5da0a76c6d874b3b35d4422ca451de48_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5da0a76c6d874b3b35d4422ca451de48_JaffaCakes118
Size

99KB
MD5

5da0a76c6d874b3b35d4422ca451de48
SHA1

8b6a2fe3179eff5437cab7f8fa601cebed2fa52d
SHA256

285b105b885e309ce9e47980bce9fa28cab4b9d662d210d375c1fd5a6cc539dc
SHA512

d78d8b5e6c9a15f4f1ece93ec2c35626d8219a93ef8a23bae575e5434720eccb00d4589ff8f8f69fa79127b004e4216d24d9a917913cdbc2a338a7a7f212df91
SSDEEP

1536:vefrfEpel6lq6+vQ0ikVJJUJ4MISaymC0i+015+WTbzdWT4cJNHtOOEQOX51:vg76l5YikSISaygi+0TdbpWTfbu51

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5da0a76c6d874b3b35d4422ca451de48_JaffaCakes118

Files

5da0a76c6d874b3b35d4422ca451de48_JaffaCakes118
.dll windows:5 windows x86 arch:x86

43f84e1d7f69893bc7672ef8a5db7fb4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetFileAttributesA
GetProcessHeaps
SetFileAttributesA
GlobalFree
GetFileType
LockResource
GetModuleHandleA
DeleteCriticalSection
CloseHandle
HeapDestroy
GlobalReAlloc
LocalAlloc
GetProcAddress
InterlockedExchange
GetLastError
LoadLibraryA
RaiseException
GetProcessHeap
LockFile
UnlockFile
GlobalSize
CompareFileTime
SystemTimeToFileTime
GlobalAddAtomA
LoadResource
FreeLibrary
GetCommandLineW
TryEnterCriticalSection
FindResourceA
SetCriticalSectionSpinCount
GetFileSize
lstrcpyA
GetSystemTime
VirtualProtectEx
MulDiv
SetFileTime
ExpandEnvironmentStringsA
GetModuleHandleW
SetEnvironmentVariableW
GetCurrentProcess
GetFileInformationByHandle
WaitForMultipleObjects
LocalFree

user32

SetClipboardViewer
UpdateWindow
SetCaretPos
GetClipboardViewer
MessageBoxW
SetWindowPos
DestroyCursor
GetDC
ShowCaret
OpenIcon
IsCharAlphaNumericA
MoveWindow
EndPaint
TranslateAcceleratorW
SetWindowRgn
GetMessageExtraInfo
DrawTextW
GetLastActivePopup
FindWindowExA
GetWindowTextLengthA
BeginPaint
GetClassLongW
TranslateMessage
LockWindowUpdate
ScrollDC
SetClassLongW
RedrawWindow
LoadAcceleratorsA
CreateWindowExW
SwitchToThisWindow
CallWindowProcW
GetMessagePos
DispatchMessageW
GetWindowLongW
GetClassWord
PeekMessageW

gdi32

DPtoLP
GetCharWidthA
GetTextMetricsW
SetDCPenColor
Chord
GetPixel
RestoreDC
GetDeviceCaps
UnrealizeObject
DeleteObject
CreateCompatibleDC
GetObjectW
GetDCPenColor
SetTextJustification

advapi32

RevertToSelf
ImpersonateNamedPipeClient
ImpersonateSelf
GetOldestEventLogRecord
GetEventLogInformation
DeregisterEventSource
WriteEncryptedFileRaw
CloseEncryptedFileRaw
GetTokenInformation
ReportEventW

Exports

Exports

_LockSimpleFile@4
_OpenSimpleFile@20
_UnlockSimpleFile@8
_ValidateSimpleFile@8
_WriteToSimpleFile@12

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

RDATA
Size: 512B - Virtual size: 408B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

GLOBAL
Size: 512B - Virtual size: 88B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

EXPORTS
Size: 512B - Virtual size: 660B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

IMPORTS
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 832B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

43f84e1d7f69893bc7672ef8a5db7fb4

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 12KB

RDATA Size: 512B - Virtual size: 408B

GLOBAL Size: 512B - Virtual size: 88B

EXPORTS Size: 512B - Virtual size: 660B

IMPORTS Size: 3KB - Virtual size: 3KB

.rsrc Size: 80KB - Virtual size: 79KB

.reloc Size: 1024B - Virtual size: 832B

.text
Size: 12KB - Virtual size: 12KB

RDATA
Size: 512B - Virtual size: 408B

GLOBAL
Size: 512B - Virtual size: 88B

EXPORTS
Size: 512B - Virtual size: 660B

IMPORTS
Size: 3KB - Virtual size: 3KB

.rsrc
Size: 80KB - Virtual size: 79KB

.reloc
Size: 1024B - Virtual size: 832B