5ebc9b9c1aa9cf1d66aa3f76d82b4be5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5ebc9b9c1aa9cf1d66aa3f76d82b4be5_JaffaCakes118
Size

347KB
MD5

5ebc9b9c1aa9cf1d66aa3f76d82b4be5
SHA1

cf8fddf77fdcff5f668653cc153df239a638a1e5
SHA256

45eded145e3de545531056cc3a4eeb9a770fea89c5a2104c0ed85be867acecd8
SHA512

d2c7599f9384bac346bd7c0d674404259cf8c02b7766ee6a127e4d4239d1523537b1828beb6e7697a10a2da3905c57d59a0e329ac89231db12c0dcce4736b6f0
SSDEEP

6144:xIQVNdWTBwRTW1j7liGnD0vnpqzTu42Ohn2ESRD4RrSEPaevMKdkBSpDIrZ:xIENdWTWRTW1gGD0RqXpV9Smk2vMK1D

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5ebc9b9c1aa9cf1d66aa3f76d82b4be5_JaffaCakes118

Files

5ebc9b9c1aa9cf1d66aa3f76d82b4be5_JaffaCakes118
.dll windows:5 windows x86 arch:x86

6ffee08ff94e3071fc7a63f393aeb066

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WideCharToMultiByte
ReadFile
CreateFileW
lstrlenW
CloseHandle
lstrcpyA
SetFilePointer
VirtualFree
MultiByteToWideChar
SetLastError
VirtualAlloc
VirtualProtect
lstrcpynA
GetCurrentProcess
QueryPerformanceCounter
SetEnvironmentVariableA
GetModuleHandleA
QueryPerformanceFrequency
GetCurrentProcessId
CreateEventA
GetProcAddress
LoadLibraryA
ExitProcess
lstrcmpiA
lstrcmpiW
GetThreadContext
lstrcmpA
SetThreadContext
TerminateProcess
GetLastError
VirtualAllocEx
ResumeThread
FreeLibrary
HeapAlloc
lstrlenA
lstrcatA
CreateDirectoryA
GetModuleFileNameA
GetTempPathA
GetFileSize
SetEndOfFile
CompareFileTime
SetEvent
GetTickCount
WriteFile
GetProcessTimes
VirtualFreeEx
ReadProcessMemory
GetFileAttributesA
GetFileAttributesW
ExitThread
FlushFileBuffers
OpenEventA
WaitForMultipleObjects
GetFileTime
GetCurrentThreadId
WriteProcessMemory
CreateThread
SetStdHandle
HeapFree
AddVectoredExceptionHandler
HeapCreate
CreateFileA

user32

PostQuitMessage
RegisterClassExA
SetTimer
GetMessageA
SendMessageA
SetWindowLongA
CharLowerA
KillTimer
UnregisterClassA
GetWindowLongA
CreateWindowExA
DefWindowProcA
DispatchMessageA
MessageBoxA
wsprintfA

advapi32

OpenProcessToken

userenv

GetUserProfileDirectoryA

Exports

Exports

Sections

.text
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 15KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.RLD0
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.RLD1
Size: 278KB - Virtual size: 277KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6ffee08ff94e3071fc7a63f393aeb066

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

advapi32

userenv

Exports

Exports

Sections

.text Size: 47KB - Virtual size: 47KB

.rdata Size: 15KB - Virtual size: 15KB

.data Size: 2KB - Virtual size: 1KB

.RLD0 Size: 2KB - Virtual size: 1KB

.RLD1 Size: 278KB - Virtual size: 277KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 47KB - Virtual size: 47KB

.rdata
Size: 15KB - Virtual size: 15KB

.data
Size: 2KB - Virtual size: 1KB

.RLD0
Size: 2KB - Virtual size: 1KB

.RLD1
Size: 278KB - Virtual size: 277KB

.reloc
Size: 1KB - Virtual size: 1KB