a5e05aa264120257a6ab0d02141269fa_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a5e05aa264120257a6ab0d02141269fa_JaffaCakes118
Size

176KB
MD5

a5e05aa264120257a6ab0d02141269fa
SHA1

5b405619a18e056abe4967a92df5a5871a4a1326
SHA256

56cb4c798359751ccf81011706c3941ce314c0763530b7993f11b96933003ceb
SHA512

44f8018eddf05452b0be3945281b903242d95d02c89b3c9aa678d56cc8a1949e04bb3832fa8b7d6a24581ab7ccc95959e539ee950c1de5ed87a4dc1d1ca1bfb1
SSDEEP

3072:+L0KI2wKbY1lqvMGXegFc/kRbTrU4x/a+kLEGX/YrtN5z6QQYt3:+Lpj7QqvMmegnRXrU4x/aFtXkN5GQQs3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a5e05aa264120257a6ab0d02141269fa_JaffaCakes118

Files

a5e05aa264120257a6ab0d02141269fa_JaffaCakes118
.dll windows:4 windows x86 arch:x86

4afd06d08aae4ad39776531a5b341b4c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetPrivateProfileStringW
GlobalFlags
GlobalUnWire
GetVersionExW
CreateMutexW
FindClose
FindNextFileW
ReleaseMutex
DeleteFileW
GlobalUnlock
GlobalLock
MultiByteToWideChar
VirtualAlloc
VirtualFree
OpenMutexW
lstrcpyW
LocalUnlock
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
InterlockedCompareExchange
WriteFile
WritePrivateProfileStringW
GetVersionExA
FormatMessageA
LocalFree
LoadLibraryA
GlobalAlloc
GetCurrentProcessId
GetAtomNameW
GetTickCount
VirtualQuery
TlsSetValue
TlsGetValue
GetPrivateProfileIntW
GetVolumeInformationW
GlobalHandle
FindFirstFileW
InterlockedExchange
RaiseException
LoadLibraryW
GetProcAddress
OpenEventW
HeapDestroy
DeleteCriticalSection
FreeLibrary
GetProcessHeap
lstrlenW
lstrcmpiW
HeapFree
DeviceIoControl
LocalAlloc
InitializeCriticalSection
ExitThread
Sleep
SetEvent
CreateFileA
GetLastError
LeaveCriticalSection
CreateThread
InterlockedDecrement
WaitForSingleObjectEx
ResetEvent
GetCurrentThreadId
InterlockedIncrement
CloseHandle
CreateEventA
EnterCriticalSection
GlobalFree
VirtualProtect
GetCommandLineA
WaitForSingleObject

user32

LoadCursorW
MsgWaitForMultipleObjects
PeekMessageW
CharNextW
DispatchMessageW
GetFocus
InvalidateRect
GetUpdateRect
FillRect
ScrollWindow
ValidateRect
EndPaint
BeginPaint
ShowCursor
GetParent
GetClientRect
RegisterClipboardFormatW
SetCursor
IsWindow
GetClassLongW
SetClassLongW
GetDC
GetSystemMetrics
LoadStringW
ReleaseDC
SetRect
SetScrollInfo
wsprintfW

advapi32

OpenSCManagerA
ControlService
DeleteService
RegQueryValueExA
RegOpenKeyExA
CreateServiceA
RegSetValueExA
RegEnumKeyExA
RegOpenKeyExW
RegSetValueExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW
RegQueryValueExW
RegQueryInfoKeyW
RegCreateKeyExW
OpenServiceA
CloseServiceHandle
StartServiceA
RegCreateKeyExA

gdi32

CreatePalette
GetDIBits
GetTextExtentPoint32W
TextOutW
DeleteDC
CreateRectRgnIndirect
SelectClipRgn
GetTextMetricsW
CreatePen
StretchDIBits
MoveToEx
LineTo
SetROP2
GetStockObject
Rectangle
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
SelectPalette
RealizePalette
SetICMMode
BitBlt
DeleteObject

ole32

CoTaskMemFree
CoRevokeClassObject
CoCreateInstance
CoTaskMemAlloc

msvcr71

wcsncpy
_itow
_mbsnbcnt
memcpy
memset
wcscat
_wtoi
wcscmp
_wopen
_lseek
_onexit
_write
_close
_read
wcsncmp
free
_errno
calloc
_wgetcwd
wcschr
_wcsicmp
_adjust_fdiv
_XcptFilter
_itoa
_initterm
malloc
__CppXcptFilter
__dllonexit
wcslen
wcscpy
_except_handler3

Sections

.text
Size: 159KB - Virtual size: 159KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4afd06d08aae4ad39776531a5b341b4c

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

ole32

msvcr71

Sections

.text Size: 159KB - Virtual size: 159KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 36KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 159KB - Virtual size: 159KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 36KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 5KB - Virtual size: 5KB