8c33780752e14b73840fb5cff9d31ba1_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

8c33780752e14b73840fb5cff9d31ba1_JaffaCakes118
Size

77KB
MD5

8c33780752e14b73840fb5cff9d31ba1
SHA1

66516150e1a37eb3176a1330810e2c42438dd900
SHA256

43845bcf4d04c573a9fc9ed471a1ebd04306ddeedb286863b41d1133f763b952
SHA512

bad03189cabcc00fefe421e39db846ce4366d3a3148f7afb21364353c097a488e7d88210eaa2994286f2910ba43bd8b7d068210c8cb0eff6a343290f5984792b
SSDEEP

1536:5M/w2PQVDUbPhn3Tf/reVAyXYEcjCG8lDmJQb17rXoKK2jKW:5Mo6QJKPBDHre+QzcjCLBb1PYKK2jR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8c33780752e14b73840fb5cff9d31ba1_JaffaCakes118

Files

8c33780752e14b73840fb5cff9d31ba1_JaffaCakes118
.dll windows:4 windows x86 arch:x86

71ae85b86542d7e63c4a33185849dffb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateDirectoryA
TerminateThread
GetVersionExA
GetFileSizeEx
GetLocalTime
Module32Next
GetCurrentProcess
SetLastError
LoadLibraryA
lstrcmpA
lstrcpyA
GetProcAddress
CopyFileA
GlobalAlloc
GlobalFree
GetComputerNameA
GetCurrentThread
SetThreadPriority
GetCurrentProcessId
GetModuleHandleA
LocalFree
MultiByteToWideChar
WideCharToMultiByte
SetFilePointer
ReleaseMutex
CreateMutexA
GetModuleFileNameA
CreateThread
GetCurrentThreadId
ReadFile
WriteFile
FindFirstFileA
FindClose
FindNextFileA
Sleep
CreateFileA
DeleteFileA
GetLastError
MoveFileExA
TerminateProcess
CloseHandle
GetEnvironmentVariableA
SleepEx
lstrlenA
lstrcpynA
HeapAlloc
GetProcessHeap
MoveFileA
HeapFree

advapi32

RegEnumValueA
RegCloseKey
RegQueryInfoKeyA
RegEnumKeyExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
FreeSid
EqualSid
AllocateAndInitializeSid
GetTokenInformation
OpenProcessToken
OpenThreadToken
LookupAccountSidA
ImpersonateSelf
LookupPrivilegeValueA
GetUserNameA

ws2_32

ntohs
select
__WSAFDIsSet
inet_addr
recv
send
WSAGetLastError
closesocket
connect
htons
ioctlsocket
gethostbyname
gethostbyaddr
WSAIoctl
inet_ntoa
socket

crypt32

CertEnumSystemStore
CertCloseStore
CertDuplicateCRLContext
CertGetCRLContextProperty
CertEnumCertificatesInStore
CertOpenStore
CryptEnumOIDInfo
CertFreeCRLContext
PFXExportCertStore
CertFreeCertificateChainEngine
CertFreeCertificateChain
CertFreeCertificateContext
CertSetCertificateContextProperty
CertAddCRLContextToStore
CertAddCTLContextToStore
CertGetCertificateChain
CertCreateCertificateChainEngine
CertAddCertificateContextToStore
CertGetEnhancedKeyUsage
CryptAcquireCertificatePrivateKey
CertGetNameStringW
CryptFindOIDInfo

msvcrt

fread
??3@YAXPAX@Z
memset
exit
memcpy
memmove
strncpy
_snprintf
strlen
_except_handler3
strncmp
strchr
strcmp
atoi
strtok
rename
rand
srand
time
strstr
strtoul
strcpy
free
calloc
_local_unwind2
fgets
fclose
fopen
strftime
localtime
_pctype
_isctype
__mb_cur_max
fprintf
qsort
mktime
sscanf
fseek
gmtime
malloc
_vsnprintf
tolower
freopen
fwrite
??1type_info@@UAE@XZ
ftell
wcslen
wcscpy
_wcsdup
wprintf
_initterm
_adjust_fdiv
_CxxThrowException
_stricmp

user32

MessageBoxA
DialogBoxParamA
DialogBoxParamW
GetWindowTextA
GetWindowTextW
MessageBoxW
GetWindowLongA
PostMessageA
IsCharAlphaNumericA

oleaut32

GetErrorInfo

Sections

.text
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 1.7MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

71ae85b86542d7e63c4a33185849dffb

Headers

File Characteristics

Imports

kernel32

advapi32

ws2_32

crypt32

msvcrt

user32

oleaut32

Sections

.text Size: 50KB - Virtual size: 49KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 12KB - Virtual size: 1.7MB

.reloc Size: 10KB - Virtual size: 9KB

.text
Size: 50KB - Virtual size: 49KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 12KB - Virtual size: 1.7MB

.reloc
Size: 10KB - Virtual size: 9KB