47a6dfc7d471ff72d5c7caf7ce098eba_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

47a6dfc7d471ff72d5c7caf7ce098eba_JaffaCakes118
Size

60KB
MD5

47a6dfc7d471ff72d5c7caf7ce098eba
SHA1

87658ad8de7ab75cac3c6012bbfbfad8887557da
SHA256

2aae5810b1131b2133e95a4b27ec0daee08dd5322177b68586f550e50b96aff1
SHA512

9af60513113153e7304eed824e4a6baa80bbc24f9cc76a49d8218a1c90ff723eab29a8a1dd2fbe42ad075fb071af5375b40e77ec2b61ff38b1e48dba0e1d8459
SSDEEP

1536:lJ1NNbF0SZw3T6g2V7tvt2f7Z+wFHNp6OpU4IwclSKted:j1NRzZKCRtvgpjpU4IwclSKtS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
47a6dfc7d471ff72d5c7caf7ce098eba_JaffaCakes118

Files

47a6dfc7d471ff72d5c7caf7ce098eba_JaffaCakes118
.dll windows:4 windows x86 arch:x86

8dacead0bb57758595ad92c903a1a1a9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WriteConsoleInputA
SetEvent
CreateEventA
CreateProcessA
WriteConsoleW
ReadFile
GetEnvironmentVariableA
GetStartupInfoA
GetStdHandle
lstrcmpiA
GetProcAddress
SetStdHandle
WriteConsoleA
LocalAlloc
DeviceIoControl
WaitForMultipleObjects
CreatePipe
DuplicateHandle
CloseHandle
LocalFree
CreateThread
WriteFile
GetDriveTypeA
WideCharToMultiByte
FreeLibrary
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
LoadLibraryA
GetModuleFileNameA
DeleteCriticalSection
GetCurrentThreadId
PulseEvent
lstrlenA
WaitForSingleObject
GetFileAttributesA
GetSystemDirectoryA
lstrcatA
ExitThread
GetLastError
CreateMutexA
ReleaseMutex
GlobalLock
GlobalUnlock
lstrcpyA
SetLastError
VirtualProtect
FlushInstructionCache
VirtualQuery
GetModuleHandleA
HeapSize
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetCurrentProcess
GetCommandLineA
CreateFileA
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
GetVersionExA
RtlUnwind
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
TlsAlloc
TlsFree
TlsSetValue
TlsGetValue
ExitProcess
GetSystemInfo
LCMapStringA
MultiByteToWideChar
LCMapStringW
TerminateProcess
SetHandleCount
GetFileType
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
InterlockedExchange
GetACP
GetOEMCP
GetCPInfo

user32

GetClassNameA
GetFocus
GetParent
CallNextHookEx
GetWindowTextA
GetWindowLongA
SetWindowsHookExA
UnhookWindowsHookEx
GetMessageA
PostQuitMessage
TranslateMessage
CreateWindowExA
DefWindowProcA
DispatchMessageA
RegisterClassA
wsprintfA
EnumChildWindows

advapi32

InitializeSecurityDescriptor
SetSecurityDescriptorDacl

Sections

.text
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Shared
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8dacead0bb57758595ad92c903a1a1a9

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Sections

.text Size: 38KB - Virtual size: 37KB

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 2KB - Virtual size: 9KB

Shared Size: 512B - Virtual size: 8B

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 38KB - Virtual size: 37KB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 2KB - Virtual size: 9KB

Shared
Size: 512B - Virtual size: 8B

.reloc
Size: 6KB - Virtual size: 5KB