971fe5b88b4494d1d3c8f65573936a7e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

971fe5b88b4494d1d3c8f65573936a7e_JaffaCakes118
Size

93KB
MD5

971fe5b88b4494d1d3c8f65573936a7e
SHA1

c5580990ca9c7132948a4e0a9fc8c1e1066f66bd
SHA256

1ce6c40106e60bfd5ad746e8663bfbc61d3ba3978d42a393666e34b92587a7d2
SHA512

ca40b519756960582701d95d99a388b2179c15f430408a0f83b075f23715264fa0b6a909d89f118cd81e136040e133dbc1f455304dbd1e01f2f228b2456375c8
SSDEEP

1536:10frx4ozCNEVgDLE04dJs5vJt4bmjXo/y+sH8C+xmANvgW7Ct2:2t4ozCyVd0wJs5vz9jY/LFAivgW7Ct2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
971fe5b88b4494d1d3c8f65573936a7e_JaffaCakes118

Files

971fe5b88b4494d1d3c8f65573936a7e_JaffaCakes118
.dll windows:4 windows x86 arch:x86

8d8b8f2bfcfb7a4e96b969b0707dbd7f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InitializeCriticalSection
GetLastError
GetCurrentThreadId
InterlockedDecrement
EnterCriticalSection
LeaveCriticalSection
lstrlenA
DeleteCriticalSection
lstrlenW
GetFileAttributesW
CreateMutexW
FormatMessageW
MultiByteToWideChar
FreeLibrary
GetProcAddress
LoadLibraryW
InterlockedCompareExchange
InterlockedExchange
Sleep
TerminateProcess
GetCurrentProcess
CreateEventW
SetUnhandledExceptionFilter
LocalFree
TlsGetValue
AreFileApisANSI
IsBadReadPtr
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
IsBadStringPtrW
WideCharToMultiByte
TlsAlloc
ExitProcess
TerminateThread
InterlockedIncrement
CloseHandle
GetExitCodeThread
SetEvent
WaitForSingleObject
CreateThread
GetLocalTime
lstrcatA
OutputDebugStringA
IsBadWritePtr
GetVersion
GetTickCount
UnhandledExceptionFilter
VirtualProtect

user32

SetWindowTextW
GetDlgItem
SendMessageW
MessageBoxW
LoadStringW
SetForegroundWindow
SetWindowLongW
EnumWindows
wsprintfA

advapi32

RegDeleteValueW
RegQueryValueExW
RegCreateKeyExW
RegCloseKey
RegSetValueExW
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExW

ole32

CoTaskMemAlloc
CoTaskMemFree
CoGetMalloc
IsValidInterface
CoQueryReleaseObject
CoCreateInstance
StringFromGUID2
CoCreateFreeThreadedMarshaler
CreateStreamOnHGlobal

msvcrt

_initterm
_ftol
_except_handler3
time
__CxxFrameHandler
free
malloc
realloc
_vsnprintf
_adjust_fdiv
wcscpy
memset
memmove

Sections

.text
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8d8b8f2bfcfb7a4e96b969b0707dbd7f

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

msvcrt

Sections

.text Size: 51KB - Virtual size: 51KB

.rdata Size: 36KB - Virtual size: 35KB

.data Size: 512B - Virtual size: 34KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 51KB - Virtual size: 51KB

.rdata
Size: 36KB - Virtual size: 35KB

.data
Size: 512B - Virtual size: 34KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 2KB