46c3596bc1ddaa7a5235ed2e3b19ed03_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

46c3596bc1ddaa7a5235ed2e3b19ed03_JaffaCakes118
Size

38KB
MD5

46c3596bc1ddaa7a5235ed2e3b19ed03
SHA1

aace62e20f166c61af7cdfc965f5da8540b56d6a
SHA256

054d89a64d7b97727d17c4887302f7038d50fd5f94a7485385ee8ad280a96be5
SHA512

ebf15bf03e8b93bd5f54892fa2c9c816ef1a1784a02e2c0d82d579ab8df428b57148464cfde3b36fc0861a60bc854bea18051e79e16c4ef8491741c4b31d1ae9
SSDEEP

768:9Vx1NKNsTGS4OnEFGMpnQlYZ/HHeBkCsn/KSF0PM+w5Ckb8cmrwYe:XENsTn4WETmHsn/j95CkPmrHe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
46c3596bc1ddaa7a5235ed2e3b19ed03_JaffaCakes118

Files

46c3596bc1ddaa7a5235ed2e3b19ed03_JaffaCakes118
.dll windows:4 windows x86 arch:x86

3def5a8901d136a77bc353ad3f8c4c0c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateFileMappingA
HeapAlloc
UnmapViewOfFile
HeapReAlloc
HeapSize
Process32Next
Process32First
CreateToolhelp32Snapshot
WaitForSingleObject
ReadFile
GetTempFileNameA
GetTempPathA
MultiByteToWideChar
FileTimeToSystemTime
FindClose
FindNextFileA
CompareFileTime
GetFileTime
GetFileType
FindFirstFileA
GetFileSize
MapViewOfFile
GetVolumeInformationA
CreateProcessA
WritePrivateProfileStringA
SetFileAttributesA
CopyFileA
GetPrivateProfileIntA
CreateDirectoryA
SystemTimeToFileTime
GetModuleFileNameA
ReleaseMutex
OpenEventA
SetErrorMode
CreateMutexA
SetUnhandledExceptionFilter
FreeConsole
SetEvent
lstrcmpiA
GetCurrentThreadId
SetFilePointer
lstrlenA
GetLocalTime
GetSystemDirectoryA
CreateFileA
WriteFile
TerminateThread
ExpandEnvironmentStringsA
GetTickCount
MoveFileA
MoveFileExA
GetWindowsDirectoryA
GetProcessHeap
HeapFree
CreateEventA
OpenProcess
LoadLibraryA
GetProcAddress
FreeLibrary
lstrcpyA
lstrcatA
VirtualAllocEx
WriteProcessMemory
CreateRemoteThread
GetCurrentProcess
CloseHandle
SetLastError
GetLastError
DeleteFileA
GetComputerNameA
Sleep

user32

wsprintfA
DispatchMessageA
TranslateMessage
OpenDesktopA
OpenInputDesktop
GetThreadDesktop
GetUserObjectInformationA
SetThreadDesktop
CloseDesktop
GetProcessWindowStation
OpenWindowStationA
SetProcessWindowStation
DefWindowProcA
UnhookWindowsHookEx
SetWindowsHookExA
CallNextHookEx
GetKeyNameTextA
GetWindowTextA
RegisterClassA
CreateWindowExA
ShowWindow
UpdateWindow
GetMessageA
GetActiveWindow

advapi32

QueryServiceStatus
ControlService
DeleteService
CloseServiceHandle
OpenSCManagerA
RegCloseKey
RegDeleteValueA
RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyA
RegOpenKeyA
AdjustTokenPrivileges
LookupPrivilegeValueA
OpenProcessToken
FreeSid
SetSecurityDescriptorDacl
AddAccessAllowedAce
InitializeAcl
GetLengthSid
AllocateAndInitializeSid
InitializeSecurityDescriptor
CreateProcessAsUserA
RegCreateKeyExA
RegisterServiceCtrlHandlerA
SetServiceStatus
OpenServiceA

ole32

CoInitialize
CoCreateInstance

shlwapi

SHDeleteKeyA

msvcrt

_strupr
strrchr
atoi
_snprintf
localtime
difftime
time
strstr
wcstombs
_beginthreadex
??1type_info@@UAE@XZ
free
_initterm
malloc
_strcmpi
_adjust_fdiv
_strnicmp
_stricmp
_purecall
??2@YAPAXI@Z
??3@YAXPAX@Z
_CxxThrowException
__CxxFrameHandler
strncpy
sprintf
_except_handler3

imm32

ImmReleaseContext
ImmGetCompositionStringA

Exports

Exports

ServiceMain

Sections

.text
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3def5a8901d136a77bc353ad3f8c4c0c

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

shlwapi

msvcrt

imm32

Exports

Exports

Sections

.text Size: 25KB - Virtual size: 24KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 5KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 25KB - Virtual size: 24KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 5KB

.reloc
Size: 2KB - Virtual size: 2KB