9571522ec38e1d7a479a6ca57715bc4e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

9571522ec38e1d7a479a6ca57715bc4e_JaffaCakes118
Size

97KB
MD5

9571522ec38e1d7a479a6ca57715bc4e
SHA1

a04ec7f5a12e3ef8d2bc192c72679a64872939dc
SHA256

c2bd07645771e92b68fc4ff8d5e9a50ca40dfcdfe7e067f7091ef3bda65237f9
SHA512

eda7d784f35ff68bcfe8eb1d4c960ec730bce00bab43218c492ea843eb1b3ab13caf39c1cdb742ae47877602d131d40c103e5821330b2f334bdc5b7f2137cb4b
SSDEEP

1536:nlqiAAQ4BOMEyVC2QL2N94F3dWDLkjUXgMUa67K3MHVyD:ztgMEyVChL2N9Io0a675HUD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9571522ec38e1d7a479a6ca57715bc4e_JaffaCakes118

Files

9571522ec38e1d7a479a6ca57715bc4e_JaffaCakes118
.dll windows:4 windows x86 arch:x86

6f2031b81b42286e8051d4a235c53071

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_BYTES_REVERSED_LO
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL
IMAGE_FILE_BYTES_REVERSED_HI

Imports

kernel32

DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
VirtualFree
VirtualAlloc
LocalFree
LocalAlloc
GetTickCount
QueryPerformanceCounter
GetVersion
GetCurrentThreadId
GetThreadLocale
GetStartupInfoA
GetModuleFileNameA
GetLocaleInfoA
GetLastError
GetCommandLineA
FreeLibrary
ExitProcess
CreateThread
WriteFile
UnhandledExceptionFilter
SetFilePointer
SetEndOfFile
RtlUnwind
ReadFile
RaiseException
GetStdHandle
GetFileSize
GetFileType
CreateFileA
CloseHandle
TlsSetValue
TlsGetValue
TlsFree
TlsAlloc
LocalFree
LocalAlloc
WriteFile
WaitForSingleObject
TerminateProcess
Sleep
SetFileTime
SetFilePointer
SetFileAttributesA
ReleaseSemaphore
ReadFile
QueryPerformanceFrequency
QueryPerformanceCounter
OpenProcess
OpenFile
LoadLibraryA
GlobalUnlock
GlobalMemoryStatus
GlobalLock
GlobalFree
GlobalAlloc
GetWindowsDirectoryA
GetVolumeInformationA
GetVersionExA
GetVersion
GetSystemInfo
GetSystemDirectoryA
GetProfileIntA
GetProcAddress
GetModuleHandleA
GetLocalTime
GetLastError
GetFileSize
GetDriveTypeA
GetDiskFreeSpaceExA
GetComputerNameA
FreeLibrary
FindNextFileA
FindFirstFileA
FindClose
DeleteFileA
CreateSemaphoreA
CreateFileA
CreateDirectoryA
CopyFileA
CloseHandle

advapi32

RegQueryValueExA
RegOpenKeyExA
RegCloseKey
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA
RegDeleteValueA
RegDeleteKeyA
RegCreateKeyExA
RegCloseKey
GetUserNameA

gdi32

GetDeviceCaps
DeleteDC
CreateDCA

mpr

WNetOpenEnumA
WNetEnumResourceA
WNetCloseEnum

oleaut32

SysFreeString
SysReAllocStringLen

shell32

ShellExecuteA

user32

GetKeyboardType
MessageBoxA
CharNextA
keybd_event
ShowWindow
SetWindowLongA
SetForegroundWindow
SetClipboardData
PostMessageA
OpenClipboard
MessageBoxA
MapVirtualKeyA
GetWindowTextA
GetWindowLongA
GetKeyboardLayoutList
GetForegroundWindow
GetCursorPos
GetClientRect
GetClassNameA
FindWindowExA
FindWindowA
EnableWindow
EmptyClipboard
CloseClipboard
CallWindowProcA

wsock32

WSACleanup
WSAStartup
WSAGetLastError
gethostname
gethostbyname
socket
send
recv
inet_ntoa
inet_addr
htons
connect
closesocket

Exports

Exports

GetAndSet

Sections

SIM0
Size: 92KB - Virtual size: 92KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.avc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

6f2031b81b42286e8051d4a235c53071

Headers

File Characteristics

Imports

kernel32

advapi32

gdi32

mpr

oleaut32

shell32

user32

wsock32

Exports

Exports

Sections

SIM0 Size: 92KB - Virtual size: 92KB

.rsrc Size: 1024B - Virtual size: 4KB

.avc Size: 3KB - Virtual size: 4KB

SIM0
Size: 92KB - Virtual size: 92KB

.rsrc
Size: 1024B - Virtual size: 4KB

.avc
Size: 3KB - Virtual size: 4KB