4aa174d4d31cde61ef4f0718ddb3dfd6_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

4aa174d4d31cde61ef4f0718ddb3dfd6_JaffaCakes118
Size

128KB
MD5

4aa174d4d31cde61ef4f0718ddb3dfd6
SHA1

238e3473e036647fbbb573187ba7d4993309f476
SHA256

58eb149c0bbb41ccaa6eef99e143bdbfa78417f98bbe7b634694bd1f32635ff1
SHA512

aae85ee3125c6c31604e5dfe53a94591dbd5968f586d34111722df8532b6ad6c9a5373d0d86b907ea8a3ca2f0e80fd05fe07a73a547145785a205d1e51e379a2
SSDEEP

3072:41+DIRoalORz15MXdUGMdVZG3BFlr1G429747xsVi9Wf2TbvRQeCI:41+D8ozZkeG3Vxf29747xsvkv2I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4aa174d4d31cde61ef4f0718ddb3dfd6_JaffaCakes118

Files

4aa174d4d31cde61ef4f0718ddb3dfd6_JaffaCakes118
.dll windows:4 windows x86 arch:x86

4c18701bf097262575bdb79b229f3782

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ReleaseSemaphore
WaitForSingleObject
lstrlenW
LocalFree
GetCurrentThread
GlobalFree
lstrcatA
LocalUnlock
LocalLock
GlobalUnlock
GlobalDeleteAtom
GlobalAddAtomA
GlobalLock
GlobalAlloc
GlobalFindAtomA
GlobalGetAtomNameA
GlobalSize
lstrcpyA
lstrlenA
UnhandledExceptionFilter
CreateFileA
GetSystemTimeAsFileTime
GetCurrentProcessId
GetVolumeInformationA
QueryPerformanceCounter
OpenProcess
ReadProcessMemory
QueryDosDeviceA
DeviceIoControl
DisableThreadLibraryCalls
GetLogicalDriveStringsA
GetWindowsDirectoryA
SleepEx
GetSystemInfo
GetCurrentThreadId
SetWaitableTimer
CreateWaitableTimerA
GetDiskFreeSpaceA
GetLocaleInfoW
GetProcessHeap
Sleep
InterlockedDecrement
InterlockedIncrement
SetEvent
GetTickCount
LoadLibraryW
FreeLibrary
CompareStringW
GetCurrentProcess
CloseHandle
SetUnhandledExceptionFilter
InterlockedExchange
InterlockedCompareExchange
SearchPathW
FindResourceW
TerminateProcess
GetModuleFileNameW
LoadLibraryExW
GetDriveTypeA
LocalAlloc
GetModuleHandleW
VirtualProtect
SetErrorMode
GetCommandLineA

user32

SendMessageA
CreateWindowExA
SetWindowLongA
SetWindowWord
DestroyWindow
PostMessageA
GetParent
GetWindowLongA
RemovePropA
GetPropA
SetPropA
IsWindow
GetKeyboardType
FreeDDElParam
UnpackDDElParam
PackDDElParam
EnumChildWindows
DefWindowProcA
EnumPropsA
GetWindowLongW
PostThreadMessageW
PeekMessageW
DispatchMessageW
TranslateMessage
PostMessageW
MsgWaitForMultipleObjects
SetCursor
SendMessageW
GetDlgItem
InvalidateRect
UpdateWindow
EndDeferWindowPos
GetDlgCtrlID
GetWindowRect
DeferWindowPos
GetWindow
BeginDeferWindowPos
GetClientRect
EnableWindow
CheckDlgButton
GetWindowTextW
GetDlgItemTextW
SetDlgItemTextW
MessageBoxW
CheckRadioButton
LoadMenuW
GetMessagePos
ScreenToClient
SetWindowTextW
EndDialog
KillTimer
LoadStringW
SetTimer
SetWindowPos
GetSystemMetrics
LoadCursorW
SetWindowLongW
TrackPopupMenuEx
GetSubMenu
MapWindowPoints

advapi32

QueryServiceStatus
RegEnumKeyExA
CloseEventLog
ReadEventLogA
RegSetValueExA
RegEnumValueA
RegQueryValueA
AdjustTokenPrivileges
OpenProcessToken
OpenThreadToken
LookupPrivilegeValueW
RegQueryValueExW
RegEnumKeyExW
RegCreateKeyExW
RegSetValueExW
StartServiceW
OpenSCManagerW
OpenServiceW
CloseServiceHandle
RegOpenKeyExW
RegCloseKey
ControlService
RegOpenKeyExA

gdi32

CopyEnhMetaFileA

ole32

CoFileTimeToDosDateTime
CoTaskMemFree
CoWaitForMultipleHandles
CoGetObject
StringFromGUID2
CoSetProxyBlanket
CoTaskMemAlloc
CoCreateInstance

msvcrt

iswalpha
wcschr
_vsnwprintf
memset
free
_initterm
memcpy
malloc
_itow
_adjust_fdiv
_snprintf
strstr
strncmp
strrchr
strchr
wcslen
realloc
_except_handler3

Sections

.text
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4c18701bf097262575bdb79b229f3782

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

ole32

msvcrt

Sections

.text Size: 60KB - Virtual size: 57KB

.rdata Size: 40KB - Virtual size: 38KB

.data Size: 4KB - Virtual size: 35KB

.rsrc Size: 16KB - Virtual size: 15KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 60KB - Virtual size: 57KB

.rdata
Size: 40KB - Virtual size: 38KB

.data
Size: 4KB - Virtual size: 35KB

.rsrc
Size: 16KB - Virtual size: 15KB

.reloc
Size: 4KB - Virtual size: 3KB