5e1df88b38052143c73743723d26395b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5e1df88b38052143c73743723d26395b_JaffaCakes118
Size

276KB
MD5

5e1df88b38052143c73743723d26395b
SHA1

e8f8e6adbe5a661125cc03dcaa250cf93dfaba32
SHA256

3df38daaf1fb5400b2ad9303eae57e4af83fc41d3dc6a20ec99da40e07efcdec
SHA512

70f355ac5e53b185ca1eb36155b67d43078acf98b3028ad887c1a81d3d4176adececf293d532b0bfbe22ece8b2652b1263c9ba94a2c5c28a816de7b011f6321f
SSDEEP

6144:5dRvL83A9g3qnIE37CAwrQNVlA4pGmOWBk:5dRv98ErCAcCxGmHk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5e1df88b38052143c73743723d26395b_JaffaCakes118

Files

5e1df88b38052143c73743723d26395b_JaffaCakes118
.dll windows:4 windows x86 arch:x86

9e93368418ae011f9d74801c951c1084

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord803
ord540
ord860
ord6394
ord5450
ord940
ord924
ord2915
ord5572
ord535
ord858
ord4202
ord922
ord543
ord3584
ord3337
ord2818
ord6283
ord4129
ord941
ord2827
ord5683
ord4277
ord5861
ord1601
ord536
ord939
ord5440
ord6383
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord2725
ord4079
ord4698
ord5307
ord5289
ord5714
ord3953
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord4274
ord561
ord1247
ord823
ord1997
ord2808
ord6407
ord5194
ord798
ord533
ord537
ord800
ord1979
ord5186
ord665
ord354
ord815
ord3663
ord825

msvcrt

_adjust_fdiv
_initterm
??1type_info@@UAE@XZ
_onexit
__dllonexit
_CxxThrowException
mbstowcs
rand
memmove
memset
malloc
srand
strcat
strcmp
sprintf
calloc
asctime
localtime
time
memcpy
strlen
free
realloc
__CxxFrameHandler

kernel32

LoadResource
SizeofResource
FindResourceA
IsBadReadPtr
IsBadCodePtr
Module32Next
Module32First
CreateToolhelp32Snapshot
CloseHandle
lstrcpynA
SetUnhandledExceptionFilter
GlobalMemoryStatus
GetCurrentThreadId
GetLastError
GetSystemInfo
GetTickCount
GetModuleFileNameA
FreeResource
GetLocaleInfoA
VirtualQuery
VirtualProtect
VirtualFree
VirtualAlloc
ReadFile
GetFileSize
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
lstrlenA
FreeLibrary
LoadLibraryExA
SetLastError
OutputDebugStringA
GetModuleHandleA
Sleep
GetSystemDirectoryA
LoadLibraryA
CreateFileA
CreateThread
ReadProcessMemory
GetCurrentProcess
lstrcmpA
GetVersionExA
GetProcAddress

user32

DispatchMessageA
KillTimer
SetTimer
wsprintfA
TranslateMessage
GetMessageA

advapi32

RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA
RegEnumValueA
RegEnumKeyA
RegDeleteValueA
RegDeleteKeyA
RegEnumKeyExA
RegCloseKey

ole32

CLSIDFromString

shlwapi

PathFileExistsA

Exports

Exports

GetModuleId
ke_GetFirstObj
ke_GetModuleVersion
ke_GetNextObj
ke_IsModuleExists
ke_ModuleAvailable
ke_NotifyEvent
ke_Rand
ke_RegisterAndLoadNewModule
ke_RestartProcess
ke_TerminateKernel
ke_UnloadModuleRequest
ke_free
ke_malloc

Sections

.text
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 560B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 212KB - Virtual size: 211KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9e93368418ae011f9d74801c951c1084

Headers

File Characteristics

Imports

mfc42

msvcrt

kernel32

user32

advapi32

ole32

shlwapi

Exports

Exports

Sections

.text Size: 40KB - Virtual size: 38KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 560B

.data1 Size: 8KB - Virtual size: 6KB

.rsrc Size: 212KB - Virtual size: 211KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 40KB - Virtual size: 38KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 560B

.data1
Size: 8KB - Virtual size: 6KB

.rsrc
Size: 212KB - Virtual size: 211KB

.reloc
Size: 4KB - Virtual size: 2KB