81d75206f931ce017f22d8d560f4db21_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

81d75206f931ce017f22d8d560f4db21_JaffaCakes118
Size

45KB
MD5

81d75206f931ce017f22d8d560f4db21
SHA1

3b513a6740c7e6a50330a89c6b38800dc67383e6
SHA256

9ba68bce97a9f7ed77a8453577ac322a9b7f947c234a135e20fbd1d19bcddd91
SHA512

5ec9f19b638a965e2f37ca684dee6c5d2f90fbeba4881bbdeb379dba0f1af312fd1c7e166cb8272fe1d48f5c0f88f3a03aac2e30dd75c8a2d57d8dc0e66ec18e
SSDEEP

768:YwbmR9hPQDMBt70D4sU/ucrZi4cIveTU2NXQrhmK2rNQ4No4x7:/mMMQD4r/uF4neTUkK2DoK7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
81d75206f931ce017f22d8d560f4db21_JaffaCakes118

Files

81d75206f931ce017f22d8d560f4db21_JaffaCakes118
.dll windows:4 windows x86 arch:x86

2783d79d8209b54ef0f6c6f6d7ab65c8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FileTimeToSystemTime
FileTimeToLocalFileTime
FindFirstFileA
CreateDirectoryA
GetTickCount
SetFileAttributesA
CreateFileA
WriteFile
WinExec
GetComputerNameA
GetLocalTime
GetVersionExA
GetDiskFreeSpaceExA
FindNextFileA
Process32Next
OpenProcess
Process32First
CreateToolhelp32Snapshot
TerminateProcess
GetExitCodeProcess
GetCurrentProcess
WritePrivateProfileStringA
SetProcessWorkingSetSize
LCMapStringA
LoadLibraryA
FindClose
GetLogicalDrives
GetDriveTypeA
_llseek
SetEndOfFile
GetFileSize
_lwrite
_lcreat
_lopen
_lread
_lclose
GetPrivateProfileIntA
GetPrivateProfileStringA
DeleteFileA
CreateMutexA
GetLastError
CreateThread
CreatePipe
GetStartupInfoA
GetSystemDirectoryA
CreateProcessA
Sleep
CloseHandle
ReadFile
GlobalMemoryStatus
GetProcAddress
GetOEMCP
GetACP
GetCPInfo
HeapReAlloc
VirtualAlloc
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
VirtualFree
HeapCreate
HeapDestroy
GetEnvironmentStringsW
GetEnvironmentStrings
WideCharToMultiByte
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetModuleFileNameA
RtlUnwind
GetCommandLineA
GetVersion
HeapFree
HeapAlloc
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
DeleteCriticalSection
LCMapStringW

user32

ExitWindowsEx

advapi32

RegEnumKeyA
RegDeleteValueA
RegCreateKeyA
RegOpenKeyA
RegEnumValueA
RegDeleteKeyA
CreateProcessAsUserA
ControlService
OpenServiceA
StartServiceA
RegSetValueExA
OpenSCManagerA
EnumServicesStatusA
CloseServiceHandle
LookupPrivilegeValueA
AdjustTokenPrivileges
OpenProcessToken
GetTokenInformation
LookupAccountSidA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
GetUserNameA

shell32

SHFileOperationA
ShellExecuteA
SHGetFileInfoA

ws2_32

socket
WSAStartup
htons
connect
setsockopt
WSACleanup
send
recv
select
gethostbyname
inet_addr
closesocket

psapi

EnumProcessModules
GetModuleFileNameExA

msvcrt

_strnicmp
_itoa
_memicmp

Sections

.text
Size: 40KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2783d79d8209b54ef0f6c6f6d7ab65c8

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

ws2_32

psapi

msvcrt

Sections

.text Size: 40KB - Virtual size: 40KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 40KB - Virtual size: 40KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 2KB