69133eb1c38f4a789b3f59e9c899b398_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

69133eb1c38f4a789b3f59e9c899b398_JaffaCakes118
Size

246KB
MD5

69133eb1c38f4a789b3f59e9c899b398
SHA1

b27f3c051cb649ffb9a2a88e290efdda7611911b
SHA256

216e242ee48a337a2488e1f64f16c8cc853a131d3d4ed6c4e2a9b29ff2726a42
SHA512

6b3892695d79f17875d748a5d298e44ff9bddef5d990bdb31c2d8842c53da3483d805b9730379344fc2ad1b203b3280a2808a7535cf6157f8fbb89c7546c931a
SSDEEP

3072:TtjE7tP86b61c5XBSmf3KeHIpq5P5uQSXr7rm//XAns+7b9xii0PpelMExwZKlL+:TR4hnUc5xd3upq5BuQ2rc2PbFCelM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
69133eb1c38f4a789b3f59e9c899b398_JaffaCakes118

Files

69133eb1c38f4a789b3f59e9c899b398_JaffaCakes118
.dll windows:4 windows x86 arch:x86

9c61440b96d168b0d9e35de4624dfcd9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mfc42

ord823
ord825

kernel32

GetVersion
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
RtlUnwind
OutputDebugStringA
InterlockedCompareExchange
InterlockedExchange
DisableThreadLibraryCalls
GetTempPathA
lstrlenA
MultiByteToWideChar
CreateThread
ExitThread
SetEvent
TerminateThread
ResetEvent
CreateFileA
ReadFile
lstrcmpA
FreeLibrary
GetSystemDirectoryA
LoadLibraryA
GetProcAddress
WaitForSingleObject
ReleaseMutex
OpenMutexA
GetProcessHeap
HeapAlloc
CreateMutexA
HeapFree
InitializeCriticalSection
CreateEventA
WideCharToMultiByte
GetWindowsDirectoryA
GetSystemDefaultLangID
Sleep
GetModuleHandleA
GlobalAlloc
EnterCriticalSection
LeaveCriticalSection
InterlockedIncrement
InterlockedDecrement
DeleteCriticalSection
CloseHandle
GlobalFree

advapi32

RegCreateKeyExA
RegDeleteValueA
RegFlushKey
RegSetValueExA
RegEnumValueA
RegQueryValueExA
AllocateAndInitializeSid
GetLengthSid
InitializeAcl
AddAccessAllowedAce
FreeSid
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegOpenKeyExA
RegCloseKey

ole32

CoTaskMemFree
CoTaskMemAlloc

oleaut32

SysFreeString
SysAllocString

Exports

Exports

CreateUSD
DeleteUSD
DllCanUnloadNow
DllGetClassObject
DllMain

Sections

.text
Size: 183KB - Virtual size: 440KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 472KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.shared
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mstp
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.mstp02
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 164B

IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 240B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9c61440b96d168b0d9e35de4624dfcd9

Headers

File Characteristics

Imports

mfc42

kernel32

advapi32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 183KB - Virtual size: 440KB

.bss Size: - Virtual size: 472KB

.pdata Size: 4KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 4KB

.rdata Size: 4KB - Virtual size: 4KB

.tls Size: 4KB - Virtual size: 4KB

.shared Size: 4KB - Virtual size: 4KB

.mstp Size: 4KB - Virtual size: 4KB

.mstp02 Size: 4KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 164B

.idata Size: 2KB - Virtual size: 2KB

.rsrc Size: 27KB - Virtual size: 26KB

.reloc Size: 4KB - Virtual size: 240B

.text
Size: 183KB - Virtual size: 440KB

.bss
Size: - Virtual size: 472KB

.pdata
Size: 4KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 4KB

.rdata
Size: 4KB - Virtual size: 4KB

.tls
Size: 4KB - Virtual size: 4KB

.shared
Size: 4KB - Virtual size: 4KB

.mstp
Size: 4KB - Virtual size: 4KB

.mstp02
Size: 4KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 164B

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 27KB - Virtual size: 26KB

.reloc
Size: 4KB - Virtual size: 240B