5f491219a11fcff767caf4be21a113ae_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5f491219a11fcff767caf4be21a113ae_JaffaCakes118
Size

83KB
MD5

5f491219a11fcff767caf4be21a113ae
SHA1

db10bea21185a9a0bc5cd90ef0fa707081d1d0c1
SHA256

1035357d7ec1073db9e94285b4ec04f9279e4b2669d2a8ce0073050057dffeab
SHA512

2462ae94b7a541cf09ab6a2379cae8712c1a20cbb3f55b0b10a4ae3be0bdbd241e58d0efa1a3504ec2ca12a1418640a7ce46cf4b91d75973b4a4ea8439e48d7f
SSDEEP

1536:qSPtz7DcoK+gcs+HDw7LyR3xmHEuoqky5OsagcAyXkUzpGvntaW1:qSPh/A7cjw7LoxmkDg5OgcAyXka4/wW1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5f491219a11fcff767caf4be21a113ae_JaffaCakes118

Files

5f491219a11fcff767caf4be21a113ae_JaffaCakes118
.dll windows:4 windows x86 arch:x86

0b80b656e64557f7b074202ff0c7ce0b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

AdjustTokenPrivileges
DeleteService
GetSecurityDescriptorControl
LockServiceDatabase
OpenSCManagerA
RegEnumKeyExA
RegQueryInfoKeyA
StartServiceA

kernel32

AddAtomA
CloseHandle
CompareStringA
CopyFileA
CreateEventA
CreateFileMappingA
CreateProcessA
CreateThread
EnterCriticalSection
ExitProcess
ExitThread
ExpandEnvironmentStringsA
FindNextFileA
FindResourceA
FlushFileBuffers
FormatMessageA
FreeLibrary
GetConsoleMode
GetCurrentProcessId
GetExitCodeProcess
GetLastError
GetLocaleInfoA
GetModuleFileNameA
GetPrivateProfileSectionA
GetPrivateProfileStructA
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetTempPathA
GetThreadLocale
GetTickCount
GetTimeFormatA
GetUserDefaultLCID
GetVersion
GetVersionExA
GetWindowsDirectoryA
GlobalHandle
GlobalLock
GlobalReAlloc
GlobalUnlock
HeapAlloc
HeapDestroy
HeapFree
HeapReAlloc
InterlockedCompareExchange
InterlockedDecrement
InterlockedIncrement
IsBadWritePtr
IsValidCodePage
LCMapStringA
LocalAlloc
LockResource
Module32Next
MoveFileExA
MulDiv
MultiByteToWideChar
QueryPerformanceCounter
RaiseException
ReadFile
ReadProcessMemory
ResumeThread
SetEnvironmentVariableA
SetLastError
Sleep
SystemTimeToFileTime
TerminateProcess
UnhandledExceptionFilter
UnmapViewOfFile
VirtualFree
VirtualProtect
WaitForSingleObject
WideCharToMultiByte
WriteFile
lstrcatA
lstrcmpA
lstrcmpiA
lstrcpynA
lstrlenA

user32

CheckDlgButton
CheckRadioButton
ClientToScreen
CopyRect
DefWindowProcA
DestroyMenu
DialogBoxParamA
DrawIcon
ExitWindowsEx
GetActiveWindow
GetCapture
GetDlgItemTextA
GetSystemMetrics
GetWindowLongA
IntersectRect
LoadBitmapA
LoadIconA
LoadImageA
MapWindowPoints
MessageBoxA
MsgWaitForMultipleObjects
PtInRect
ReleaseDC
SendDlgItemMessageA
SetCursor
SetDlgItemTextA
SetWindowLongA
SetWindowTextA
UnregisterClassA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

Sections

.text
Size: 26KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.DATA
Size: 33KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 15KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE

Sharing

General

Malware Config

Signatures

Files

0b80b656e64557f7b074202ff0c7ce0b

Headers

File Characteristics

Imports

advapi32

kernel32

user32

version

Sections

.text Size: 26KB - Virtual size: 28KB

.DATA Size: 33KB - Virtual size: 60KB

.data Size: 512B - Virtual size: 4KB

.rdata Size: 512B - Virtual size: 4KB

.idata Size: 3KB - Virtual size: 4KB

.edata Size: 15KB - Virtual size: 16KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 26KB - Virtual size: 28KB

.DATA
Size: 33KB - Virtual size: 60KB

.data
Size: 512B - Virtual size: 4KB

.rdata
Size: 512B - Virtual size: 4KB

.idata
Size: 3KB - Virtual size: 4KB

.edata
Size: 15KB - Virtual size: 16KB

.reloc
Size: 2KB - Virtual size: 1KB