67d7c1ba9bb60882573deab66fb86c56_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

67d7c1ba9bb60882573deab66fb86c56_JaffaCakes118
Size

96KB
MD5

67d7c1ba9bb60882573deab66fb86c56
SHA1

e85e66947cc76661e8c99ca45ad555324d53367d
SHA256

161551b79ea3b6f0f440af3385b583d9db144ff90beb60c3a55b230d75835084
SHA512

ea57ad522e78fd0acabbaeda38e63987f3e9afb236ab9cca99ecdc587afbb6fb9f64b27164fc59fd89ebbb2226ae97955255228cc58374894fe6c4e6dc3b3645
SSDEEP

1536:LJhU9FCrg6r83LGq8yPeS9wvigGC5DJ53398tqYzz0ni2RAM8fqEtJ:LQJ62O8eSKihsDT3gEniAYtJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
67d7c1ba9bb60882573deab66fb86c56_JaffaCakes118

Files

67d7c1ba9bb60882573deab66fb86c56_JaffaCakes118
.dll windows:4 windows x86 arch:x86

3f592ca000454fb10d2b57a6ba374d76

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetFilePointer
GetFileSize
InterlockedExchange
InterlockedCompareExchange
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
FormatMessageW
OutputDebugStringA
InterlockedIncrement
SwitchToThread
LoadLibraryA
GetProcAddress
FreeLibrary
lstrcmpiA
GlobalAddAtomA
GlobalFindAtomA
DeleteFileW
lstrcpyA
lstrcatA
GlobalSize
GlobalDeleteAtom
MulDiv
GlobalLock
GlobalUnlock
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
LocalAlloc
GlobalHandle
lstrlenW
DeleteCriticalSection
InitializeCriticalSection
FindFirstFileW
FindNextFileW
FindClose
SetLastError
CreateFileW
CreateDirectoryW
EnterCriticalSection
GetCurrentProcess
GetCurrentThreadId
GetModuleHandleW
ResetEvent
InterlockedDecrement
SetEvent
Sleep
TryEnterCriticalSection
LeaveCriticalSection
CloseHandle
GetLastError
ReleaseSemaphore
WaitForSingleObject
GlobalFree
VirtualProtect
GetCommandLineA
GlobalGetAtomNameA
GlobalAlloc

user32

IsClipboardFormatAvailable
SetClipboardData
GetClipboardData
EnumClipboardFormats
RegisterClipboardFormatA

advapi32

LsaOpenPolicy
RegQueryValueA
ReportEventW

gdi32

RealizePalette
SelectPalette
CreatePalette
SetViewportExtEx
StretchDIBits
EnumEnhMetaFile
DeleteMetaFile
SetMetaFileBitsEx
GetMetaFileBitsEx
SetWinMetaFileBits
GetStockObject
SetWindowExtEx
PlayMetaFileRecord
SetBitmapBits
SetBitmapDimensionEx
CreateBitmap
GetObjectA
GetBitmapBits
DeleteObject
SetWindowOrgEx

ole32

CoCreateInstance
CoTaskMemAlloc
CoTaskMemFree

msvcr71

malloc
__dllonexit
__CppXcptFilter
_initterm
wcsncmp
printf
qsort
memcpy
memmove
_except_handler3
memset
_CxxThrowException
_callnewh
_onexit
free
swscanf
_wcsicmp
_adjust_fdiv

Sections

.text
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3f592ca000454fb10d2b57a6ba374d76

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

ole32

msvcr71

Sections

.text Size: 76KB - Virtual size: 75KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 36KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 76KB - Virtual size: 75KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 36KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 4KB - Virtual size: 2KB