8a77c85863b761ba90af4b78d3d01ceb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8a77c85863b761ba90af4b78d3d01ceb_JaffaCakes118
Size

213KB
MD5

8a77c85863b761ba90af4b78d3d01ceb
SHA1

bea36e75b477db2544d14b093e4f60847a9df2da
SHA256

ed7d22c2f922df466fda6914eb8b93cc27c81f16a60b7aa7eac9ca033014c22c
SHA512

6bbb553a8005b58ef1e91addb8c557f5f5e23d495f8fbcfc1982f26ae385a9f870272b3fe77ac86c268300db758cab903882791d5730d4d2828902cc4213a248
SSDEEP

6144:1E5vHmxMZDXsJkPDwnO6Bc9kQnQwI2Hsygb:1CGyZbkeDwnO6i9rQl2l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8a77c85863b761ba90af4b78d3d01ceb_JaffaCakes118

Files

8a77c85863b761ba90af4b78d3d01ceb_JaffaCakes118
.dll windows:5 windows x86 arch:x86

010d306218f299e7dadbdd91c8396f29

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\22\Cross\Hold\3\96\35\91\74\Find\Operate\Expect\plural\1\Money\Steam.pdb

Imports

kernel32

CloseHandle
WriteConsoleA
GetConsoleOutputCP
GetTempPathA
WriteConsoleW
SetFilePointer
SetStdHandle
CreateFileA
FindFirstChangeNotificationA
GetWindowsDirectoryA
VirtualProtectEx
Sleep
LoadLibraryA
GetCurrentProcess
SetEvent
RtlUnwind
HeapAlloc
RaiseException
GetCurrentThreadId
GetCommandLineA
GetLastError
HeapFree
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
IsValidCodePage
GetModuleHandleW
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetModuleHandleA
VirtualFree
VirtualAlloc
HeapReAlloc
HeapCreate
HeapDestroy
ExitProcess
WriteFile
GetModuleFileNameA
HeapSize
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
FlushFileBuffers

user32

GetMessageA
CloseClipboard
EndDialog
OffsetRect
LoadIconA
SetDlgItemInt
InsertMenuItemA
SetCursor
GetDlgItemInt

gdi32

CreateBitmap
SetBkColor
GetClipBox
StretchDIBits
SetTextColor

comdlg32

GetOpenFileNameA
GetSaveFileNameA
CommDlgExtendedError
ChooseFontA
GetFileTitleA

comctl32

ImageList_GetIcon
ord17
ImageList_BeginDrag
ImageList_DragLeave
_TrackMouseEvent

Exports

Exports

@Afterwhose@0
@Distantwave@0
@DllRegisterServer@0
@Standthree@0

Sections

.text
Size: 166KB - Virtual size: 166KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 354KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

010d306218f299e7dadbdd91c8396f29

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

comdlg32

comctl32

Exports

Exports

Sections

.text Size: 166KB - Virtual size: 166KB

.rdata Size: 31KB - Virtual size: 31KB

.data Size: 6KB - Virtual size: 354KB

.reloc Size: 7KB - Virtual size: 7KB

.text
Size: 166KB - Virtual size: 166KB

.rdata
Size: 31KB - Virtual size: 31KB

.data
Size: 6KB - Virtual size: 354KB

.reloc
Size: 7KB - Virtual size: 7KB