493a2ca9a1f16306c152b37b73b275c2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

493a2ca9a1f16306c152b37b73b275c2_JaffaCakes118
Size

80KB
MD5

493a2ca9a1f16306c152b37b73b275c2
SHA1

e0296cf4f86df26959c107746b7b286cc8d9e9ac
SHA256

f34d06b38760fd3b47e9946d8d8d10c0300961288bac1fd0e5b971584ecceb4c
SHA512

012e698f5db3b25f3c3c522f70d9c73420f6781acff35fcf58293bfe687916bc04b8be1cad386b1886c968a88fd7fb70e2bb45b9d81eaa6f695106a645ee134a
SSDEEP

1536:q/0y+v8Gdpz6hX+HIgUucqaHmd3eA68LaqYSf5EeOE:q/dT3I3eP8La9m5Ee

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
493a2ca9a1f16306c152b37b73b275c2_JaffaCakes118

Files

493a2ca9a1f16306c152b37b73b275c2_JaffaCakes118
.dll windows:4 windows x86 arch:x86

b730a0563a780cb26b6ec98e97a58595

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WriteConsoleW
GetCommState
GetTimeZoneInformation
GetLargestConsoleWindowSize
ReadConsoleA
GetFileInformationByHandle
SetConsoleScreenBufferSize
DeleteTimerQueueEx
IsValidCodePage
TransactNamedPipe
SetTimeZoneInformation
GlobalFindAtomW
CreateRemoteThread
RemoveDirectoryW
GetDateFormatW
SetProcessShutdownParameters
LoadResource
BackupWrite
CreateHardLinkW
AllocConsole
CreateConsoleScreenBuffer
SetEnvironmentVariableA
AddAtomA
TryEnterCriticalSection
CreateFileA
ActivateActCtx
GetComputerNameW
OpenSemaphoreW
IsDBCSLeadByte
GetExitCodeThread
CreateJobObjectW
OpenFile
GetDiskFreeSpaceW
ClearCommError
GlobalGetAtomNameA
GetProfileStringW
MoveFileExW
DeviceIoControl
FindCloseChangeNotification
IsBadHugeWritePtr
ExitThread
CreateNamedPipeW
LocalHandle
GetUserDefaultUILanguage
CreateToolhelp32Snapshot
AddRefActCtx
GetLastError
LoadLibraryA
VirtualProtect
lstrlenA
GetComputerNameA
SetLastError
LeaveCriticalSection
CopyFileA
InterlockedDecrement
WriteFile
GetProcAddress
CreateEventA
InitializeCriticalSectionAndSpinCount
SetEvent
FreeLibraryAndExitThread

ole32

CoFreeUnusedLibrariesEx
CoSetProxyBlanket
OleTranslateAccelerator
CreateOleAdviseHolder
CoGetMalloc
CoDisableCallCancellation
CoUnmarshalInterface
CoGetClassObject
OleCreate
OleQueryCreateFromData
CoTaskMemFree
StgIsStorageILockBytes

shlwapi

wvnsprintfW
PathRemoveFileSpecA
PathUnquoteSpacesW
SHRegGetUSValueW
StrCatW
PathMatchSpecW
StrChrW
PathStripPathW
StrFormatKBSizeW
StrStrIW

advapi32

RegisterEventSourceW
UnlockServiceDatabase
RegEnumValueA
ChangeServiceConfig2W
LogonUserA
RegSaveKeyExW
SetEntriesInAclW
RegDisablePredefinedCache
SetNamedSecurityInfoA
RegOpenKeyExA
RegSetValueExA
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegCloseKey
GetUserNameA
GetSecurityDescriptorSacl
RegQueryValueExA

shell32

SHGetPathFromIDListA
SHBrowseForFolderA
SHGetSettings
SHAppBarMessage
SHFileOperationA

gdi32

StrokeAndFillPath
Chord
CreateCompatibleDC
EnumEnhMetaFile
RectVisible
CreateDCW
SetWindowExtEx
ExtTextOutA
GetWindowExtEx
SelectObject
CreateEnhMetaFileA
BeginPath
EnumFontFamiliesExA
GetStretchBltMode
EnumFontsA
TextOutW
GetWindowOrgEx
PolyBezierTo
SwapBuffers
RemoveFontResourceW
SetICMMode
SetRectRgn
GetPaletteEntries
CloseFigure

Exports

Exports

CPlApplet

Sections

.text
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b730a0563a780cb26b6ec98e97a58595

Headers

File Characteristics

Imports

kernel32

ole32

shlwapi

advapi32

shell32

gdi32

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 57KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 8KB - Virtual size: 5KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 60KB - Virtual size: 57KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 8KB - Virtual size: 5KB

.reloc
Size: 4KB - Virtual size: 2KB