5e2116b3cc6cc3fa85e7f9f56ac43460_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5e2116b3cc6cc3fa85e7f9f56ac43460_JaffaCakes118
Size

239KB
MD5

5e2116b3cc6cc3fa85e7f9f56ac43460
SHA1

ec74e90ca7d8eccf68cf1edaf8fa5bf60d240ff9
SHA256

54cba4c268d6411c37473815fd63a4a839f83d69477ee0f7f0ab1917b188f4fd
SHA512

b9a9502bf0d38d2a53942da714a7341c64289a7c923c6c04b323d80e21480696ea41570b42c59fbfe2788f652249eb0fca5f10fce89874bb9e19e4e2d41453aa
SSDEEP

3072:DMx3MqTS1khrYZY8NOaVLeQcJOg8yW5FCeL45jLZb95cRZgYDmis9B8BOzV:wBVe1irYZY8oyxcJWyW5FW6FDVs9wOz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5e2116b3cc6cc3fa85e7f9f56ac43460_JaffaCakes118

Files

5e2116b3cc6cc3fa85e7f9f56ac43460_JaffaCakes118
.dll windows:4 windows x86 arch:x86

a9cc1615ea8e365bc065b51763a3d296

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateConsoleScreenBuffer
CreateProcessA
DisableThreadLibraryCalls
ExitProcess
FileTimeToLocalFileTime
FlushFileBuffers
GetACP
GetCPInfo
GetCommandLineA
GetCommandLineW
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentStringsW
GetEnvironmentVariableA
GetFileTime
GetModuleHandleA
GetOEMCP
GetProcessWorkingSetSize
GetStartupInfoA
GetStdHandle
GetTimeFormatA
GetVersionExA
GlobalAddAtomA
GlobalUnlock
HeapAlloc
HeapCreate
HeapReAlloc
InterlockedIncrement
IsDebuggerPresent
MultiByteToWideChar
QueryPerformanceCounter
RtlUnwind
SetErrorMode
SetLastError
SetProcessWorkingSetSize
SetStdHandle
SetUnhandledExceptionFilter
TerminateProcess
TerminateThread
VirtualQueryEx
WaitForMultipleObjects
WriteFile
lstrcpynA
lstrlenA

user32

TrackPopupMenu
SetClassLongA
SendMessageTimeoutA
PostQuitMessage
MapWindowPoints
IsWindowVisible
IsIconic
GetSysColor
GetPropA
GetClassLongA
FrameRect
EnableWindow
DialogBoxParamA
DeleteMenu

advapi32

QueryServiceConfigA
RegQueryMultipleValuesA
RegOpenKeyW
LsaLookupSids
ConvertSecurityDescriptorToStringSecurityDescriptorW
AccessCheckAndAuditAlarmA
RemoveTraceCallback
SetTraceCallback
RegReplaceKeyW

ddraw

DirectDrawCreateEx
DirectDrawEnumerateExW
DDInternalUnlock

ole32

CoCreateGuid
CLSIDFromString
CoGetMalloc
CoTaskMemFree
IsEqualGUID
CoCreateInstance
CoBuildVersion

Exports

Exports

WaitForMedia

Sections

.text
Size: 152KB - Virtual size: 192KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 81KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a9cc1615ea8e365bc065b51763a3d296

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ddraw

ole32

Exports

Exports

Sections

.text Size: 152KB - Virtual size: 192KB

.data Size: 81KB - Virtual size: 84KB

.rsrc Size: 3KB - Virtual size: 4KB

.reloc Size: 1KB - Virtual size: 4KB

.text
Size: 152KB - Virtual size: 192KB

.data
Size: 81KB - Virtual size: 84KB

.rsrc
Size: 3KB - Virtual size: 4KB

.reloc
Size: 1KB - Virtual size: 4KB