947d378bef9b69148790e83f45382db4_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

947d378bef9b69148790e83f45382db4_JaffaCakes118
Size

161KB
MD5

947d378bef9b69148790e83f45382db4
SHA1

b20d90ba46bc29587a2de7ca33c42cb1fb1f4b99
SHA256

8b8e68db91dcdec6b95a52d85e05b4d7106d86fc70bd2acd5dffbb49adb9363f
SHA512

59b2689f80dd1e5410ba34e59b33c54b8bbdc4557ba4a6a98c61673610fc73e241f7903ca4608ffeaf84141b1cc636d2a20563c8a8959fdbe7ea0bc01d6de76f
SSDEEP

3072:f0jMuTsT4Ah0sXyUnD20mMpw1jL8FztH0v6A:8ZTe44pTD2Lo0v6A

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
947d378bef9b69148790e83f45382db4_JaffaCakes118

Files

947d378bef9b69148790e83f45382db4_JaffaCakes118
.dll windows:4 windows x86 arch:x86

04f90ddbaa23d3d651feb4818ae1de97

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

IsBadReadPtr
FindClose
FindFirstFileA
DeleteFileA
InterlockedExchange
OpenEventA
SetUnhandledExceptionFilter
SetErrorMode
GetTickCount
VirtualProtect
MoveFileA
WriteFile
SetFilePointer
CopyFileA
InitializeCriticalSection
DeleteCriticalSection
VirtualFree
VirtualAlloc
LeaveCriticalSection
EnterCriticalSection
CreateEventA
SetEvent
CancelIo
ResetEvent
GetLastError
CreateDirectoryA
GetFileAttributesA
lstrlenA
CreateProcessA
lstrcatA
GetDriveTypeA
GetDiskFreeSpaceExA
GetVolumeInformationA
GetLogicalDriveStringsA
LocalFree
FindNextFileA
LocalReAlloc
LocalAlloc
RemoveDirectoryA
GetFileSize
TerminateThread
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
GetSystemInfo
LoadLibraryA
GetCurrentThreadId
LCMapStringW
LCMapStringA
GetStringTypeW
GetStringTypeA
GetLocaleInfoA
MultiByteToWideChar
HeapSize
GetOEMCP
GetACP
GetCPInfo
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
WideCharToMultiByte
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
InterlockedDecrement
InterlockedIncrement
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetStdHandle
GetCurrentProcess
VirtualQueryEx
SetLastError
GetModuleHandleA
GetProcAddress
Sleep
GetModuleFileNameA
ReadFile
CreateFileA
CreateThread
WaitForSingleObject
CloseHandle
GetVersionExA
lstrcpyA
GetLocalTime
HeapCreate
HeapDestroy
GetProcessHeap
GetCommandLineA
ExitThread
IsDebuggerPresent
UnhandledExceptionFilter
TerminateProcess
HeapFree
RaiseException
ExitProcess
RtlUnwind
HeapAlloc
HeapReAlloc

user32

PostMessageA
GetForegroundWindow
SetWindowPos
RegisterHotKey
SetForegroundWindow
SetWindowTextA
DefWindowProcA
EnableWindow
wsprintfA
GetWindowTextA
CharNextA
LoadCursorA
DestroyCursor
keybd_event
MapVirtualKeyA
DialogBoxParamA
GetCursorInfo
OpenDesktopA
GetThreadDesktop
GetUserObjectInformationA
OpenInputDesktop
SetThreadDesktop
CloseDesktop
GetCursorPos
SetRect
GetDC
ReleaseDC
GetDesktopWindow
SendMessageA
SystemParametersInfoA
BlockInput
GetSystemMetrics
GetClipboardData
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
mouse_event
SetCursorPos
WindowFromPoint
SetCapture

gdi32

CreateDIBSection
SelectObject
BitBlt
CreateCompatibleBitmap
GetDIBits
DeleteDC
DeleteObject
CreateCompatibleDC

advapi32

RegOpenKeyExA
RegQueryValueA
RegCloseKey

shell32

SHGetFileInfoA

ws2_32

getsockname
inet_ntoa
gethostbyname
gethostbyaddr
inet_addr
WSAStartup
closesocket
setsockopt
send
WSACleanup
recv
select
WSAIoctl
socket
htons
connect

Exports

Exports

GetMiscInfo
GetPlayerSysHeadIco
GetPlayerSysProfile

Sections

.text
Size: 124KB - Virtual size: 121KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 300B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

04f90ddbaa23d3d651feb4818ae1de97

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ws2_32

Exports

Exports

Sections

.text Size: 124KB - Virtual size: 121KB

.data Size: 12KB - Virtual size: 16KB

.rsrc Size: 4KB - Virtual size: 300B

.reloc Size: 12KB - Virtual size: 8KB

.text
Size: 124KB - Virtual size: 121KB

.data
Size: 12KB - Virtual size: 16KB

.rsrc
Size: 4KB - Virtual size: 300B

.reloc
Size: 12KB - Virtual size: 8KB