70af7aed37109fbab01737c7b120dbf3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

70af7aed37109fbab01737c7b120dbf3_JaffaCakes118
Size

36KB
MD5

70af7aed37109fbab01737c7b120dbf3
SHA1

0686368b0229bb23fcbc68ab2533042e95c8c34f
SHA256

4a20e6dc01a8e8a5be2612e9e9802ef2148ee8f5ad4ffe9574e7d99bc29a27ec
SHA512

01f76c0bc2841c2fac76b1a2f2478d0bb8ee813106b9f60811b96447d5067fbeac43029fc2b8ba198dfd1cda1d9b56dbfbc6ebe4c3122bdd135fa8eba7408920
SSDEEP

768:T4yJh4t0A6qIRfdcc9n5X1g4WsgQEIrRZddiACaS:Eyz4t03qI1tjWsgQEIFYABS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
70af7aed37109fbab01737c7b120dbf3_JaffaCakes118

Files

70af7aed37109fbab01737c7b120dbf3_JaffaCakes118
.dll windows:1 windows x86 arch:x86

2b6fdf6dda907ffa4485d88ced5fbb33

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

AreFileApisANSI
ClearCommError
CreateIoCompletionPort
DebugActiveProcess
EnterCriticalSection
EraseTape
ExitProcess
FindCloseChangeNotification
FreeEnvironmentStringsW
GetCPInfoExW
GetCommMask
GetCommState
GetComputerNameA
GetComputerNameW
GetConsoleAliasExesLengthW
GetConsoleInputWaitHandle
GetEnvironmentVariableW
GetFileSize
GetLastError
GetModuleFileNameA
GetOEMCP
GetPrivateProfileStructA
GetProcessHeap
GetProfileIntW
GetProfileSectionA
GetStringTypeExA
HeapCreate
HeapLock
IsBadStringPtrA
IsDBCSLeadByteEx
LoadLibraryW
LocalUnlock
OpenEventA
OpenFile
OpenSemaphoreW
ReadFileScatter
ResetEvent
RtlFillMemory
SetConsoleTitleA
Sleep
VerLanguageNameW
VirtualProtect
WriteConsoleInputW
lstrcmpA
lstrcmpiA

user32

ChangeClipboardChain
CheckDlgButton
DlgDirListComboBoxA
DrawFrame
EndDialog
EnumDisplayMonitors
EnumWindows
GetAltTabInfoA
GetAncestor
GetClassWord
GetDC
GetDCEx
GetKBCodePage
GetKeyboardType
GetMenuContextHelpId
GetMenuState
GetTopWindow
GetWindowTextLengthW
InsertMenuW
IsCharAlphaA
IsDlgButtonChecked
IsWindowUnicode
RegisterClassExW
RegisterDeviceNotificationW
ReleaseDC
SendDlgItemMessageW
SendNotifyMessageA
SetDoubleClickTime
SetForegroundWindow
SetMenuItemBitmaps
SetUserObjectInformationA
ToUnicode
TranslateAcceleratorA
wsprintfA

gdi32

AbortPath
CreateFontA
GdiComment
GetBitmapBits
GetBitmapDimensionEx
GetCharABCWidthsFloatA
GetClipBox
GetClipRgn
GetCurrentObject
GetDIBColorTable
GetMetaFileA
GetPath
GetPixel
GetPixelFormat
GetTextCharacterExtra
GetTextFaceA
GetTextFaceW
OffsetWindowOrgEx
PolyPolygon
ResetDCW
SaveDC
SetGraphicsMode
SetWinMetaFileBits

msvcrt

_clearfp
_ctype
_getcwd
_setsystime
_snwprintf
_strlwr
_wspawnle
setbuf
strlen
tmpfile
wcstod
wcstol

Exports

Exports

CtbrvsH
ENbtmjbG
EwZDuxlkhrzixFA
FmrzhjqFaejLSE
GfVvAtHrfxfkqoidl
HTGnssagsiretyTq
Hutgxzs
OcYucyCpeOvbbewx
PNedfdGzhny
SpKIfRO
TLeFww
UiSiwJaDLnwrrTdKgh
VjOccPlQgc
YdwdeiPIvNxhdweuV
YegGMbsixTpwEOh

Sections

.text
Size: 9KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fdata
Size: 512B - Virtual size: 401B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2b6fdf6dda907ffa4485d88ced5fbb33

Headers

File Characteristics

Imports

kernel32

user32

gdi32

msvcrt

Exports

Exports

Sections

.text Size: 9KB - Virtual size: 84KB

.data Size: 23KB - Virtual size: 34KB

.fdata Size: 512B - Virtual size: 401B

.rsrc Size: 1024B - Virtual size: 784B

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 9KB - Virtual size: 84KB

.data
Size: 23KB - Virtual size: 34KB

.fdata
Size: 512B - Virtual size: 401B

.rsrc
Size: 1024B - Virtual size: 784B

.reloc
Size: 2KB - Virtual size: 1KB