a36b762c31b6b5cdaaa2b9d86f52c12c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a36b762c31b6b5cdaaa2b9d86f52c12c_JaffaCakes118
Size

174KB
MD5

a36b762c31b6b5cdaaa2b9d86f52c12c
SHA1

92b9bc352da78eed3e4d1a6899fb0063eeaa7685
SHA256

e6beb2b9d58e6c75cb94d9e440e9f23f55feac32716cbb660bb137bfebc91a53
SHA512

7f1b7230a448035e12c31374d9ad56e23874559a445c05c6f64e5da1ac2bd340a4eebaabe667d771662404b1ac56120571c5042507505f3374dc4519ecba067c
SSDEEP

3072:NU+lmJZDv9zYly1B+vexQoQToqyAHxSyV+NUwGJeXL:G+YJZDVzr/xQzxyixrNwl

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a36b762c31b6b5cdaaa2b9d86f52c12c_JaffaCakes118

Files

a36b762c31b6b5cdaaa2b9d86f52c12c_JaffaCakes118
.dll windows:4 windows x86 arch:x86

5959b75e0a6e1552207500a0d4e95b64

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

user32

EnumThreadWindows
MessageBoxA
wsprintfA

kernel32

CloseHandle
CreateFileA
EnterCriticalSection
ExitProcess
FindAtomW
FreeEnvironmentStringsA
GetACP
GetCPInfo
GetCurrentProcess
GetCurrentThreadId
GetEnvironmentStrings
GetFileType
GetLastError
GetLocalTime
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetStdHandle
GetStringTypeW
GetVersion
GetVersionExA
GetVersionExW
GlobalMemoryStatus
HeapAlloc
HeapFree
InitializeCriticalSection
LeaveCriticalSection
LoadLibraryA
OpenWaitableTimerA
RaiseException
RtlUnwind
SetConsoleCtrlHandler
SetFilePointer
SetHandleCount
SetLastError
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
VirtualFreeEx
VirtualQuery
WriteFile

advapi32

CryptEncrypt
ObjectOpenAuditAlarmW
ObjectPrivilegeAuditAlarmW
PrivilegedServiceAuditAlarmW

comdlg32

PageSetupDlgW

ole32

CLSIDFromProgID

Exports

Exports

___CPPdebugHook

Sections

.text
Size: 105KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 49KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5959b75e0a6e1552207500a0d4e95b64

Headers

File Characteristics

Imports

user32

kernel32

advapi32

comdlg32

ole32

Exports

Exports

Sections

.text Size: 105KB - Virtual size: 108KB

.data Size: 49KB - Virtual size: 64KB

.tls Size: 512B - Virtual size: 4KB

.idata Size: 2KB - Virtual size: 4KB

.edata Size: 512B - Virtual size: 4KB

.rsrc Size: 512B - Virtual size: 4KB

.reloc Size: 14KB - Virtual size: 16KB

.text
Size: 105KB - Virtual size: 108KB

.data
Size: 49KB - Virtual size: 64KB

.tls
Size: 512B - Virtual size: 4KB

.idata
Size: 2KB - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 4KB

.reloc
Size: 14KB - Virtual size: 16KB