692e81d3d5bd20688da9d51f711cb2d9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

692e81d3d5bd20688da9d51f711cb2d9_JaffaCakes118
Size

80KB
MD5

692e81d3d5bd20688da9d51f711cb2d9
SHA1

32c3d3f4fb9544ba6bd0adf1e7f516f3772b4bc2
SHA256

7570abc42c05133ace66e760f266752efa2fdec4d1e173ff0f52e6c86bcca8f0
SHA512

f33b0aa827391774c89549ab5e11f29b8a6e3d85a8e257d14802b6fe9b94ec9b765a2cfde3b59e181596e392a7c23e2b3d5fa4d990daae601830558513958555
SSDEEP

1536:Lr5dFy9W/B7MnwrS60NX/lKpzt+z72po4KFWS+k3R9MLTG5:358W/BK+wqt+KRKFWS+M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
692e81d3d5bd20688da9d51f711cb2d9_JaffaCakes118

Files

692e81d3d5bd20688da9d51f711cb2d9_JaffaCakes118
.dll windows:4 windows x86 arch:x86

10f56e4a39bf37a00e1f645cc3489878

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ReadConsoleA
DeleteVolumeMountPointW
WriteConsoleA
GetEnvironmentVariableW
FindResourceW
UnlockFile
HeapDestroy
FindResourceExW
SetCommTimeouts
LCMapStringW
CreateToolhelp32Snapshot
GlobalAddAtomA
CreateFileW
LCMapStringA
GetEnvironmentStrings
VirtualUnlock
GetModuleHandleExW
GetCalendarInfoW
SetHandleInformation
SetConsoleWindowInfo
IsBadWritePtr
lstrcatA
GetDateFormatA
GlobalMemoryStatusEx
GetLogicalDriveStringsA
ProcessIdToSessionId
RegisterWaitForSingleObjectEx
GetFullPathNameW
SetConsoleTextAttribute
SetFileTime
SetFileApisToOEM
FindNextFileA
GetHandleInformation
GetCommState
LockResource
WaitForSingleObject
WaitForSingleObjectEx
CreateProcessW
SetConsoleTitleA
CompareStringW
ResetEvent
HeapLock
GetCurrentProcessId
HeapSize
GlobalReAlloc
AllocConsole
GetCompressedFileSizeW
BeginUpdateResourceA
GetStringTypeA
GlobalFree
GetSystemDirectoryW
GetFullPathNameA
GetModuleFileNameA
CreateProcessA
LocalFree
CreateFileMappingA
GetLastError
Sleep
VirtualProtect
CopyFileA
OpenEventA
CreateEventA
lstrlenA
GlobalAlloc
EnterCriticalSection
InitializeCriticalSectionAndSpinCount
LoadLibraryA
lstrlenW
GetProcAddress
CloseHandle
InterlockedExchange
SetLastError
GetProcessHeap
CreateThread
CreateFileA

shell32

SHCreateDirectoryExW
SHFormatDrive
SHPathPrepareForWriteW
ShellAboutA
SHGetFolderPathA
SHGetPathFromIDListW

gdi32

GetEnhMetaFileA
GetStretchBltMode
RemoveFontResourceW
StartDocA
SetBkMode
SetColorAdjustment
GetTextFaceW
GetCharABCWidthsA
GetWorldTransform
EqualRgn
SetGraphicsMode
UpdateColors
DescribePixelFormat
CreateDIBPatternBrushPt
GetNearestColor
GetTextExtentPoint32W
IntersectClipRect
CopyEnhMetaFileA
TranslateCharsetInfo
CreatePatternBrush
ExtTextOutA
GetTextCharacterExtra
SetPolyFillMode
SetDCBrushColor
ResetDCA
ExtFloodFill
CreateBrushIndirect

Exports

Exports

CPlApplet

Sections

.text
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

10f56e4a39bf37a00e1f645cc3489878

Headers

File Characteristics

Imports

kernel32

shell32

gdi32

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 57KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 8KB - Virtual size: 6KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 60KB - Virtual size: 57KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 8KB - Virtual size: 6KB

.reloc
Size: 4KB - Virtual size: 2KB