6a7628fbe39d2b0e472de2cf3751e02b_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

6a7628fbe39d2b0e472de2cf3751e02b_JaffaCakes118
Size

86KB
MD5

6a7628fbe39d2b0e472de2cf3751e02b
SHA1

536a54689d4d507d473b115b45b2dbc25f32c85d
SHA256

8850ddf4793eca1aa97379b6294ae0701084005bed83525019ea57498052b436
SHA512

61c4adf1c9531c37db24ad4f3be17ed70bdb1b1367809a107c2ccb423c9c0338b86034e700489be5cf0bab22e8a54b6a3cfb866bfd8b571c0ec155c7742adb8d
SSDEEP

1536:idVysttq3pSU9NEBKwee0uLq+XuWJTctoUS+LapfvpiIAX+yC:O4sDqD9iBv0yMWJTcGUS++ppiIaC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6a7628fbe39d2b0e472de2cf3751e02b_JaffaCakes118

Files

6a7628fbe39d2b0e472de2cf3751e02b_JaffaCakes118
.dll windows:4 windows x86 arch:x86

de8da9a63e096a40bc6a1526699d3cd4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
SetUnhandledExceptionFilter
GetStartupInfoW
InterlockedCompareExchange
Sleep
InterlockedExchange
GetModuleHandleW
GetLastError
GetProcessHeap
HeapAlloc
DeviceIoControl
GetOverlappedResult
ResetEvent
HeapFree
CloseHandle
SetLastError
HeapReAlloc
lstrlenW
GetSystemTimeAsFileTime
FreeLibrary
GetLocaleInfoW
LoadLibraryExW
SearchPathW
WaitForSingleObject
GetProcAddress
RaiseException
SystemTimeToFileTime
FileTimeToSystemTime
GetModuleFileNameW
GetVersionExW
LocalFree
LocalAlloc
CreateMutexW
ReleaseMutex
DeleteFileW
SetFileAttributesW
MoveFileExW
CreateFileW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
VirtualProtect
GetTickCount
GetCommandLineA
FindResourceW

user32

LoadStringW

advapi32

RevertToSelf
CreateRestrictedToken
ImpersonateLoggedOnUser
ReportEventA
OpenProcessToken
GetTokenInformation

ole32

CoTaskMemFree
CoTaskMemAlloc
CLSIDFromString
CoInitialize
CoUninitialize
CoCreateInstance
CoCreateGuid
PropVariantClear

msvcrt

??3@YAXPAX@Z
__CxxFrameHandler
_except_handler3
_cexit
_amsg_exit
_initterm
_wcmdln
exit
_XcptFilter
memset
_vsnwprintf
wcstoul
_wcsnicmp
memcpy
wcsstr
free
memmove
isprint
wcsncmp
_wcsicmp
_adjust_fdiv
malloc

msvcp60

?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??Ostd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??Mstd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z

Sections

.text
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

de8da9a63e096a40bc6a1526699d3cd4

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

msvcrt

msvcp60

Sections

.text Size: 41KB - Virtual size: 40KB

.rdata Size: 37KB - Virtual size: 36KB

.data Size: 512B - Virtual size: 34KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 41KB - Virtual size: 40KB

.rdata
Size: 37KB - Virtual size: 36KB

.data
Size: 512B - Virtual size: 34KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 3KB - Virtual size: 2KB