileTime
GetDiskFreeSpaceW
GetDiskFreeSpaceA
GetTempPathA
AreFileApisANSI
GetFullPathNameA
UnlockFile
LockFile
FormatMessageA
FormatMessageW
LockFileEx
SleepEx
InterlockedCompareExchange
lstrcpyA
GetDiskFreeSpaceExW
GetLogicalDrives
GetVolumeNameForVolumeMountPointA
GetDriveTypeW
GetPrivateProfileIntW
FindFirstChangeNotificationW
FindNextChangeNotification
FindVolumeClose
FindNextVolumeW
FindFirstVolumeW

Exports

Exports

CPlApplet
DDEInit
DDEnumCallback
GetAuthMechanism
InprocServer
QueryValueEx
SetAuthMechanism
SetEnumStructure
ValueEnumCallback

Sections

.text
Size: 2.1MB - Virtual size: 2.1MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 700KB - Virtual size: 700KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 472KB - Virtual size: 736KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2.4MB - Virtual size: 2.4MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 254KB - Virtual size: 253KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

991f4f2eab0b033235bd47523a39f8e7

Headers

File Characteristics

Imports

kernel32

Exports

Exports

Sections

.text Size: 2.1MB - Virtual size: 2.1MB

.rdata Size: 700KB - Virtual size: 700KB

.data Size: 472KB - Virtual size: 736KB

.rsrc Size: 2.4MB - Virtual size: 2.4MB

.reloc Size: 254KB - Virtual size: 253KB

.text
Size: 2.1MB - Virtual size: 2.1MB

.rdata
Size: 700KB - Virtual size: 700KB

.data
Size: 472KB - Virtual size: 736KB

.rsrc
Size: 2.4MB - Virtual size: 2.4MB

.reloc
Size: 254KB - Virtual size: 253KB