a54c1e15b91ddd22dd70e3ac38eecb15_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

a54c1e15b91ddd22dd70e3ac38eecb15_JaffaCakes118
Size

110KB
MD5

a54c1e15b91ddd22dd70e3ac38eecb15
SHA1

76b9a3d03a095b7841a0317fe8a6eaf74472e195
SHA256

73995e51b5890476577dd5a381deaec9f9c281165ec001b08111a10273b7155a
SHA512

4bd753bafb04b37d9df6c8cce583c8b1800cc32875ff6f9d432299c66c2aa8a9d2e322402001489a6818a29cf842aee38938349ff55c30922ca0f8157b423b7e
SSDEEP

1536:I+HEpAA8qjDOsD76FaSHHUn14/JJJUgMrfavSqYD8ZlW6dTgYTd+El+XWCaW5MP:bqpTjCsDoy4/JjYrQ74glWWd3mCWo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a54c1e15b91ddd22dd70e3ac38eecb15_JaffaCakes118

Files

a54c1e15b91ddd22dd70e3ac38eecb15_JaffaCakes118
.dll windows:4 windows x86 arch:x86

3e98a006bab4a494be22242d95e0837c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLocalTime
GetCurrentThreadId
GetVersionExA
IsBadReadPtr
lstrlenA
GetModuleHandleA
GetProcAddress
GetHandleInformation
QueryPerformanceCounter
lstrcmpiA
OpenSemaphoreA
InterlockedIncrement
IsBadCodePtr
VirtualQuery
VirtualAlloc
lstrcpyW
OpenEventW
GetProcessHeap
InterlockedExchangeAdd
IsBadWritePtr
IsBadStringPtrA
LoadLibraryA
GetVersion
VirtualProtect
MulDiv
GetCurrentProcess
lstrcmpiW
lstrcpyA
lstrlenW
GetTickCount

user32

IsCharLowerA
GetForegroundWindow
IsCharUpperA
GetParent
GetWindowTextLengthA
GetAncestor
GetWindowPlacement
GetWindowDC
GetWindowTextA
IsWindowUnicode
IsCharAlphaNumericA
WindowFromDC
GetWindow
GetClientRect
GetDesktopWindow

gdi32

GetStretchBltMode

ole32

CoRevertToSelf
CoDosDateTimeToFileTime

shell32

DuplicateIcon
ord680

shlwapi

PathFindExtensionA
PathIsLFNFileSpecA
PathGetCharTypeW
PathGetDriveNumberA
PathIsFileSpecA
PathQuoteSpacesW
PathIsUNCA
StrStrW
StrCmpNW
PathUnquoteSpacesW
PathSkipRootA
PathRemoveFileSpecW
PathRemoveFileSpecA
PathCanonicalizeA
PathBuildRootW
StrPBrkW
PathCreateFromUrlW
PathUnquoteSpacesA
PathRemoveBackslashA
PathIsUNCServerW
StrStrA
StrCSpnA
PathIsUNCServerShareW
PathIsLFNFileSpecW
PathCanonicalizeW
PathAddExtensionA
ChrCmpIA
PathFindFileNameA
StrPBrkA
PathAddExtensionW
StrSpnW
PathRemoveBackslashW
PathGetDriveNumberW
StrChrIA
StrCmpNIA
PathRemoveBlanksW
PathIsRootA
StrCSpnIW
PathIsRootW
PathCreateFromUrlA
PathIsUNCServerA
PathIsRelativeA
PathUndecorateW
PathMakePrettyA
StrChrW
PathCompactPathExA
PathIsRelativeW
PathIsURLA
PathMakePrettyW
PathIsSameRootW
StrCpyNW
StrChrA
PathCommonPrefixA
PathStripToRootW
StrChrIW

msvcrt

_adjust_fdiv
malloc
_initterm
strspn
_mbsncmp
_mbslwr
_mbscpy
wcscoll
_wcsicmp
wcspbrk
srand
wcslen
_itoa
_strnset
_mbctohira
_mbsset
rand
_strrev
calloc
_strlwr
_strncoll
_mbsspnp
_mbsnicoll
_wstrdate
_mbsstr
_memicmp
_getdrive
isalpha
_mbcjistojms
_swab
_finite
mbstowcs
floor
_mbslen
_hypot
_CIfmod
free
strpbrk
wctomb
realloc
_mbccpy
difftime
time
wcscmp
iscntrl
isdigit
wcsxfrm
_mbsninc
_wcsncoll
wcschr
wcsrchr
_CIasin
_getdrives
_mbsicoll
_mbbtype
_getmaxstdio
strchr
_wgetenv
_scalb
_mbclen
_mbschr
_wcsset
wcsspn
_mbstrlen
_wcsnicoll

Sections

.text
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 89KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3e98a006bab4a494be22242d95e0837c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

ole32

shell32

shlwapi

msvcrt

Sections

.text Size: 11KB - Virtual size: 11KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 89KB - Virtual size: 95KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 11KB - Virtual size: 11KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 89KB - Virtual size: 95KB

.reloc
Size: 4KB - Virtual size: 3KB