72b117eef7e40f63744bd984af4f8d6b_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

72b117eef7e40f63744bd984af4f8d6b_JaffaCakes118
Size

100KB
MD5

72b117eef7e40f63744bd984af4f8d6b
SHA1

0acc51e4f1c70331cf44d2308f694eb6052ac5cd
SHA256

8b67694411dbe7a2f28a6cd3ff0473b26ba82855ece729062a7d6f2204c5349a
SHA512

f035c6b233e895fec784b82d99abf404bd614f77004edb8ade34440d6713d642bee4318ace53f8847247e796e2e1e5ed23da1fe2cb06e246ac6c02c0a5768c25
SSDEEP

3072:u2Yj1w6lPt+5UFUlDcJzZunC0TmZkoGgo9:u0Yt+5U8OITKkT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
72b117eef7e40f63744bd984af4f8d6b_JaffaCakes118

Files

72b117eef7e40f63744bd984af4f8d6b_JaffaCakes118
.dll windows:4 windows x86 arch:x86

90831e8927a478977d7118fc8f9f09e7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateProcessW
GenerateConsoleCtrlEvent
WriteConsoleInputA
SetConsoleMode
OpenProcess
LoadLibraryW
HeapDestroy
GetProcessHeap
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
GetStartupInfoA
InterlockedCompareExchange
Sleep
SetEvent
InterlockedExchange
GetProcAddress
FreeLibrary
LocalAlloc
LocalFree
GetCurrentProcessId
WaitForMultipleObjects
CreateThread
CreateEventW
GetVersionExW
GetCommandLineW
GetModuleHandleW
UnregisterWaitEx
RegisterWaitForSingleObject
WaitForSingleObject
ReleaseMutex
GlobalFree
InterlockedIncrement
GlobalHandle
IsBadReadPtr
GlobalReAlloc
GlobalLock
GlobalAlloc
GetModuleHandleA
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
HeapSize
LoadLibraryA
HeapReAlloc
VirtualAlloc
GetCPInfo
GetOEMCP
GetACP
GetSystemInfo
HeapAlloc
GetEnvironmentStringsW
GetLastError
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
HeapFree
VirtualFree
HeapCreate
GetModuleFileNameA
GetFileType
GetStdHandle
SetHandleCount
ExitProcess
VirtualQuery
InterlockedDecrement
AllocConsole
SetConsoleCtrlHandler
GetCommandLineA
GlobalUnlock
VirtualProtect
GetVersionExA
RtlUnwind

user32

PostMessageW
SetMessageQueue
DeleteMenu
GetSystemMenu
WinHelpW
EndDialog
GetWindowTextLengthW
SetWindowLongW
SetFocus
GetWindowLongW
GetDlgItem
GetDlgItemTextW
DialogBoxParamW
PostThreadMessageW
MsgWaitForMultipleObjects
GetDesktopWindow
LoadStringW
DestroyIcon
PostQuitMessage
SetCursor
PeekMessageW
EnableWindow
GetMessageW
TranslateMessage
DispatchMessageW
LoadIconW
LoadCursorW
RegisterClassW
CreateWindowExW
ShowWindow
UpdateWindow

advapi32

OpenSCManagerW
OpenServiceW
StartServiceW
CloseServiceHandle
QueryServiceStatus

ole32

CoUninitialize
CoRevokeClassObject
CoRegisterClassObject

rpcrt4

RpcAsyncInitializeHandle
NdrAsyncClientCall
RpcAsyncCancelCall
RpcAsyncCompleteCall

Sections

.text
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

90831e8927a478977d7118fc8f9f09e7

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

rpcrt4

Sections

.text Size: 44KB - Virtual size: 40KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 36KB - Virtual size: 69KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 44KB - Virtual size: 40KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 36KB - Virtual size: 69KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 3KB