97522e006998ffaef9ab0b56b85b047d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

97522e006998ffaef9ab0b56b85b047d_JaffaCakes118
Size

124KB
MD5

97522e006998ffaef9ab0b56b85b047d
SHA1

11df9abb54e0bffb4a0b2b341bbd6806b32d9478
SHA256

9487b58fae6a526b2bf3548d10b0ea971d6d2b15d5eaa2158abcbe41d25c9513
SHA512

6ddc293bddf417087c34192e664e184f00888692779a736bb9d81b496a342a91f78a2de96b210f8259bda04aa7f7aa3731783ce6cb6ed5753ed8906ea660f108
SSDEEP

3072:C2FN/ioccs7HkZNbwcuDbVbaxlVWf8zCpdy+UwXv:CoNBczj8Qh8zIdy+U2v

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
97522e006998ffaef9ab0b56b85b047d_JaffaCakes118

Files

97522e006998ffaef9ab0b56b85b047d_JaffaCakes118
.dll windows:4 windows x86 arch:x86

3ddb51829f61bef7f7ca4da32d9090e4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapAlloc
OpenEventA
CreateEventA
WriteFile
EnterCriticalSection
GetModuleFileNameA
GetComputerNameA
CreateProcessA
lstrlenW
HeapFree
CreateDirectoryA
GetModuleHandleA
ExitProcess
lstrlenA
GetVolumeInformationA
CloseHandle
GetProcessHeap
LeaveCriticalSection
GetCurrentProcessId
GetLastError
GetTickCount
SetLastError
CreateFileMappingA
MapViewOfFile
GetCommandLineA
CreateMutexA
CreateFileA
LocalFree
WaitForSingleObject
InterlockedIncrement
CopyFileA
InterlockedCompareExchange
InterlockedDecrement
ReleaseMutex
Sleep
UnmapViewOfFile
LoadLibraryA
GetProcAddress

ole32

OleCreate
CoCreateGuid
CoTaskMemAlloc
OleSetContainedObject
CreateBindCtx
CoInitialize
CoUninitialize

user32

CreateWindowExA
SetTimer
DispatchMessageA
DestroyWindow
PostMessageA
DefWindowProcA
KillTimer
SetWindowLongA
FindWindowA
SetWindowsHookExA
GetWindowLongA
RegisterWindowMessageA
PostQuitMessage
GetMessageA
SendMessageA
UnhookWindowsHookEx
GetParent
GetSystemMetrics
GetClassNameA
TranslateMessage
GetWindowThreadProcessId

oleaut32

SysAllocString
SysAllocStringLen
SysFreeString

shlwapi

StrStrIW
UrlUnescapeW

advapi32

GetUserNameA
RegCreateKeyExA
RegOpenKeyExA
RegCloseKey
RegSetValueExA
RegDeleteValueA
RegQueryValueExA

shell32

SHGetFolderPathA

Exports

Exports

smpPathCres

Sections

.text
Size: 104KB - Virtual size: 101KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3ddb51829f61bef7f7ca4da32d9090e4

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

shlwapi

advapi32

shell32

Exports

Exports

Sections

.text Size: 104KB - Virtual size: 101KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 8KB - Virtual size: 7KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 104KB - Virtual size: 101KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 8KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 2KB