4a8510de8ca638092b039cd2ebf41b0d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

4a8510de8ca638092b039cd2ebf41b0d_JaffaCakes118
Size

84KB
MD5

4a8510de8ca638092b039cd2ebf41b0d
SHA1

b9dab3c578340531e8a5bed2c45ec507ceb58b64
SHA256

b27f7bf43c5af522757932d3a009445bc0b69dec8286eb061e899f52b14ee368
SHA512

98ef3e9a071efc7eb96b99117fd91e91669ca34902e1c50e830705e2b16f7b6d5f5edf80756bf292865791e2b9dc4d6dccfb9b62b1d1b875989670b0dc1041d2
SSDEEP

1536:XrEJdyAAV8xvO0Y7wSu8n/+DrLYnjFpc4KUyX4crTc1bco:bEJdN1xm0exuuGD3Ynjk4KUKnrTc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4a8510de8ca638092b039cd2ebf41b0d_JaffaCakes118

Files

4a8510de8ca638092b039cd2ebf41b0d_JaffaCakes118
.dll windows:4 windows x86 arch:x86

b03b152f3a8adf2420e27f7b45b2b3c8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FindNextVolumeMountPointW
GetLocaleInfoW
CompareFileTime
DuplicateHandle
LocalSize
CreateActCtxW
Beep
RtlUnwind
GetTimeFormatA
DeleteVolumeMountPointW
WaitForMultipleObjectsEx
ConvertDefaultLocale
CreateTimerQueue
GetUserDefaultUILanguage
ReleaseMutex
EscapeCommFunction
FindFirstFileA
SetConsoleCtrlHandler
VerifyVersionInfoW
GlobalGetAtomNameW
PeekConsoleInputW
HeapWalk
ReadFile
WaitForSingleObjectEx
GetProfileIntA
LocalLock
SetupComm
BackupWrite
GetStringTypeExA
FindNextVolumeW
GetStartupInfoA
GetSystemInfo
ConnectNamedPipe
ExitThread
GetFileSize
CreateFileMappingA
CopyFileW
ReplaceFileW
CreateFileMappingW
CopyFileExW
MoveFileExW
AddAtomA
CancelWaitableTimer
FormatMessageW
GetCurrentDirectoryA
LocalReAlloc
IsValidLocale
SuspendThread
ResetEvent
HeapReAlloc
SetComputerNameExW
AssignProcessToJobObject
OpenSemaphoreW
GetCommTimeouts
GetCurrentProcessId
GetBinaryTypeW
TransmitCommChar
InitializeCriticalSection
FindNextFileA
BindIoCompletionCallback
FindResourceW
MapViewOfFile
LeaveCriticalSection
lstrlenW
SetEvent
GetProcAddress
VirtualQuery
HeapAlloc
WriteFile
GetModuleHandleA
EnterCriticalSection
OpenEventA
InterlockedCompareExchange
lstrlenA
VirtualProtect
CreateFileA
LoadLibraryA
CloseHandle
GetTickCount
SetLastError
GetSystemDirectoryA
InterlockedExchange
CreateDirectoryA
InitializeCriticalSectionAndSpinCount
InterlockedDecrement
GetStringTypeA

ole32

CreateDataAdviseHolder
CoImpersonateClient
GetHGlobalFromStream
OleDuplicateData
OleSetContainedObject
CoWaitForMultipleHandles
CreateFileMoniker
CoEnableCallCancellation
OleSaveToStream
CoLockObjectExternal
OleLoadFromStream
CoGetClassObject
OleRegEnumVerbs
BindMoniker
CreateBindCtx
CoSwitchCallContext
CoFreeUnusedLibraries
CoTaskMemFree
CoInitialize
CoUninitialize
CoTaskMemAlloc
OleCreateFromData

shlwapi

PathIsUNCW
wnsprintfW
StrChrW
StrStrA
PathSkipRootW
StrCmpW
SHDeleteKeyA
StrCatW
SHAutoComplete
PathAddBackslashA
PathIsDirectoryA
StrCmpNIA
PathCompactPathW
PathIsRelativeW
PathStripToRootW
PathQuoteSpacesW
UrlUnescapeW
StrStrIW

advapi32

ReportEventA
RegOpenKeyA
EnumDependentServicesA
CredIsMarshaledCredentialW
RegEnumKeyW
OpenSCManagerA
RegisterServiceCtrlHandlerExW
ConvertStringSecurityDescriptorToSecurityDescriptorA
RegSetValueExA
RegDeleteValueA
RegCreateKeyExA
GetSecurityDescriptorSacl
SetNamedSecurityInfoA
RegQueryValueExA
MakeAbsoluteSD
ImpersonateNamedPipeClient
GetServiceKeyNameW
CreateServiceW
UnlockServiceDatabase
RegLoadKeyA
RegNotifyChangeKeyValue
CloseServiceHandle
QueryServiceStatus

gdi32

EnumFontFamiliesW
PlayMetaFile
RemoveFontResourceW
GetEnhMetaFileHeader
GetRgnBox
GetClipRgn
GetTextCharsetInfo
CopyMetaFileA
GetCurrentObject
DeleteDC
GetTextMetricsW
AbortPath
MoveToEx
GetTextExtentPointW
EqualRgn
GetTextColor
RoundRect
SetSystemPaletteUse
GetRegionData
DeleteEnhMetaFile
GetCharWidthA
StretchBlt
GetWorldTransform
GetNearestColor
SetBkColor
GetSystemPaletteEntries
Pie
GetMetaFileA
AbortDoc
GetTextExtentPoint32A
GetGlyphOutlineA

Exports

Exports

CPlApplet

Sections

.text
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b03b152f3a8adf2420e27f7b45b2b3c8

Headers

File Characteristics

Imports

kernel32

ole32

shlwapi

advapi32

gdi32

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 56KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 8KB - Virtual size: 5KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 60KB - Virtual size: 56KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 5KB

.reloc
Size: 4KB - Virtual size: 2KB