8c1fce0969f3486bc27223291e98ce5c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8c1fce0969f3486bc27223291e98ce5c_JaffaCakes118
Size

88KB
MD5

8c1fce0969f3486bc27223291e98ce5c
SHA1

fbe1f0bdd9d4bbf7d90f4b6e857473ee75c07e3d
SHA256

799e957ba5dd3dd542ea07a43a0584042420c6b9431f6cf131a9109f14bf7490
SHA512

af720b8ca31f2e0f872eb97b438b1955fac85a64a556657935211bd257f4f17e344d5ab0054d6ee25784e23a282d1b952e04600934febd477acc30df0e9dfcd7
SSDEEP

1536:MYFhjixSPfaMgdjOxfdvjHPnuB+wZD6eY30Dn68GUjoCaOEcj3kBVBv:FFhjixlM4qt60A6ZUkCadcj3kBVB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8c1fce0969f3486bc27223291e98ce5c_JaffaCakes118

Files

8c1fce0969f3486bc27223291e98ce5c_JaffaCakes118
.dll windows:4 windows x86 arch:x86

11eaf08c94ff6fd584881f42dfa285d8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

TerminateThread
MoveFileA
CreateDirectoryA
GetCurrentProcess
SetFilePointer
SetEndOfFile
GetLocalTime
Module32Next
SetLastError
CopyFileA
LoadLibraryA
lstrcmpA
lstrcpyA
GetCurrentThread
SetThreadPriority
GetCurrentDirectoryA
GetCurrentProcessId
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
CreateThread
GetCurrentThreadId
LocalFree
MultiByteToWideChar
WideCharToMultiByte
ReleaseMutex
CreateMutexA
ReadFile
WriteFile
FindFirstFileA
FindClose
FindNextFileA
Sleep
CreateFileA
DeleteFileA
GetLastError
MoveFileExA
OpenProcess
TerminateProcess
CloseHandle
WaitForSingleObject
SetCurrentDirectoryA
GetEnvironmentVariableA
SleepEx
lstrlenA
lstrcpynA
HeapAlloc
GetProcessHeap
GetVersionExA
HeapFree

advapi32

RegEnumValueA
RegQueryInfoKeyA
RegEnumKeyExA
RegOpenKeyExA
RegSetValueExA
RegCreateKeyExA
FreeSid
EqualSid
AllocateAndInitializeSid
GetTokenInformation
OpenProcessToken
OpenThreadToken
LookupAccountSidA
ImpersonateSelf
LookupPrivilegeValueA
AdjustTokenPrivileges
RegCloseKey

ws2_32

inet_ntoa
WSAStartup
ntohs
select
inet_addr
__WSAFDIsSet
recv
send
WSAGetLastError
closesocket
connect
htons
ioctlsocket
gethostbyname
gethostbyaddr
WSAIoctl
socket
gethostname

crypt32

CertGetEnhancedKeyUsage
CryptFindOIDInfo
CertEnumSystemStore
CertCloseStore
CertDuplicateCRLContext
CertGetCRLContextProperty
CertEnumCertificatesInStore
CertOpenStore
CryptEnumOIDInfo
CertFreeCRLContext
PFXExportCertStore
CertFreeCertificateChainEngine
CertFreeCertificateChain
CertFreeCertificateContext
CertSetCertificateContextProperty
CertAddCRLContextToStore
CertAddCTLContextToStore
CertGetCertificateChain
CertCreateCertificateChainEngine
CryptAcquireCertificatePrivateKey
CertGetNameStringW
CertAddCertificateContextToStore

msvcrt

fread
??3@YAXPAX@Z
_CxxThrowException
_stricmp
memset
exit
memcpy
memmove
strncpy
_snprintf
strlen
_except_handler3
strncmp
strchr
strcmp
atoi
strtok
rename
rand
srand
time
strstr
strtoul
strcpy
free
calloc
_local_unwind2
fgets
fclose
fopen
strftime
localtime
_pctype
_isctype
__mb_cur_max
fprintf
qsort
fseek
_iob
gmtime
malloc
_vsnprintf
tolower
printf
freopen
fwrite
??1type_info@@UAE@XZ
ftell
wcslen
wcscpy
_wcsdup
wprintf
_initterm
_adjust_fdiv

user32

MessageBoxA
DialogBoxParamA
DialogBoxParamW
GetWindowTextA
GetWindowTextW
GetWindowLongA
PostMessageA
MessageBoxW
IsCharAlphaNumericA

oleaut32

GetErrorInfo

Sections

.text
Size: 63KB - Virtual size: 62KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

11eaf08c94ff6fd584881f42dfa285d8

Headers

File Characteristics

Imports

kernel32

advapi32

ws2_32

crypt32

msvcrt

user32

oleaut32

Sections

.text Size: 63KB - Virtual size: 62KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 10KB - Virtual size: 1.5MB

.reloc Size: 9KB - Virtual size: 9KB

.text
Size: 63KB - Virtual size: 62KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 10KB - Virtual size: 1.5MB

.reloc
Size: 9KB - Virtual size: 9KB