6ffa2df6dcea462079874092419bd2e2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6ffa2df6dcea462079874092419bd2e2_JaffaCakes118
Size

268KB
MD5

6ffa2df6dcea462079874092419bd2e2
SHA1

313aa352a11caff0b9176fadceaa831837f9a444
SHA256

48332ccc64e09f5aa32f102a325ff2c98e46fbeb60b1af2186860d790442c81e
SHA512

6dd4ab67633f8743c6b11c2992b5d9deff4cf7868a6e6e5158c31882568a3bd9a706e96018aa1fd3b4d822a2714bcf94efd1a81f71d9027919f38425803b6dbf
SSDEEP

6144:uvYgsnalKbePJ73SD5M44qCFKapXQ3OIHeXJ0lQ1VCsPE:uvYdalKihiyquKQXJ9HPE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6ffa2df6dcea462079874092419bd2e2_JaffaCakes118

Files

6ffa2df6dcea462079874092419bd2e2_JaffaCakes118
.dll windows:4 windows x86 arch:x86

9e7e4dbfd85c919e29580d909a107c54

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

pncrt

??2@YAPAXI@Z
__CxxFrameHandler
atol
_ftol
toupper
_purecall
sprintf
strstr
atoi
strchr
_wtoi
printf
isdigit
_vsnprintf
fclose
fread
_strcmpi
_adjust_fdiv
??3@YAXPAX@Z
_initterm
_onexit
__dllonexit
rand
memmove
_open
_read
_close
_write
_putenv
_itoa
_strnicmp
_ismbcspace
realloc
_stricmp
free
malloc
_mbctype
strrchr
wcslen
_getcwd
_chdir
mbstowcs
wcscpy
wcstombs
_swab
strncpy
strncmp
fseek
ftell
fopen
_except_handler3

ole32

CoFreeUnusedLibraries
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
CoUninitialize
CoInitialize

advapi32

RegCreateKeyExA
RegQueryValueExA
RegDeleteKeyA
RegSetValueExA
RegOpenKeyExA
RegCloseKey

user32

CharPrevA
CharNextA
LoadCursorA
SetCursor
wvsprintfA
CallNextHookEx
SetWindowsHookExA
UnhookWindowsHookEx
GetWindowLongA
DefWindowProcA
KillTimer
SetTimer
IsWindow
DestroyWindow
UnregisterClassA
RegisterClassA
CreateWindowExA
SetWindowLongA
FindWindowExA
SetFocus
PostMessageA
MessageBoxA
GetSystemMetrics

winmm

mmioGetInfo
mmioDescend
mmioOpenA
mmioClose

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

kernel32

FindFirstFileA
LeaveCriticalSection
FindClose
GetLastError
DisableThreadLibraryCalls
GetModuleFileNameA
GetCurrentThreadId
lstrlenA
GetVersionExA
SetErrorMode
GetFileAttributesExA
GetLocaleInfoA
DeviceIoControl
CloseHandle
CreateFileA
WaitForSingleObject
GetExitCodeProcess
CreateProcessA
MultiByteToWideChar
LoadLibraryA
GetModuleHandleA
FreeLibrary
InterlockedIncrement
GetProcAddress
InterlockedDecrement
lstrcatA
GetDriveTypeA
EnterCriticalSection
InitializeCriticalSection
DeleteCriticalSection
CreateEventA
ResetEvent
SetEvent
WaitForMultipleObjects
CreateSemaphoreA
ReleaseSemaphore
GetSystemInfo
VirtualAlloc
VirtualFree
lstrcpyA
WideCharToMultiByte
GetACP
CreateThread
SetThreadPriority
MulDiv
PulseEvent
GetVersion
ReadFile
SetFilePointer
lstrcpynA
GetLogicalDriveStringsA
OutputDebugStringA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
RMACreateInstance
SetDLLAccessPath

Sections

.text
Size: 184KB - Virtual size: 181KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9e7e4dbfd85c919e29580d909a107c54

Headers

File Characteristics

Imports

pncrt

ole32

advapi32

user32

winmm

version

kernel32

Exports

Exports

Sections

.text Size: 184KB - Virtual size: 181KB

.rdata Size: 24KB - Virtual size: 21KB

.data Size: 28KB - Virtual size: 29KB

.rsrc Size: 8KB - Virtual size: 4KB

.reloc Size: 20KB - Virtual size: 18KB

.rmnet Size: 48KB - Virtual size: 48KB

.text
Size: 184KB - Virtual size: 181KB

.rdata
Size: 24KB - Virtual size: 21KB

.data
Size: 28KB - Virtual size: 29KB

.rsrc
Size: 8KB - Virtual size: 4KB

.reloc
Size: 20KB - Virtual size: 18KB

.rmnet
Size: 48KB - Virtual size: 48KB