4a7f1b2bb634cbcab0c7bc77e3bbcef0_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

4a7f1b2bb634cbcab0c7bc77e3bbcef0_JaffaCakes118
Size

76KB
MD5

4a7f1b2bb634cbcab0c7bc77e3bbcef0
SHA1

f0b265f6120154b17ad4d37cde917a7fed95a2fe
SHA256

24b372afba286d5ed4baf3e09665394bd36419a8b09e088a7238717cf7431854
SHA512

cb964592327c215eaa989087bb2396a48850d22be747d1d1cf16a375e4bfe4fd20130bae9d5154f57efc351e4ee343167afa17ef47ebcc0f1e94afb6f5b6aabc
SSDEEP

768:TgeUCN9aAopX4ZRpkmdXPMuz7KNfVBRo6exh85vUu+6nahTS0fK+FQuPE+K:TuAlhdX7kBRoPcUTS0t6uPEj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4a7f1b2bb634cbcab0c7bc77e3bbcef0_JaffaCakes118

Files

4a7f1b2bb634cbcab0c7bc77e3bbcef0_JaffaCakes118
.dll windows:4 windows x86 arch:x86

608609cf241d3800173ef7b4995157c2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleFileNameA
GetSystemTimeAsFileTime
GetTickCount
GetCurrentProcessId
WideCharToMultiByte
MultiByteToWideChar
IsDBCSLeadByte
ResetEvent
SetConsoleCtrlHandler
CreateSemaphoreA
ReleaseSemaphore
InterlockedDecrement
SetEvent
InterlockedIncrement
GetCurrentThreadId
CreateEventA
InterlockedExchange
GetConsoleCP
GetConsoleOutputCP
GetVersionExA
OutputDebugStringA
GetModuleHandleA
GetProcessTimes
GetEnvironmentVariableA
CreateFileW
CreateFileA
GetSystemTime
SystemTimeToFileTime
SetFileTime
DeleteFileW
DeleteFileA
RemoveDirectoryW
RemoveDirectoryA
MoveFileW
MoveFileA
GetProcAddress
GetVersion
GetFullPathNameW
FindFirstFileW
FindNextFileW
FindNextFileA
SetFileAttributesW
SetFileAttributesA
GetFileAttributesW
GetFileAttributesA
GetFileType
GetFileInformationByHandle
GetFileAttributesExW
GetFileAttributesExA
SetCurrentDirectoryW
GetCurrentDirectoryW
SetLastError
SetEnvironmentVariableW
SetCurrentDirectoryA
GetCurrentDirectoryA
SetEnvironmentVariableA
Sleep
FlushViewOfFile
SetFilePointer
CreateFileMappingA
MapViewOfFile
GetFileSize
UnmapViewOfFile
GetSystemInfo
FindFirstFileA
FindClose
SetEndOfFile
LocalFree
GetFullPathNameA
LoadLibraryExA
FormatMessageA
FreeLibrary
WaitForSingleObject
GetExitCodeProcess
TerminateProcess
CreateProcessA
CreatePipe
DuplicateHandle
GetCurrentProcess
GetStdHandle
GetLastError
CloseHandle
GetACP
GetLocaleInfoA
QueryPerformanceFrequency
CreateDirectoryW
QueryPerformanceCounter
CreateDirectoryA
ExitProcess

user32

wsprintfA
CharPrevA
LoadStringA

advapi32

RegLoadKeyA
RegFlushKey
RegQueryInfoKeyA
RegEnumValueA
RegEnumKeyExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyA
RegConnectRegistryA
RegCloseKey
RegSetValueExA
RegQueryValueA
RegQueryValueExA
RegSaveKeyA
RegSetValueA
RegOpenKeyExA

Exports

Exports

leruzopy

Sections

.text
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 20KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 608B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

608609cf241d3800173ef7b4995157c2

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Exports

Exports

Sections

.text Size: 40KB - Virtual size: 39KB

.data Size: 20KB - Virtual size: 17KB

.rsrc Size: 8KB - Virtual size: 6KB

.reloc Size: 4KB - Virtual size: 608B

.text
Size: 40KB - Virtual size: 39KB

.data
Size: 20KB - Virtual size: 17KB

.rsrc
Size: 8KB - Virtual size: 6KB

.reloc
Size: 4KB - Virtual size: 608B