5aac42033913737520dbac2f38e46bbd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5aac42033913737520dbac2f38e46bbd_JaffaCakes118
Size

103KB
MD5

5aac42033913737520dbac2f38e46bbd
SHA1

5233b2b7afdcf04e2745936244a44fd08e547d6d
SHA256

13f39f7a231849cedcf93291b72ddece012c7fe36e4588b1970327ee911169e7
SHA512

a6685758a84d29bcb76b0d091d1d8dd393b65a42ad738f385eff4e6d76f709d631dfb49e3456a421403d9e5ed1f9fd29170bf57950f64b512be41b9e8fe68004
SSDEEP

3072:GGc65JgPAx2kDdEkahRqaRZK/OJvmboq:GLnpwdGZK2Jvqt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5aac42033913737520dbac2f38e46bbd_JaffaCakes118

Files

5aac42033913737520dbac2f38e46bbd_JaffaCakes118
.dll windows:4 windows x86 arch:x86

5fd891c7e44ec50885e1e5f529867517

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetCommState
GetCommState
lstrcpyA
ClearCommError
ReadFile
lstrcpynW
GetCommTimeouts
SetCommTimeouts
WriteFile
GlobalFree
CreateThread
LoadLibraryW
WideCharToMultiByte
LocalAlloc
LocalReAlloc
CreateFileW
LocalSize
FormatMessageW
IsDBCSLeadByte
lstrcatW
SetLastError
HeapFree
HeapAlloc
CloseHandle
Sleep
GetLastError
FreeLibraryAndExitThread
GetWindowsDirectoryW
lstrcpyW
lstrlenW
GetDateFormatA
lstrcmpiW
MultiByteToWideChar
GetProcAddress
GetProcessHeap
OpenFile
LeaveCriticalSection
EnterCriticalSection
lstrcmpA
FreeLibrary
GetModuleHandleA
GetModuleFileNameA
LoadLibraryA
SetCurrentDirectoryA
VirtualFree
VirtualAlloc
ExitProcess
GlobalHandle
GlobalAlloc
GlobalLock
GlobalUnlock
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
CreateMutexW
DisableThreadLibraryCalls
ReleaseMutex
WaitForSingleObject
InitializeCriticalSection
DeleteCriticalSection
GetCurrentProcess
GetTimeFormatA
SetupComm
lstrlenA
PurgeComm
EscapeCommFunction
LocalFree
GetLocalTime
DeviceIoControl
SetFilePointer
GetVersion
GetCommandLineA
VirtualProtect
lstrcmpW
GetTickCount

user32

SetDlgItemTextW
LoadCursorW
MessageBoxIndirectW
SetCursor
IsDlgButtonChecked
SetWindowLongW
GetParent
PostMessageW
IsCharAlphaW
LoadStringA
ShowWindow
CharPrevW
IsCharAlphaA
GetWindowLongW
DialogBoxParamW
DispatchMessageW
PeekMessageW
LoadStringW
TranslateMessage
MsgWaitForMultipleObjects
IsCharAlphaNumericW
wsprintfW
CharNextW
GetDlgItem
UpdateWindow
InvalidateRect
EnableWindow
SendMessageW
CheckRadioButton
WinHelpW
EndDialog
IsCharLowerA
wvsprintfA

advapi32

RegDeleteValueW
RegEnumKeyW
RegCreateKeyExW
RegQueryInfoKeyW
RegEnumValueW
RegDeleteKeyW
RegQueryValueExW
RegOpenKeyExW
RegOpenKeyW
RegSetValueExW
RegCloseKey
RegQueryValueExA
RegEnumKeyExW

msvcrt

memmove
free
_initterm
malloc
_adjust_fdiv
_except_handler3
__CxxFrameHandler

Sections

.text
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5fd891c7e44ec50885e1e5f529867517

Headers

File Characteristics

Imports

kernel32

user32

advapi32

msvcrt

Sections

.text Size: 92KB - Virtual size: 92KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 1024B - Virtual size: 35KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 92KB - Virtual size: 92KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 1024B - Virtual size: 35KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 3KB