93e2eaf1579ed26b34850e23d77b1989_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

93e2eaf1579ed26b34850e23d77b1989_JaffaCakes118
Size

77KB
MD5

93e2eaf1579ed26b34850e23d77b1989
SHA1

dc6ecce696e5719e7e9613890736b9c98d83f6b5
SHA256

aff8ca3ab2dba9be474835fd0e757a0c3ccf62fe5321a886deaa831daef39138
SHA512

7905eb205f6a33e7852f649e910a969fb50dc91eb34e5d98e747018c516c941ef0dd5aa49290c9b8ba6a9b0d26ce62bed11575db4c2afbf1e6ec3538f5322025
SSDEEP

1536:WX6/rVvrG058a1Spj9VMkc2O3iGcp/C5kKy5r10e8tXHTIWR:WXEpvZ83RVoip/eHsZOt3n

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
93e2eaf1579ed26b34850e23d77b1989_JaffaCakes118

Files

93e2eaf1579ed26b34850e23d77b1989_JaffaCakes118
.dll windows:4 windows x86 arch:x86

06bc67e181dcc0cd21a9cf54c7734ab4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

MapViewOfFileEx
CreateTimerQueueTimer
GetVolumeInformationW
ReadProcessMemory
ResetEvent
GetCPInfo
ChangeTimerQueueTimer
GetSystemDefaultUILanguage
CreateMutexW
MoveFileExW
DeleteCriticalSection
SystemTimeToFileTime
WriteConsoleA
WinExec
WideCharToMultiByte
ClearCommError
IsValidCodePage
GetLocaleInfoW
GlobalFindAtomW
PulseEvent
GetConsoleMode
PeekConsoleInputA
SetSystemTime
DeleteFileW
HeapWalk
DuplicateHandle
InterlockedCompareExchange
OpenThread
GetComputerNameExW
OpenMutexA
FindFirstFileExW
HeapCreate
GetDriveTypeA
GetFileInformationByHandle
GetProfileStringA
GlobalHandle
Sleep
SizeofResource
OpenProcess
SetFilePointerEx
GetCurrentDirectoryA
EscapeCommFunction
HeapReAlloc
CreateNamedPipeA
ReadConsoleInputA
IsBadReadPtr
FindFirstVolumeW
lstrcpynW
EnumResourceNamesA
FileTimeToLocalFileTime
GlobalGetAtomNameA
SetHandleInformation
FindNextVolumeW
RemoveDirectoryA
CreateToolhelp32Snapshot
GetEnvironmentStrings
CopyFileW
LocalSize
DeviceIoControl
FindResourceExA
FindNextFileA
CreateRemoteThread
UpdateResourceA
FindVolumeMountPointClose
GetFileAttributesExA
ReleaseSemaphore
ConnectNamedPipe
GetBinaryTypeW
SetCurrentDirectoryW
CreatePipe
DosDateTimeToFileTime
FindAtomW
GetFileSizeEx
SetConsoleScreenBufferSize
WriteFile
PurgeComm
SetVolumeMountPointW
LCMapStringW
MoveFileW
GetCurrentThread
CreateMailslotW
GetVolumeNameForVolumeMountPointW
SearchPathW
WaitNamedPipeA
FindClose
RtlUnwind
SetConsoleTitleA
LockFileEx
GetTempFileNameW
IsProcessorFeaturePresent
LCMapStringA
lstrcatA
ExpandEnvironmentStringsA
lstrcmpiW
CreateEventA
GetTempPathW
WaitNamedPipeW
GetModuleHandleExW
GetDiskFreeSpaceExW
EnumResourceLanguagesW
CreateSemaphoreA
GetVersion
ProcessIdToSessionId
OpenFile
WaitForMultipleObjectsEx
GetEnvironmentVariableA
GetCommandLineA
GetUserDefaultUILanguage
SwitchToThread
BindIoCompletionCallback
AssignProcessToJobObject
IsBadHugeReadPtr
GetDiskFreeSpaceA
GetTempFileNameA
lstrcpyW
CreateFileMappingA
InitializeCriticalSection
HeapValidate
CreateMutexA
EnterCriticalSection
lstrlenW
UnmapViewOfFile
GetModuleHandleA
VirtualQuery
LoadLibraryA
GetLastError
GetSystemTimeAsFileTime
MapViewOfFile
CopyFileA
lstrcatW
VirtualProtect
CreateProcessA
GetModuleFileNameA
CloseHandle
GetProcessHeap
GetProcAddress
CreateDirectoryA
LocalFree
ReleaseMutex
GlobalReAlloc

