5fe3d6748aa99eec944649ed4686eceb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5fe3d6748aa99eec944649ed4686eceb_JaffaCakes118
Size

184KB
MD5

5fe3d6748aa99eec944649ed4686eceb
SHA1

0d87ebcaad44538aefd74f72f8976609a639bc60
SHA256

c6170e1e19a4dcd2b4df6c92e093de318929464a5457a8df3c0d8f0d546d2d37
SHA512

bb89434e928582457a5f5d306797dd744fb7e0c0835c940377db0ad8be26368645fbf0a6770d33ed96f06174ba3d316e043f83284f0a56714902d513bd54ba0b
SSDEEP

3072:2wcbYdUPU6bkXkAMAhedwBLjcqKqOAk6lF6SY2rrsj9DhLh7heR1:7cbYAU9MAMiBtKqOAkPj9DhLh7he

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5fe3d6748aa99eec944649ed4686eceb_JaffaCakes118

Files

5fe3d6748aa99eec944649ed4686eceb_JaffaCakes118
.dll windows:4 windows x86 arch:x86

c07f80aa5564a73bffa714fd5b789cbd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetStdHandle
CompareStringW
FormatMessageW
GetVolumeInformationW
GetVolumePathNameW
GetFileAttributesW
GetVolumeNameForVolumeMountPointW
InterlockedExchange
GetLocaleInfoA
GetSystemTimeAsFileTime
GetConsoleMode
GetCurrentThreadId
QueryPerformanceCounter
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
HeapSize
GetCPInfo
GetOEMCP
GetACP
WriteConsoleW
FindFirstFileW
FindNextFileW
FindClose
GetWindowsDirectoryA
GetTickCount
GetDiskFreeSpaceA
RaiseException
CreateFileW
lstrlenA
LoadLibraryA
GetCommandLineA
GetProcAddress
GetVersionExA
LocalAlloc
GetSystemDirectoryW
LocalFree
lstrcmpA
GetSystemDirectoryA
lstrcatA
HeapDestroy
lstrcpyA
WideCharToMultiByte
MultiByteToWideChar
CreateFileA
GetFileSize
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
CloseHandle
FreeLibrary
lstrcpynA
lstrcmpiA
lstrlenW
DisableThreadLibraryCalls
InterlockedDecrement
MulDiv
VirtualProtect
GetCurrentProcessId
UnhandledExceptionFilter
GetEnvironmentStringsW
GetLastError
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
GetStartupInfoA
HeapAlloc
HeapFree
RtlUnwind
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
VirtualQuery
ExitProcess
GetModuleHandleA
TerminateProcess
GetCurrentProcess
SetHandleCount
GetFileType
GetSystemInfo

user32

MessageBoxA
InsertMenuW
InsertMenuA
LoadStringW
LoadStringA
CharNextA
SetMenuItemInfoA
wsprintfA
SetDlgItemTextA
SendDlgItemMessageA
SendMessageA
MsgWaitForMultipleObjects
CharUpperA

advapi32

RegQueryInfoKeyA
RegDeleteValueA
RegCloseKey
RegEnumKeyExA
RegOpenKeyExW
RegSetValueExW
RegQueryValueExW
ConvertStringSecurityDescriptorToSecurityDescriptorW
GetSecurityDescriptorControl
SetNamedSecurityInfoW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
SetKernelObjectSecurity
GetFileSecurityW
GetKernelObjectSecurity
GetSecurityDescriptorDacl
ConvertSecurityDescriptorToStringSecurityDescriptorW
AddAce
InitializeAcl
EqualSid
GetLengthSid
LookupAccountNameW
RegOpenKeyExA
RegCreateKeyExA
RegDeleteKeyA
RegQueryValueExA
RegCreateKeyExW
RegDeleteKeyW
RegEnumKeyExW
RegDeleteValueW
RegSetValueExA

gdi32

CreateFontIndirectA
SelectObject
GetTextMetricsA
DeleteObject
DPtoLP
RestoreDC

ole32

CoUninitialize
StringFromGUID2
CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc
CoInitialize

Sections

.text
Size: 113KB - Virtual size: 113KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 54KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c07f80aa5564a73bffa714fd5b789cbd

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

ole32

Sections

.text Size: 113KB - Virtual size: 113KB

.rdata Size: 7KB - Virtual size: 6KB

.data Size: 4KB - Virtual size: 38KB

.rsrc Size: 54KB - Virtual size: 53KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 113KB - Virtual size: 113KB

.rdata
Size: 7KB - Virtual size: 6KB

.data
Size: 4KB - Virtual size: 38KB

.rsrc
Size: 54KB - Virtual size: 53KB

.reloc
Size: 4KB - Virtual size: 4KB