77960e3d494c1e7c6dec0cd4773f6d9c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

77960e3d494c1e7c6dec0cd4773f6d9c_JaffaCakes118
Size

84KB
MD5

77960e3d494c1e7c6dec0cd4773f6d9c
SHA1

4435f5024e78259ad4d27f23221a694499e66c72
SHA256

dfeab637004b3c598c1095907294e62de9e62b3219bf72ddd737be983620c6cb
SHA512

b1b471183fad53413a51336d77363f3324617691314680616e5451480f8984b755cd717e51e32528c70b6f3bae1c19f1d0f8263f3d3cee075500a7991030170c
SSDEEP

1536:4ue7tZ5O6/zLJ2R6UlbPiXpLm7d+DAMG18/d:4ueZ5OyzLghl78pYdVh8/d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
77960e3d494c1e7c6dec0cd4773f6d9c_JaffaCakes118

Files

77960e3d494c1e7c6dec0cd4773f6d9c_JaffaCakes118
.dll windows:4 windows x86 arch:x86

920c87a57a2890fffae81964d9e0f187

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapFree
CreateDirectoryA
CreateProcessA
WaitForSingleObject
VirtualProtect
CreateFileA
ReleaseMutex
GetDriveTypeA
GetLogicalDriveStringsA
CreateTimerQueueTimer
OpenMutexW
GetSystemTime
SetConsoleCtrlHandler
FatalAppExitA
lstrcmpiA
CreateNamedPipeA
GetSystemPowerStatus
CreateHardLinkW
GetFileType
GetTempFileNameA
GetEnvironmentStringsW
GetNumberFormatW
BackupRead
GetUserDefaultLangID
OpenEventW
OpenProcess
FileTimeToLocalFileTime
UnlockFileEx
InitializeCriticalSectionAndSpinCount
LoadResource
PulseEvent
WriteProfileStringW
GetTempPathA
GetEnvironmentVariableW
FindNextFileA
FindResourceExA
FindAtomA
GetTimeFormatW
WaitForSingleObjectEx
SwitchToThread
CreateWaitableTimerA
AreFileApisANSI
GetCurrentProcess
SetTimeZoneInformation
GetThreadContext
TransactNamedPipe
CreateEventW
GlobalFindAtomW
CreateMutexW
FindResourceA
DeleteFileW
GetConsoleOutputCP
IsValidLocale
ReadFile
GlobalGetAtomNameW
GetSystemInfo
InterlockedExchange
EnterCriticalSection
UnmapViewOfFile
GetSystemDirectoryA
GetProcAddress
GetLastError
LoadLibraryA
GetProcessHeap
GetComputerNameA
GetCurrentProcessId
CreateMutexA
GetModuleHandleA
LocalFree
GlobalReAlloc

user32

EnumThreadWindows
GetClassLongA
InvertRect
CheckMenuRadioItem
GetClassInfoA
LoadBitmapA
InternalGetWindowText
DefDlgProcA
GetClassInfoW
FlashWindow
GetMessageW
InSendMessage
IsIconic
GetUserObjectInformationA
GetMenuDefaultItem
CopyRect
ModifyMenuW
EnableWindow
LookupIconIdFromDirectory
DialogBoxParamA
FrameRect
ScrollWindowEx
GetProcessWindowStation
IsMenu
DrawFrameControl
ClientToScreen
IntersectRect
EnableScrollBar
DrawTextA
CharNextExA
GetDialogBaseUnits
IsCharAlphaW
CloseDesktop
SetCapture
LoadMenuW
TranslateAcceleratorA
SetParent
CreateCursor
IsCharAlphaA
GetLastActivePopup
KillTimer
UnhookWinEvent
SetTimer
GetClassNameA
GetWindowThreadProcessId
TranslateMessage
RegisterWindowMessageA
GetMessageA
GetParent

shlwapi

PathIsRootW
PathCommonPrefixW
SHCreateShellPalette
PathIsFileSpecW
StrTrimW
SHRegSetUSValueW
SHDeleteKeyW
StrCmpW
SHGetValueW
PathUnquoteSpacesW
StrCatBuffW
PathAddBackslashW
StrStrIW
SHAutoComplete

advapi32

RegCloseKey
SaferGetLevelInformation
OpenSCManagerA
QueryServiceStatus
OpenProcessToken
QueryServiceLockStatusW
ElfReportEventW
RegQueryValueW
ReportEventW
SaferSetLevelInformation
StartServiceCtrlDispatcherA
GetOldestEventLogRecord
GetUserNameA

Exports

Exports

usrAuthenticationpnp

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

920c87a57a2890fffae81964d9e0f187

Headers

File Characteristics

Imports

kernel32

user32

shlwapi

advapi32

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 59KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 8KB - Virtual size: 6KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 60KB - Virtual size: 59KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 6KB

.reloc
Size: 4KB - Virtual size: 2KB