5ecf26dcee8f90a7a6f2a0271c71d3e4_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5ecf26dcee8f90a7a6f2a0271c71d3e4_JaffaCakes118
Size

221KB
MD5

5ecf26dcee8f90a7a6f2a0271c71d3e4
SHA1

dd14188da44188bbdfdb5b2325afbe77ca71bdd8
SHA256

5f32dc302c13ce190261f15c6a965e5f44978b93c1034527852a734a4e9d8a79
SHA512

30b24d5ae19264ad13d1ffdbd4e943f264361472d676c0d0bb3f02d5796e3511552d9503e43e7375989d70f6762625d136bad040a40908898a663f75a5efb19b
SSDEEP

3072:gs4pzMkLb1m7ufSyDqfx4FZS6PSTBfRsk5Sf86o5c:2b1tfqfibSTBJz5Sfxt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5ecf26dcee8f90a7a6f2a0271c71d3e4_JaffaCakes118

Files

5ecf26dcee8f90a7a6f2a0271c71d3e4_JaffaCakes118
.dll windows:5 windows x86 arch:x86

1ff835250d33d1344f8d7022345ba7e2

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

xpcom

NS_CStringGetData
NS_GetServiceManager
NS_StringCloneData
NS_CStringContainerFinish
NS_CStringContainerInit
NS_CStringContainerInit2
NS_CStringSetData
NS_StringSetDataRange
NS_StringSetData

shlwapi

StrCmpNIA
StrRChrA
StrStrA
StrToIntA
StrStrIA
wnsprintfA
StrNCatA

kernel32

WriteFile
SetStdHandle
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
ExitProcess
HeapSize
GetStringTypeW
GetStringTypeA
HeapReAlloc
VirtualAlloc
OpenMutexA
CloseHandle
lstrlenA
GetProcAddress
MapViewOfFile
lstrcpynA
WaitForSingleObject
SetEvent
Sleep
GetLastError
lstrcmpiA
CreateFileMappingA
FreeLibrary
LoadLibraryA
HeapFree
GetProcessHeap
WideCharToMultiByte
TerminateThread
CreateProcessA
MultiByteToWideChar
lstrlenW
GetExitCodeThread
GetModuleFileNameA
CreateThread
GetComputerNameA
GetVolumeInformationA
GetTickCount
GetCurrentProcessId
CreateMutexA
ReleaseMutex
GetModuleHandleA
HeapAlloc
GetCurrentProcess
CreateEventA
LocalFree
VirtualFree
HeapDestroy
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
SetFilePointer
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
FlushFileBuffers
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
ResetEvent
HeapCreate
IsValidCodePage
GetOEMCP
GetACP
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
GetCurrentThreadId
GetCommandLineA
RaiseException
RtlUnwind
LCMapStringA
LCMapStringW
GetCPInfo
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError

advapi32

RegCreateKeyExA
GetSecurityDescriptorSacl
ConvertStringSecurityDescriptorToSecurityDescriptorW
SetNamedSecurityInfoA
RegSetValueExA
RegCreateKeyA
RegCloseKey
RegOpenKeyA
RegDeleteValueA
RegQueryValueExA

Exports

Exports

NSGetModule
NSModule

Sections

.text
Size: 158KB - Virtual size: 158KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 42KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 7KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1ff835250d33d1344f8d7022345ba7e2

Headers

DLL Characteristics

File Characteristics

Imports

xpcom

shlwapi

kernel32

advapi32

Exports

Exports

Sections

.text Size: 158KB - Virtual size: 158KB

.rdata Size: 42KB - Virtual size: 41KB

.data Size: 7KB - Virtual size: 16KB

.rsrc Size: 512B - Virtual size: 436B

.reloc Size: 12KB - Virtual size: 11KB

.text
Size: 158KB - Virtual size: 158KB

.rdata
Size: 42KB - Virtual size: 41KB

.data
Size: 7KB - Virtual size: 16KB

.rsrc
Size: 512B - Virtual size: 436B

.reloc
Size: 12KB - Virtual size: 11KB