6122cc2cb7bbf6810871ca576db5ae21_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6122cc2cb7bbf6810871ca576db5ae21_JaffaCakes118
Size

64KB
MD5

6122cc2cb7bbf6810871ca576db5ae21
SHA1

dbeb7c8b027814eacad96737489d19e7afb8f7d6
SHA256

29e5941b2c3cfeac6b2e871464de8fe82b771d789df1342f459f2d61ef0616d9
SHA512

acf4e72f4c5bee450e5bbf03b3c8c8ec94670ca21157a9fd6a6f6f76dcf241868f54ba3b31a82cfdf11730099be05a68b9ece0cdc5105c6ce0318ebd639bbdd0
SSDEEP

1536:dMUYaYuvyXFd+so7TEwXOhChzFda2yV9jC:dVJ/v8HZosgoUaVH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6122cc2cb7bbf6810871ca576db5ae21_JaffaCakes118

Files

6122cc2cb7bbf6810871ca576db5ae21_JaffaCakes118
.dll windows:4 windows x86 arch:x86

67038befae0942f4cb153c3791e399d4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateConsoleScreenBuffer
SetCurrentDirectoryA
SwitchToThread
GetUserDefaultLCID
GetVolumePathNamesForVolumeNameW
PeekConsoleInputW
HeapSize
AllocConsole
GetModuleHandleW
AssignProcessToJobObject
CreateTimerQueue
GetLogicalDriveStringsA
IsBadStringPtrW
GetThreadContext
SetCurrentDirectoryW
GlobalGetAtomNameW
IsBadCodePtr
FileTimeToSystemTime
SystemTimeToFileTime
SetConsoleMode
LocalHandle
DeleteCriticalSection
FindResourceExA
GetLocalTime
ConvertDefaultLocale
GetComputerNameW
AddAtomW
GetUserDefaultUILanguage
DeviceIoControl
CreateEventA
DeleteFileA
GetConsoleCP
LocalSize
VirtualAlloc
SetComputerNameA
MoveFileExW
TryEnterCriticalSection
GetTimeZoneInformation
DeleteTimerQueueTimer
SetLocalTime
GetProfileStringW
ResetEvent
OpenThread
GetShortPathNameW
lstrcatW
GetSystemTimeAsFileTime
GetModuleFileNameA
CreateMutexA
CreateThread
CopyFileA
VirtualQuery
lstrlenW
lstrcpyW
GetComputerNameA
MoveFileExA
CreateProcessA
HeapAlloc
EnterCriticalSection
InterlockedExchange
VirtualProtect
LoadLibraryA
GetProcessHeap
CreateDirectoryA
WaitForSingleObject
InitializeCriticalSection
UnmapViewOfFile
GetProcAddress
FindResourceA
CloseHandle

ole32

PropVariantClear
OleSetMenuDescriptor
MkParseDisplayName
OleCreateLinkToFile
OleSaveToStream
StgCreateDocfile
OleUninitialize
OleLoadFromStream
CoEnableCallCancellation
CoTaskMemFree
CoUninitialize
CoInitialize

shlwapi

UrlCreateFromPathW
SHRegGetBoolUSValueW
PathStripToRootW
PathFileExistsA
PathAddBackslashW
StrChrIW
PathFindFileNameW
PathUndecorateW
StrStrW
PathIsFileSpecW
PathAddBackslashA
PathSetDlgItemPathW
PathGetCharTypeA
PathGetCharTypeW
PathIsUNCServerShareW
StrStrIW
StrStrIA
PathCreateFromUrlW

shell32

SHGetFolderPathAndSubDirW
SHGetFolderPathW
SHGetFolderPathA

gdi32

SwapBuffers
SetMetaFileBitsEx
GetCharABCWidthsA
SetTextCharacterExtra
GetTextCharacterExtra
ModifyWorldTransform
TextOutW
PolyDraw
SetLayout
SelectObject
CloseEnhMetaFile
DeleteDC
GetWorldTransform
DeleteObject
FillRgn
GetSystemPaletteEntries
ExtTextOutA
GetNearestColor
AbortPath
SetViewportExtEx
EnumFontFamiliesA
UpdateColors
GetTextExtentPoint32A
CreateICW
CreateFontW

Exports

Exports

DllInit
DllInstall

Sections

.text
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1020B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

67038befae0942f4cb153c3791e399d4

Headers

File Characteristics

Imports

kernel32

ole32

shlwapi

shell32

gdi32

Exports

Exports

Sections

.text Size: 48KB - Virtual size: 45KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 1020B

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 48KB - Virtual size: 45KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 1020B

.reloc
Size: 4KB - Virtual size: 1KB