5ea896ec67c9c6f8a1e22434f8c6fa53_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5ea896ec67c9c6f8a1e22434f8c6fa53_JaffaCakes118
Size

80KB
MD5

5ea896ec67c9c6f8a1e22434f8c6fa53
SHA1

659335bab5bfd3adea51fbe7a57994cdf30b2ab7
SHA256

d0c989bd560b2bc09050f2976a8412d03f8718c144978c946419e9e3cd25c93a
SHA512

26675ae6a20d957f3bb3633b2d1a6685dba820f05d7a0fb5f5953a57fe0fcbb5dcdb61494e7c198920dafab0a5252a00ffa2ba1df2df41860362ec6922e70c17
SSDEEP

1536:oEIE/CSSscPzeGdsoaBpciBAYKn/lf6vluXcw/xc0i:aEqSSsszeGdRQcGan/lf6vlCV/K0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5ea896ec67c9c6f8a1e22434f8c6fa53_JaffaCakes118

Files

5ea896ec67c9c6f8a1e22434f8c6fa53_JaffaCakes118
.dll windows:4 windows x86 arch:x86

2b3cc6d62d6c2c7f6694804545b91644

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetVersionExW
WriteConsoleW
GetStdHandle
lstrcmpW
GetVolumeNameForVolumeMountPointW
CreateIoCompletionPort
MoveFileExW
SetFileApisToOEM
UnlockFileEx
lstrcatW
GetDateFormatW
WriteProfileStringA
GetVersion
GetProcessAffinityMask
GetNumberFormatW
TerminateJobObject
GetThreadContext
OpenMutexA
ReadConsoleW
SetNamedPipeHandleState
SetCommTimeouts
UnregisterWaitEx
GetTimeFormatW
TerminateProcess
GetOverlappedResult
SetInformationJobObject
ClearCommBreak
DeleteTimerQueue
WaitNamedPipeW
BeginUpdateResourceA
PeekConsoleInputA
InitializeCriticalSection
GetUserDefaultUILanguage
SystemTimeToTzSpecificLocalTime
LocalFileTimeToFileTime
FileTimeToSystemTime
CreateFileW
ReadConsoleInputA
DnsHostnameToComputerNameW
GetDriveTypeA
QueueUserAPC
FileTimeToDosDateTime
DuplicateHandle
GetEnvironmentStringsW
TransactNamedPipe
GetTempFileNameA
GetCommProperties
GetCommState
GetFileAttributesW
SetProcessWorkingSetSize
MapViewOfFile
GetCommandLineA
GetModuleFileNameA
VirtualQuery
GetLastError
EnterCriticalSection
LoadLibraryA
InterlockedDecrement
InterlockedCompareExchange
GetProcAddress
CloseHandle
GetVolumeInformationA
LocalFree
InterlockedExchange
LocalHandle
lstrlenW

oleaut32

SysReAllocString

gdi32

CreateMetaFileA
EnumFontFamiliesW
SetMapMode
CloseEnhMetaFile
SetTextAlign
StretchBlt
SetMetaRgn
ExtTextOutW
GetCurrentObject
CreateCompatibleDC
CreateCompatibleBitmap
ExtCreatePen
CreateDCW
Escape
GetEnhMetaFileHeader
DeleteObject
StrokeAndFillPath
StrokePath
GetTextCharsetInfo
GetObjectType
CopyMetaFileA
SetWindowOrgEx
GetBitmapDimensionEx
RealizePalette
GetNearestColor
ResizePalette

Exports

Exports

CatDBCommsMgmt

Sections

.text
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2b3cc6d62d6c2c7f6694804545b91644

Headers

File Characteristics

Imports

kernel32

oleaut32

gdi32

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 56KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 8KB - Virtual size: 6KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 60KB - Virtual size: 56KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 8KB - Virtual size: 6KB

.reloc
Size: 4KB - Virtual size: 2KB