3f2568b8339ee1add88ef4eb3951f9b0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3f2568b8339ee1add88ef4eb3951f9b0_JaffaCakes118
Size

248KB
MD5

3f2568b8339ee1add88ef4eb3951f9b0
SHA1

b2040c1895131fc875c54e1cb0b27c51983d8128
SHA256

a8c6d195133383ebdf1a82ce6c017d2edddefd60d891d6ca51d410e273361357
SHA512

a52d0f8a101748da8242531bba7c8f3b919ea98ba1a45e8f4be120722be156dd7d08f2e777d65c346e19ab4d62b827e3279437b168dc7fb567efc9d0bf380717
SSDEEP

3072:QK9Rzzx0FocogzvLa/PQBjrpUUNBUZ+ONjjRgGGowNRJ/qCMlCIjh:Q2pN0FrvLa/POpUcBUZJdot/qCRIV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3f2568b8339ee1add88ef4eb3951f9b0_JaffaCakes118

Files

3f2568b8339ee1add88ef4eb3951f9b0_JaffaCakes118
.dll windows:4 windows x86 arch:x86

09f5a659bad59a6e7f03cfc5a59f65b5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ResetEvent
ReleaseMutex
ExpandEnvironmentStringsA
CreateFileMappingA
MapViewOfFile
VirtualAlloc
VirtualFree
UnmapViewOfFile
GetVersionExA
CreateMutexA
GetLocaleInfoA
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
HeapSize
LoadLibraryA
CreateEventA
GetCPInfo
GetOEMCP
GetACP
HeapAlloc
GetEnvironmentStringsW
GetLastError
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapFree
HeapCreate
HeapDestroy
GetModuleFileNameA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetModuleHandleA
GetSystemInfo
GetProcAddress
ExitProcess
VirtualQuery
InitializeCriticalSectionAndSpinCount
DisableThreadLibraryCalls
FreeLibrary
GetCurrentThreadId
GetModuleFileNameW
InterlockedExchange
CloseHandle
GetTickCount
LocalAlloc
Sleep
WaitForSingleObject
SetEvent
InterlockedCompareExchange
OutputDebugStringA
SetUnhandledExceptionFilter
TerminateProcess
UnhandledExceptionFilter
ExpandEnvironmentStringsW
GetLocalTime
GetComputerNameW
GetQueuedCompletionStatus
FormatMessageW
CreateSemaphoreW
ReleaseSemaphore
InterlockedIncrement
InterlockedDecrement
GetCurrentProcess
LocalFree
WinExec
lstrcpynA
GetCommandLineA
HeapReAlloc
VirtualProtect
RtlUnwind

user32

GetWindow
DefWindowProcA
TrackPopupMenu
CharUpperW
KillTimer
GetSysColor
CreateWindowExA
LoadStringA
WinHelpA
ReleaseDC
GetDC
FillRect
ModifyMenuA
DestroyIcon
LoadBitmapA
SetForegroundWindow
CreateIconIndirect
GetWindowLongA
IsWindowVisible
ShowWindow
SetFocus
GetWindowRect
PostQuitMessage
BeginPaint
EndPaint
GetSystemMetrics
GetSystemMenu
DestroyMenu
GetActiveWindow
SetWindowPos
InvalidateRect
SendMessageA
ChangeMenuA
CheckMenuItem
CreatePopupMenu
ClientToScreen

advapi32

DeregisterEventSource
RegSetValueExA
RegCreateKeyExA
GetLengthSid
SetSecurityDescriptorDacl
AddAccessAllowedAce
InitializeAcl
SetSecurityDescriptorGroup
SetSecurityDescriptorOwner
RegOpenKeyExW
FreeSid
InitializeSecurityDescriptor
AllocateAndInitializeSid
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegisterEventSourceA
RegCreateKeyExW
ReportEventW
RegSetValueExW
RegQueryValueExW

gdi32

CreateSolidBrush
CreateBitmap
DeleteDC
BitBlt
DeleteObject
CreateCompatibleDC
CreateCompatibleBitmap
SetBkColor
SelectObject
SetTextColor

ole32

CoInitializeSecurity
CoUninitialize

Sections

.text
Size: 198KB - Virtual size: 197KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 33KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

09f5a659bad59a6e7f03cfc5a59f65b5

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

ole32

Sections

.text Size: 198KB - Virtual size: 197KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 4KB - Virtual size: 38KB

.rsrc Size: 33KB - Virtual size: 32KB

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 198KB - Virtual size: 197KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 4KB - Virtual size: 38KB

.rsrc
Size: 33KB - Virtual size: 32KB

.reloc
Size: 5KB - Virtual size: 5KB