6267d918547ab8062f0b9c0e208622e1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6267d918547ab8062f0b9c0e208622e1_JaffaCakes118
Size

108KB
MD5

6267d918547ab8062f0b9c0e208622e1
SHA1

ebe27e7a121c75652ed349b1d114bab86ea396a0
SHA256

f8d153a27d8349c5bd1f0fc3fa96ad1c983ff65531fc9a60bef6174282815b44
SHA512

72bcb10c2e3e17358db232c6b9025e891b0c7704fe9d1694a138bb8832c9d577e43c78dbe6bea899bb83d53e7ff2efb379c77a15101f8494f3d43fc1a03d3791
SSDEEP

3072:Xn8QTphBxQzORLwUyNHMxDPlaDM1gqE4xBoAl4:3bTznRAsxDPlIMhL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6267d918547ab8062f0b9c0e208622e1_JaffaCakes118

Files

6267d918547ab8062f0b9c0e208622e1_JaffaCakes118
.dll windows:4 windows x86 arch:x86

a84be925d518d1cd786754081ff090ca

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetFileSize
LoadLibraryA
GetACP
TlsFree
TlsGetValue
TlsSetValue
FreeLibrary
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetVersionExA
WideCharToMultiByte
LocalFree
LocalAlloc
LoadLibraryW
GetDriveTypeW
lstrlenW
GetCurrentProcess
GetProcAddress
Sleep
InterlockedCompareExchange
InterlockedExchange
GetModuleFileNameA
MultiByteToWideChar
ReadFile
GetStringTypeA
LCMapStringW
LCMapStringA
GetOEMCP
GetCPInfo
HeapReAlloc
VirtualAlloc
HeapAlloc
WriteFile
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
GetStringTypeW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
HeapFree
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentVariableA
CloseHandle
GetVersionExW
VirtualProtect
GetCommandLineA
RtlUnwind
GetVersion
ExitProcess
GetModuleHandleA

user32

GetDlgItem
GetCursorPos
DestroyWindow
GetSystemMetrics
EnableWindow
IsDlgButtonChecked
CheckDlgButton
SetDlgItemInt
SetFocus
SetWindowTextA
ScreenToClient
GetWindow
GetClientRect
GetTopWindow
GetDesktopWindow
GetWindowLongA
SendMessageA
SetDlgItemTextA
DestroyIcon
GetParent
EndDialog
GetFocus
ShowWindow

advapi32

RegCloseKey

gdi32

DeleteObject
GetStockObject

Sections

.text
Size: 48KB - Virtual size: 45KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a84be925d518d1cd786754081ff090ca

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

Sections

.text Size: 48KB - Virtual size: 45KB

.rdata Size: 36KB - Virtual size: 35KB

.data Size: 12KB - Virtual size: 44KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 48KB - Virtual size: 45KB

.rdata
Size: 36KB - Virtual size: 35KB

.data
Size: 12KB - Virtual size: 44KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 3KB