user32

BeginPaint
GetScrollBarInfo
SetMenuItemInfoW
UpdateWindow
ClientToScreen
GetPropA
SetWindowPlacement
LoadImageW
DefWindowProcA
PostMessageA
CloseWindowStation
UnregisterHotKey
CreateDialogParamW
TranslateAcceleratorA
OpenWindowStationA
GetWindowWord
SetWindowLongA
GetDoubleClickTime
SetCapture
CopyIcon
GetMenuState
GetClassInfoA
RemovePropW
GetIconInfo
CharUpperBuffW
wsprintfA
OemToCharA
LoadMenuW
CharPrevW
CharToOemA
ChangeDisplaySettingsExW
CreateAcceleratorTableW
SetCaretPos
GetUserObjectInformationA
InsertMenuItemW
AllowSetForegroundWindow
MonitorFromRect
EnumDisplaySettingsA
GetDlgItem
SendDlgItemMessageW
AttachThreadInput
GetMenuItemRect
MonitorFromWindow
GetClassNameW
SetDlgItemTextW
GetMonitorInfoW
VkKeyScanA
CharUpperW
UnhookWindowsHook
IsCharAlphaA
GetScrollInfo
ShowCaret
ModifyMenuA
ChangeMenuA
WinHelpA
SetCursorPos
IsCharAlphaW
MoveWindow
EnableMenuItem
PostThreadMessageW
IsCharAlphaNumericW
GetUpdateRgn
DefMDIChildProcA
LockWindowUpdate
GetMenuItemCount
GetAsyncKeyState
PostThreadMessageA
InvalidateRect
GetWindow
ShowWindowAsync
OemToCharBuffA
GetMessagePos
CloseDesktop
SystemParametersInfoW
ReplyMessage
DestroyCaret
GetNextDlgGroupItem
SetWindowTextA
ScrollWindow
GetCaretBlinkTime
ScrollDC
GetClassInfoExW
CopyImage
MessageBoxIndirectW
GetSystemMetrics
CallWindowProcA
RemoveMenu
EndTask
SystemParametersInfoA
wvsprintfW
DrawTextW
InsertMenuItemA
AdjustWindowRect
GetLastActivePopup
GetWindowRect
CreateWindowExA
GetWindowTextLengthW
SetWindowTextW
CheckMenuRadioItem
IsZoomed
ScreenToClient
SetCursor
GetWindowTextA
GetWindowInfo
DefMDIChildProcW
RedrawWindow
DefDlgProcA
GetDlgItemTextA
GetWindowLongA
CreateCaret
CharUpperBuffA
EndDeferWindowPos
SetProcessWindowStation
OpenInputDesktop
IsMenu
InSendMessageEx
SetParent
SetWindowWord
CreateIconFromResourceEx
DrawAnimatedRects
GetScrollPos
GetMessageA
UnhookWindowsHookEx
CallNextHookEx
KillTimer
SetWindowsHookExA
DispatchMessageA
SetTimer
SetPropA

shlwapi

PathCanonicalizeW
StrChrIW
SHSetValueW
PathRemoveExtensionW
StrStrA
UrlCombineW
SHStrDupW
PathFileExistsW
SHRegSetPathW
StrCmpNW
SHSetValueA
StrCmpIW
PathIsDirectoryW
StrRChrW
PathCreateFromUrlW
PathParseIconLocationW
PathIsPrefixW
PathStripToRootW
StrToIntExW
PathRemoveFileSpecW
StrStrIA
StrStrIW
PathFindNextComponentW

advapi32

RegCloseKey
SetSecurityInfo
GetUserNameA
GetSecurityDescriptorSacl
ImpersonateNamedPipeClient
RegSaveKeyW
RegLoadKeyA
RegFlushKey
QueryServiceConfigW
QueryServiceLockStatusA
RegisterServiceCtrlHandlerExA
RegQueryValueW
CloseEventLog
RegEnumKeyW
RegConnectRegistryW
ReportEventW
StartServiceA
OpenServiceA
GetInheritanceSourceW
ControlService
OpenEventLogA
StartServiceCtrlDispatcherW
EnumDependentServicesA
QueryServiceConfigA
ImpersonateLoggedOnUser
SetTokenInformation
NotifyChangeEventLog
RegSetValueA
RegConnectRegistryA
RegDeleteValueW
MakeSelfRelativeSD
StartServiceCtrlDispatcherA
DuplicateToken
EnumDependentServicesW
RegSetValueExA

Exports

Exports

DllInit
DllInstall

Sections

.text
Size: 52KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 996B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

06bc67e181dcc0cd21a9cf54c7734ab4

Headers

File Characteristics

Imports

kernel32

user32

shlwapi

advapi32

Exports

Exports

Sections

.text Size: 52KB - Virtual size: 48KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 996B

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 52KB - Virtual size: 48KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 996B

.reloc
Size: 4KB - Virtual size: 2KB