8cdb3286473eeea25e1579b354f7b8e1_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

8cdb3286473eeea25e1579b354f7b8e1_JaffaCakes118
Size

692KB
MD5

8cdb3286473eeea25e1579b354f7b8e1
SHA1

665375a81b95cd2d3e0af9348d81eab382d3894f
SHA256

738d4b64260f1295f49c06ba424a74ee1fbcd62a4d1793b1b1444009b4e163ae
SHA512

0b10c503e2a105ca0e6bdc57c7a52bff6a143cceb69df51a6c9186f055b9ad465e238552a22e141f6f0e8d7f28c94df0624240adf5c4145d254eed639416560f
SSDEEP

6144:0V+Lnq/OKUuGzbvSrM3wnsft9B4r620JaN9zCgN62FqJv7tavIPOYeMXS:Hnq/sjHSrMgnsF706wgDtGIPO6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8cdb3286473eeea25e1579b354f7b8e1_JaffaCakes118

Files

8cdb3286473eeea25e1579b354f7b8e1_JaffaCakes118
.dll windows:4 windows x86 arch:x86

23c197f94be0bf547f4aa1571691fba3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLocalTime
GetTimeZoneInformation
GetCurrentThreadId
GetComputerNameA
FileTimeToSystemTime
FileTimeToLocalFileTime
LoadLibraryExA
SystemTimeToFileTime
GetSystemTime
Sleep
TerminateThread
OpenProcess
ResumeThread
FindClose
FindNextFileA
FindFirstFileA
DuplicateHandle
CreateEventA
SetEvent
CreateThread
LocalFree
VirtualQuery
SetFileTime
SetEnvironmentVariableA
CompareStringW
CompareStringA
FlushFileBuffers
SetStdHandle
IsBadCodePtr
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetOEMCP
GetACP
GetCPInfo
VirtualAlloc
VirtualFree
GetVersionExA
GetEnvironmentVariableA
HeapSize
HeapReAlloc
UnhandledExceptionFilter
TerminateProcess
SetUnhandledExceptionFilter
TlsGetValue
TlsFree
TlsAlloc
GetCommandLineA
GetSystemTimeAsFileTime
MoveFileA
ExitThread
TlsSetValue
RaiseException
RtlUnwind
GetSystemDirectoryA
GetFileTime
ReadFile
GetFileSize
DeleteFileA
CreateFileA
SetFilePointer
WriteFile
HeapCreate
HeapFree
HeapAlloc
OutputDebugStringA
GetTickCount
IsBadStringPtrA
WideCharToMultiByte
IsBadReadPtr
IsBadWritePtr
DeleteCriticalSection
HeapDestroy
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetVersion
DisableThreadLibraryCalls
GetShortPathNameA
lstrlenA
MultiByteToWideChar
lstrlenW
GetCurrentProcess
FlushInstructionCache
SetLastError
GetCurrentProcessId
WaitForSingleObject
GetAtomNameA
ExitProcess
CreateFileMappingA
GetLastError
MapViewOfFile
UnmapViewOfFile
CloseHandle
GetModuleHandleA
GetDiskFreeSpaceA
VirtualProtect
FreeLibrary
LoadLibraryA
GetProcAddress
InterlockedIncrement
InterlockedDecrement
GetProcessHeap
GetModuleFileNameA

user32

GetWindowRect
SetFocus
DestroyWindow
GetWindowTextLengthA
LoadIconA
DefWindowProcA
CreateWindowExA
RegisterWindowMessageA
SendMessageTimeoutA
GetClassNameA
UnregisterClassA
GetWindowTextA
GetWindowLongA
EnumChildWindows
IsWindowVisible
RegisterClassA
DispatchMessageA
GetMessageA
TranslateMessage
LoadCursorA
PostThreadMessageA
IsZoomed
GetKeyState
GetKeyboardLayoutNameA
GetForegroundWindow
GetFocus
CallNextHookEx
UnhookWindowsHookEx
SetWindowsHookExA
GetCursorPos
CallWindowProcA
RemovePropA
SetPropA
GetPropA
SetWindowLongA
GetWindow
IsWindowEnabled
SendMessageA
GetProcessWindowStation
OpenWindowStationA
SetProcessWindowStation
CloseWindowStation
PostMessageA
SetThreadDesktop
OpenDesktopA
GetThreadDesktop
OpenInputDesktop
GetUserObjectInformationA
CloseDesktop
LoadStringA
GetWindowThreadProcessId
EnumWindows
IsWindow
SetTimer
KillTimer
wsprintfA
GetParent
FindWindowExA

gdi32

GetStockObject

advapi32

GetUserNameA
RegEnumKeyExA
RegCreateKeyExA
RegSetValueExA
RegDeleteKeyA
LookupPrivilegeValueA
AdjustTokenPrivileges
OpenProcessToken
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
InitializeSecurityDescriptor
SetSecurityDescriptorDacl

ole32

CoCreateInstance
StringFromCLSID
CoTaskMemFree

oleaut32

SysAllocStringLen
VariantCopy
VariantChangeType
VariantClear
LoadRegTypeLi
SysFreeString
SysStringLen
GetErrorInfo

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

mpr

WNetGetConnectionA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
IAlloc

Sections

.text
Size: 348KB - Virtual size: 344KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 204KB - Virtual size: 202KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 88KB - Virtual size: 94KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.shared
Size: 4KB - Virtual size: 168B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 44KB - Virtual size: 40KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

23c197f94be0bf547f4aa1571691fba3

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

ole32

oleaut32

version

mpr

Exports

Exports

Sections

.text Size: 348KB - Virtual size: 344KB

.rdata Size: 204KB - Virtual size: 202KB

.data Size: 88KB - Virtual size: 94KB

.shared Size: 4KB - Virtual size: 168B

.reloc Size: 44KB - Virtual size: 40KB

.text
Size: 348KB - Virtual size: 344KB

.rdata
Size: 204KB - Virtual size: 202KB

.data
Size: 88KB - Virtual size: 94KB

.shared
Size: 4KB - Virtual size: 168B

.reloc
Size: 44KB - Virtual size: 40KB