4951e66d7071a15bca1ebef862303dcc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4951e66d7071a15bca1ebef862303dcc_JaffaCakes118
Size

289KB
MD5

4951e66d7071a15bca1ebef862303dcc
SHA1

28014fb503d722c8df65d45842ceefba1dc9289f
SHA256

187753155cebdc817668c23bed47200bcfd9c75aa3a6de8f658f9d6ff80a0214
SHA512

9705367154e90640f976752a2eed23131efbbcad59da1f33e97130272d08c5f66a4a8b72b52a0edae4d2f690b540d21b8354250b8e03db0bb33de6b4fd945f6e
SSDEEP

6144:sKS64392FVoWjaoH+fRDCXk+tcOBVijmnMRNU5LqKNP:sB32VXaoH+xClcKCMg4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4951e66d7071a15bca1ebef862303dcc_JaffaCakes118

Files

4951e66d7071a15bca1ebef862303dcc_JaffaCakes118
.dll windows:4 windows x86 arch:x86

c3a541d739e4d1d280008d66fd0b34a0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

oleaut32

VariantCopyInd
VariantClear
SysFreeString
SysAllocStringLen
LoadTypeLib

advapi32

AdjustTokenPrivileges
ControlService
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
OpenServiceA

ole32

StringFromGUID2
StgCreateDocfileOnILockBytes
RevokeDragDrop
OleSaveToStream
OleFlushClipboard
DoDragDrop
CreateOleAdviseHolder
CreateILockBytesOnHGlobal
CreateBindCtx
CoUninitialize
CLSIDFromProgID
CoTaskMemFree
CoLockObjectExternal
CoInitialize
CoCreateInstance

user32

ShowCursor
SetCursor
LoadMenuA
LoadCursorFromFileA
GetDC
EndMenu
DestroyIcon
CreateAcceleratorTableA
CloseWindow
ChangeMenuA

shell32

SHBindToParent
SHFileOperationA
SHGetFileInfoA
SHGetMalloc

shlwapi

PathQuoteSpacesA
PathMatchSpecA
PathIsRootA
PathIsRelativeA
PathIsDirectoryA
PathFindFileNameA
PathFindExtensionA
PathFileExistsA
PathCompactPathExA
PathCanonicalizeA
StrStrIA
StrChrA
SHAutoComplete
PathUnquoteSpacesA

msvcrt

strlen
strtol
vsprintf
sscanf
sprintf
__set_app_type
realloc
rand
memset

kernel32

lstrcmpA
lstrcmpiA
lstrcpyA
UnmapViewOfFile
TlsSetValue
SleepEx
SetCurrentDirectoryA
LoadResource
LeaveCriticalSection
InitializeCriticalSection
GetSystemTimeAsFileTime
FreeResource
ExitProcess
EnumResourceLanguagesW
VirtualAlloc

Exports

Exports

Ixx
Jfb
Krl
Rsd
Wgt
Ybw
Zoy

Sections

.text
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 174KB - Virtual size: 176KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c3a541d739e4d1d280008d66fd0b34a0

Headers

File Characteristics

Imports

oleaut32

advapi32

ole32

user32

shell32

shlwapi

msvcrt

kernel32

Exports

Exports

Sections

.text Size: 26KB - Virtual size: 28KB

.rdata Size: 32KB - Virtual size: 36KB

.data Size: 31KB - Virtual size: 32KB

.idata Size: 174KB - Virtual size: 176KB

.rsrc Size: 24KB - Virtual size: 28KB

.text
Size: 26KB - Virtual size: 28KB

.rdata
Size: 32KB - Virtual size: 36KB

.data
Size: 31KB - Virtual size: 32KB

.idata
Size: 174KB - Virtual size: 176KB

.rsrc
Size: 24KB - Virtual size: 28KB