a2f01d22192fc85e932e17417cebd94e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a2f01d22192fc85e932e17417cebd94e_JaffaCakes118
Size

10KB
MD5

a2f01d22192fc85e932e17417cebd94e
SHA1

7984af4cf2947e63ce82b7f43b72132e3b558fa9
SHA256

e58d89d748b6ce05576574a76e1d0d7f45436066ba54574bb06e9312a481c8a9
SHA512

aabe77f9a6f8ba22d2ece3d73de7402ca456d94c19a093f38e81c819e73dbf92cf1c00efd3d3d3a4e4b51d0a9d2bb5d4bfa2a9673b06b59b6bb7a05cac0cb487
SSDEEP

192:189/oWrLtOUwaRfmnhLW48VOg0Twa4WVMBMrpU8jekDoYB8wVUGb:1uoSROZxok4hueioK8w7

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a2f01d22192fc85e932e17417cebd94e_JaffaCakes118

Files

a2f01d22192fc85e932e17417cebd94e_JaffaCakes118
.dll windows:4 windows x86 arch:x86

8a050b733f18f9a9adadf4b97f7ff85a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateTapePartition
CreateToolhelp32Snapshot
EndUpdateResourceA
EnumResourceNamesA
ExitProcess
FlushViewOfFile
GetCPInfoExW
GetCommMask
GetCommandLineA
GetComputerNameW
GetDateFormatA
GetEnvironmentVariableA
GetShortPathNameW
GetSystemInfo
GetVersionExW
GlobalFix
GlobalGetAtomNameA
IsBadStringPtrW
LocalReAlloc
OpenSemaphoreW
PrepareTape
RtlMoveMemory
SetConsoleTextAttribute
SetLocaleInfoW
SetMessageWaitingIndicator
SetupComm
Sleep
UpdateResourceA
lstrcmpA

advapi32

AccessCheckAndAuditAlarmA
AllocateLocallyUniqueId
BuildExplicitAccessWithNameW
BuildImpersonateTrusteeW
BuildTrusteeWithNameA
CreateServiceW
CryptDestroyKey
CryptEncrypt
CryptEnumProviderTypesA
CryptSetProviderW
DuplicateTokenEx
FreeSid
GetOverlappedAccessResults
GetSecurityDescriptorDacl
GetTrusteeNameA
IsValidSecurityDescriptor
LookupPrivilegeNameA
LookupPrivilegeNameW
LookupPrivilegeValueA
NotifyBootConfigStatus
NotifyChangeEventLog
QueryServiceConfigW
RegEnumKeyExW
RegQueryInfoKeyA
RegSetValueA
RegisterEventSourceA
SetEntriesInAccessListW
SetSecurityInfoExW

user32

ActivateKeyboardLayout
CascadeWindows
ChangeMenuW
CharLowerW
DdeAccessData
DdeCreateStringHandleW
DdeGetLastError
DlgDirListW
FillRect
GetAncestor
GetClipCursor
GetClipboardFormatNameA
GetKeyboardLayoutNameW
GetMenuInfo
GetMonitorInfoA
GetScrollRange
GetWindowInfo
IntersectRect
InvertRect
LookupIconIdFromDirectory
PtInRect
RealGetWindowClass
RegisterHotKey
SendDlgItemMessageW
SetMenuContextHelpId
SetMenuItemInfoA
TranslateMessage
UserClientDllInitialize
WindowFromDC

gdi32

BeginPath
CreateDIBPatternBrush
CreateDIBPatternBrushPt
CreateHalftonePalette
CreatePolygonRgn
Ellipse
EndDoc
EndPage
ExtSelectClipRgn
GetBrushOrgEx
GetCharWidthW
GetEnhMetaFileBits
GetObjectW
GetWinMetaFileBits
LPtoDP
PathToRegion
PolyBezierTo
PolyPolyline
PolylineTo
PtInRegion
ScaleViewportExtEx
SetBrushOrgEx
SetMetaRgn
SetROP2
SetViewportExtEx
WidenPath

Exports

Exports

ConnectionHiddenAdd
ConnectionHiddenRemove
DisallowedAdd
DisallowedRemove
Exec
InjectorAdd
InjectorRemove
ProcessKill
ProcessList
ProcessTrustedAdd
ProcessTrustedRemove
RegistryHiddenAdd
RegistryHiddenRemove
Update

Sections

.text
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8a050b733f18f9a9adadf4b97f7ff85a

Headers

File Characteristics

Imports

kernel32

advapi32

user32

gdi32

Exports

Exports

Sections

.text Size: 512B - Virtual size: 4KB

.data Size: 9KB - Virtual size: 16KB

.idata Size: - Virtual size: 4KB

.rsrc Size: - Virtual size: 8KB

.text
Size: 512B - Virtual size: 4KB

.data
Size: 9KB - Virtual size: 16KB

.idata
Size: - Virtual size: 4KB

.rsrc
Size: - Virtual size: 8KB