8ae1644dc5ad3d12a0330d52aaa74734_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8ae1644dc5ad3d12a0330d52aaa74734_JaffaCakes118
Size

21KB
MD5

8ae1644dc5ad3d12a0330d52aaa74734
SHA1

b3159fd15cc3a244145b9393827bd9b71fa3cbff
SHA256

43cb4297794154020f8f64cf9e94f3c6de46b94c84f00a31a6ca4000457b71b9
SHA512

bd64e7be2d9de36d19cc30df433a9f2f93614f715499c424f9368999839f7729da88a740c8068555506e152c84968f4459fecec1a0f0bd94b9fa62d838acecf0
SSDEEP

384:muY4iy42eneuSe0/FpFw7MXYSPDXaZipySy6:DyhQFp+7tSDAip8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8ae1644dc5ad3d12a0330d52aaa74734_JaffaCakes118

Files

8ae1644dc5ad3d12a0330d52aaa74734_JaffaCakes118
.dll windows:4 windows x86 arch:x86

721b3a02a3452d3b4d2723b419907ae9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WriteFile
SetFilePointer
CreateFileA
lstrcatA
GetLocalTime
lstrcpyA
lstrcmpA
IsDBCSLeadByte
GetCurrentThreadId
GetSystemDirectoryA
SetEndOfFile
CloseHandle
Sleep
InterlockedDecrement
lstrcpynA
lstrlenA
LoadLibraryA
LocalFree
WideCharToMultiByte
GetLastError
GetModuleFileNameA
GetProcAddress
GetCurrentProcess
GetCurrentProcessId
CreateThread

user32

GetDesktopWindow
GetWindowThreadProcessId
EnumChildWindows
GetWindowLongA
SendMessageA
EnumWindows
IsCharAlphaNumericA
GetProcessWindowStation
GetThreadDesktop
OpenWindowStationA
SetProcessWindowStation
OpenDesktopA
SetThreadDesktop
SetWindowsHookExA
GetKeyboardState
ToAscii
CallNextHookEx
GetFocus
GetActiveWindow
wsprintfA
GetWindowTextA

advapi32

RegQueryValueExA

ole32

OleRun
CoInitialize
CoCreateInstance
CoUninitialize

oleaut32

SysAllocStringByteLen
SysStringByteLen
SysAllocString
SysStringLen
SysAllocStringLen
SysFreeString
GetErrorInfo
VariantClear

imm32

ImmGetContext
ImmGetCompositionStringA
ImmReleaseContext

shlwapi

StrStrIA

msvcrt

malloc
_initterm
free
_CxxThrowException
wcslen
??2@YAPAXI@Z
??3@YAXPAX@Z
__CxxFrameHandler
strstr
strncpy
strcat
memcpy
_adjust_fdiv
__dllonexit
strcmp
sprintf
memset
_strupr
strlen
strcpy
_onexit
??1type_info@@UAE@XZ
_itoa

Exports

Exports

SK

Sections

.text
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Shared
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

721b3a02a3452d3b4d2723b419907ae9

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

imm32

shlwapi

msvcrt

Exports

Exports

Sections

.text Size: 13KB - Virtual size: 12KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 1KB - Virtual size: 9KB

Shared Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 13KB - Virtual size: 12KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 1KB - Virtual size: 9KB

Shared
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB