6f3b31ad08249e33bf93768a224fb9c2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6f3b31ad08249e33bf93768a224fb9c2_JaffaCakes118
Size

93KB
MD5

6f3b31ad08249e33bf93768a224fb9c2
SHA1

341d161b0b2a1e7202026f37ed9673f4c3906d9c
SHA256

43dec3a0d88e48476a12004f72bed4a07e7467b2e3e14fd9a564dacf3d005f34
SHA512

995459d4843fa520a55f1e8bd279951a3996146e64dfc6a59f5d8698ec972000a4984e3bf1ea111bdcc31554a56bca376c6cee56ca82a9a183b9e6ac0d2e85a8
SSDEEP

1536:nh/ePvny9XwYfyos/TMegEcAfuZYsU9uMFSFzQhjB+yGZcsqjARFTf3kTCh5lRLx:ncXkwuyo2TMZEH/9kp8jU7EARFrcCh5V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6f3b31ad08249e33bf93768a224fb9c2_JaffaCakes118

Files

6f3b31ad08249e33bf93768a224fb9c2_JaffaCakes118
.dll windows:4 windows x86 arch:x86

95468b782f06e3cde45f3ffe59d601de

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

waveInGetNumDevs
waveInGetDevCapsA
mixerOpen
mixerGetNumDevs
mixerGetID
mixerGetDevCapsA
mixerClose

setupapi

SetupDiCallClassInstaller
SetupDiEnumDeviceInfo
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsA
SetupDiGetDeviceInstanceIdA
SetupDiGetDeviceInterfaceDetailA
SetupDiSetClassInstallParamsA
SetupDiDestroyDeviceInfoList

gdi32

GetTextAlign
BitBlt
CreateBrushIndirect
CreateCompatibleDC
CreateFontIndirectA
CreatePen
DeleteDC
DeleteObject
ExtTextOutA
GetBkMode
GetTextColor
GetTextExtentPoint32A
LineTo
MoveToEx
Rectangle
SelectObject
SetBkMode
SetTextAlign
SetTextColor

shell32

Shell_NotifyIconA

user32

LoadStringA
LoadImageA
LoadIconA
LoadCursorA
InsertMenuItemA
GetWindow
GetSysColor
GetMessageA
PostMessageA
GetDesktopWindow
GetDC
GetCursorPos
GetClassNameA
DispatchMessageA
DestroyMenu
DefWindowProcA
CreateWindowExA
CreatePopupMenu
RegisterClassA
PostQuitMessage
ReleaseDC
SendMessageA
SetForegroundWindow
ShowWindow
SystemParametersInfoA
TrackPopupMenu
TranslateMessage
GetMenuCheckMarkDimensions

advapi32

InitializeAcl
SetSecurityDescriptorDacl
RegSetValueExA
RegSetKeySecurity
RegQueryValueExA
RegOpenKeyExA
RegOpenKeyA
RegDeleteValueA
RegCreateKeyExA
RegCreateKeyA
RegCloseKey
InitializeSecurityDescriptor
GetLengthSid
FreeSid
AllocateAndInitializeSid

kernel32

SetEvent
SearchPathA
RtlUnwind
MultiByteToWideChar
LocalFree
LocalAlloc
SetHandleCount
LCMapStringW
LCMapStringA
HeapReAlloc
HeapFree
HeapDestroy
HeapCreate
HeapAlloc
GetVersionExA
GetVersion
GetStringTypeW
GetStringTypeA
GetStdHandle
GetStartupInfoA
GetProcessHeap
GetProcAddress
GetOEMCP
GetModuleHandleA
GetModuleFileNameA
GetLastError
GetFileType
GetEnvironmentStringsW
GetEnvironmentStringsA
GetCurrentProcess
GetCommandLineA
GetCPInfo
Sleep
TerminateProcess
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WinExec
WriteFile
lstrcmpA
lstrcmpiA
lstrcpyA
lstrlenA
LoadLibraryA
CloseHandle
CreateEventA
CreateFileA
CreateMutexA
CreateProcessA
DeviceIoControl
ExitProcess
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetACP

Sections

.text
Size: 79KB - Virtual size: 80KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

95468b782f06e3cde45f3ffe59d601de

Headers

File Characteristics

Imports

winmm

setupapi

gdi32

shell32

user32

advapi32

kernel32

Sections

.text Size: 79KB - Virtual size: 80KB

.data Size: 9KB - Virtual size: 12KB

.rsrc Size: 1KB - Virtual size: 4KB

.reloc Size: 2KB - Virtual size: 4KB

.text
Size: 79KB - Virtual size: 80KB

.data
Size: 9KB - Virtual size: 12KB

.rsrc
Size: 1KB - Virtual size: 4KB

.reloc
Size: 2KB - Virtual size: 4KB