835ed98f6b1d45fa329de55a0ee162ba_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

835ed98f6b1d45fa329de55a0ee162ba_JaffaCakes118
Size

103KB
MD5

835ed98f6b1d45fa329de55a0ee162ba
SHA1

3dcd6fdfa3f5aaae4ba473a834194c5668e6cd43
SHA256

e8430e2014ea50e8c29875fc8740cd5eac662961323ce775d7e3402d287ee6a8
SHA512

813ccd8aa714ae759074c813ba39a9d1c41c3cf74eabfe23a63a68fec9460a29a271199e0913cdcfe967bf9bd78ab5e1fb0073071819f5c44f24fa0ccd6c597f
SSDEEP

3072:odXIwhGjG19fp7Rt2x/7y3fG6LUydS0SB:gXIwhGidp7a83bUydk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
835ed98f6b1d45fa329de55a0ee162ba_JaffaCakes118

Files

835ed98f6b1d45fa329de55a0ee162ba_JaffaCakes118
.dll windows:4 windows x86 arch:x86

fceb506ae5dde58b16b30762234f03bd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetVersion
ExitProcess
HeapDestroy
SetHandleCount
GetFileType
GetStdHandle
IsValidCodePage
GetModuleFileNameA
GetCPInfo
WriteFile
HeapAlloc
HeapFree
LoadLibraryA
GetModuleHandleExW
GetLogicalDriveStringsW
InterlockedExchange
Sleep
InterlockedCompareExchange
GetProcessHeap
FormatMessageW
LocalFree
HeapSize
SetUnhandledExceptionFilter
InitializeCriticalSection
DeleteCriticalSection
GetModuleHandleA
LeaveCriticalSection
SetEvent
CloseHandle
GetOverlappedResult
DeviceIoControl
CreateEventA
WaitForSingleObject
WaitForMultipleObjects
ResetEvent
GetVersionExW
InterlockedDecrement
InterlockedIncrement
FreeLibrary
CreateEventW
GetModuleHandleW
GetCurrentThreadId
GetTickCount
CreateThread
lstrlenW
UnhandledExceptionFilter
GetCurrentProcess
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetProcAddress
WideCharToMultiByte
DisableThreadLibraryCalls
MultiByteToWideChar
GetLastError
GetStartupInfoA
GlobalFree
GetCommandLineA
GlobalAlloc
EnterCriticalSection
VirtualProtect

user32

LoadStringW
CreateWindowExW
RegisterClassExW
PostMessageW
GetDlgItem
SetCursor
LoadCursorW
GetWindowTextLengthW
EnableWindow
SetWindowTextW
GetSystemMetrics
InvalidateRect
GetClientRect
SendDlgItemMessageW
CallWindowProcW
SetWindowLongW
MessageBeep
GetWindowTextW
GetWindowLongW
GetParent
ShowWindow
SetFocus
SendMessageW

advapi32

RegEnumKeyExW
RegDeleteKeyW
RegSetValueExW
RegSetValueW
RegCreateKeyW
RegOpenKeyExW
RegCloseKey

gdi32

DeleteObject
CreateFontW

ole32

StringFromGUID2
CoTaskMemFree
CoTaskMemAlloc
CoUninitialize
CoFreeUnusedLibraries
IIDFromString

msvcr71

_onexit
free
_amsg_exit
memset
wcschr
memmove
_except_handler3
_vsnwprintf
_initterm
malloc
_adjust_fdiv
__CppXcptFilter
__dllonexit
_XcptFilter

Sections

.text
Size: 69KB - Virtual size: 69KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fceb506ae5dde58b16b30762234f03bd

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

ole32

msvcr71

Sections

.text Size: 69KB - Virtual size: 69KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 36KB

.rsrc Size: 23KB - Virtual size: 22KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 69KB - Virtual size: 69KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 36KB

.rsrc
Size: 23KB - Virtual size: 22KB

.reloc
Size: 2KB - Virtual size: 2KB