89a9e722999abcad8d6165806471aa26_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

89a9e722999abcad8d6165806471aa26_JaffaCakes118
Size

589KB
MD5

89a9e722999abcad8d6165806471aa26
SHA1

7143edf3c6b919b1b4125fd5b55e552ee457580e
SHA256

087c21cdc010831c7ee3eea94f866ac37b5932649b1aeafb950bb76e8410dd14
SHA512

ad57b880dd661a8b9df27b891fcb2d6475bca05d7227c82f664fae3e7d418e8e5f148d2b9400cff86ddde6585302563231eb09a7c3576c07d010bde93324fee1
SSDEEP

12288:whr4UCeaHTA80gIZ4BgmOEGVN9vtI0E5uO9FAOu8axTQ:ga2g5gmO791I0E5uO9FANU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
89a9e722999abcad8d6165806471aa26_JaffaCakes118

Files

89a9e722999abcad8d6165806471aa26_JaffaCakes118
.dll windows:5 windows x86 arch:x86

0fda4497453286b1daa098623dfc53ce

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

msvcr90.i386.pdb

Imports

kernel32

GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleW
Sleep
GetProcAddress
ExitProcess
WriteFile
GetStdHandle
GetSystemWindowsDirectoryW
GetSystemDirectoryW
GetLongPathNameW
GetCurrentThreadId
TlsGetValue
DebugBreak
OutputDebugStringA
GetCommandLineA
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
ExitThread
CloseHandle
GetLastError
ResumeThread
CreateThread
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCurrentThread
FindNextFileA
FindFirstFileA
FindClose
FindNextFileW
FindFirstFileW
GetLogicalDrives
GetDiskFreeSpaceA
FileTimeToSystemTime
FileTimeToLocalFileTime
SetErrorMode
Beep
GetFileAttributesA
SetFileAttributesA
SetEnvironmentVariableA
GetCurrentDirectoryA
SetCurrentDirectoryA
GetFullPathNameA
GetDriveTypeA
GetCurrentProcessId
CreateDirectoryA
MoveFileA
RemoveDirectoryA
DeleteFileA
GetFileAttributesW
SetEnvironmentVariableW
GetCurrentDirectoryW
SetCurrentDirectoryW
SetFileAttributesW
GetFullPathNameW
CreateDirectoryW
MoveFileW
RemoveDirectoryW
GetDriveTypeW
DeleteFileW
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
LoadLibraryA
FreeLibrary
CreateProcessW
ReadFile
DuplicateHandle
GetCurrentProcess
GetSystemTimeAsFileTime
GetTimeZoneInformation
GetLocalTime
WideCharToMultiByte
SetFileTime
LocalFileTimeToFileTime
SystemTimeToFileTime
SetLocalTime
MultiByteToWideChar
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetTimeFormatA
GetDateFormatA
RtlUnwind
RaiseException
HeapFree
HeapAlloc
GetProcessHeap
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
HeapSize
HeapReAlloc
VirtualAlloc
HeapValidate
HeapCompact
HeapWalk
VirtualProtect
GetSystemInfo
VirtualQuery
SetHandleCount
GetFileType
GetStartupInfoA
SetFilePointer
GetConsoleCP
GetConsoleMode
CreateFileA
FlushFileBuffers
CreatePipe
CreateFileW
SetStdHandle
ReadConsoleInputA
SetConsoleMode
PeekConsoleInputA
GetNumberOfConsoleInputEvents
ReadConsoleInputW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
IsDBCSLeadByteEx
ReadConsoleA
ReadConsoleW
SetEndOfFile
GetFileInformationByHandle
PeekNamedPipe
InterlockedExchange
LockFile
UnlockFile
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
SetConsoleCtrlHandler
InitializeCriticalSectionAndSpinCount
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
FreeEnvironmentStringsA
GetEnvironmentStrings
QueryPerformanceCounter
GetTickCount
GetStringTypeW
GetStringTypeA
LCMapStringA
LCMapStringW
CompareStringA
CompareStringW
GetLocaleInfoW
GetLocaleInfoA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
LoadLibraryW
GetModuleHandleA

Sections

.text
Size: 598KB - Virtual size: 598KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 968B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0fda4497453286b1daa098623dfc53ce

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

Sections

.text Size: 598KB - Virtual size: 598KB

.data Size: 17KB - Virtual size: 25KB

.rsrc Size: 1024B - Virtual size: 968B

.reloc Size: 14KB - Virtual size: 13KB

.text
Size: 598KB - Virtual size: 598KB

.data
Size: 17KB - Virtual size: 25KB

.rsrc
Size: 1024B - Virtual size: 968B

.reloc
Size: 14KB - Virtual size: 13KB