a5f7e6bfa18a090ccf46bc60635b5c5b_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

a5f7e6bfa18a090ccf46bc60635b5c5b_JaffaCakes118
Size

365KB
MD5

a5f7e6bfa18a090ccf46bc60635b5c5b
SHA1

89a1191b829506597f849db748f67205269356a0
SHA256

5c8d45cb6736ea8b0da0e1f2f58824339053325acb1fd3167fdb19119366b561
SHA512

d8580e263800d6ef7da02ac158cc54c20124b1e87b0afb67030f18182fa4fe503b6e6066b5c2d5f84129252bbac6b070047ba796c3bc3e29db41f0debe7eeed5
SSDEEP

6144:LxgHxm2Qomaapm4VOLzXZCsJ7tbw9bGJ/LypHoHYgQQ88bXM/iT3Yna8B7KK:dgHcMmM3zpJDDBlcsSlB+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a5f7e6bfa18a090ccf46bc60635b5c5b_JaffaCakes118

Files

a5f7e6bfa18a090ccf46bc60635b5c5b_JaffaCakes118
.dll windows:4 windows x86 arch:x86

fba269f3462b509acb47fbb14be2e5af

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shfolder

SHGetFolderPathA

kernel32

FindFirstFileA
FindNextFileA
FindClose
RemoveDirectoryA
GetSystemDefaultLangID
GetFileSize
DeleteFileA
GetVersion
lstrcatA
GetLastError
SetFileAttributesA
CreateDirectoryA
GetFileAttributesA
lstrlenA
MultiByteToWideChar
GetUserDefaultLangID
GetLocaleInfoA
GetModuleFileNameA
LoadLibraryA
LockResource
LoadResource
FindResourceA
FreeLibrary
GetProcAddress
GetCurrentProcess
LocalFree
LocalAlloc
GetVersionExA
IsBadWritePtr
GetCurrentThread
CloseHandle
ReadFile
CreateFileA
SetCurrentDirectoryA
GetCurrentDirectoryA
LocalFileTimeToFileTime
SystemTimeToFileTime
FileTimeToSystemTime
FileTimeToLocalFileTime
GetTickCount
GetModuleHandleA
GlobalMemoryStatus
Sleep
lstrlenW
WaitForSingleObject
CreateEventA
DeviceIoControl
EnterCriticalSection
InitializeCriticalSection
InterlockedExchange
DeleteCriticalSection
LeaveCriticalSection
InterlockedDecrement
InterlockedIncrement
WideCharToMultiByte
RaiseException
GetCommandLineA
GetDriveTypeA
HeapFree
HeapAlloc
GetTimeZoneInformation
GetSystemTime
GetLocalTime
GetCPInfo
GetACP
GetOEMCP
HeapReAlloc
ExitProcess
FatalAppExitA
LCMapStringA
LCMapStringW
CompareStringA
CompareStringW
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
TerminateProcess
HeapSize
SetUnhandledExceptionFilter
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
WriteFile
GetFullPathNameA
VirtualAlloc
GetStringTypeA
GetStringTypeW
SetFilePointer
FlushFileBuffers
IsValidLocale
IsValidCodePage
EnumSystemLocalesA
GetUserDefaultLCID
IsBadReadPtr
IsBadCodePtr
UnhandledExceptionFilter
SetStdHandle
SetConsoleCtrlHandler
SetEndOfFile
GetLocaleInfoW
SetEnvironmentVariableA
FormatMessageA
RtlUnwind

user32

MessageBoxA
LoadStringA

oleaut32

SysAllocString
SysAllocStringLen
SysFreeString

advapi32

AllocateAndInitializeSid
SetEntriesInAclA
RegEnumKeyExA
RegEnumValueA
RevertToSelf
AccessCheck
IsValidSecurityDescriptor
SetSecurityDescriptorOwner
SetSecurityDescriptorGroup
AddAccessAllowedAce
InitializeAcl
GetLengthSid
OpenProcessToken
OpenThreadToken
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
RegOpenKeyA
ImpersonateSelf
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
FreeSid
RegDeleteValueA

ole32

CoCreateInstance
CoInitialize
CoUninitialize
CoInitializeEx

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

shlwapi

SHDeleteKeyA

Exports

Exports

EnumTvValueNext

Sections

.text
Size: 83KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 126KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 151KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fba269f3462b509acb47fbb14be2e5af

Headers

File Characteristics

Imports

shfolder

kernel32

user32

oleaut32

advapi32

ole32

version

shlwapi

Exports

Exports

Sections

.text Size: 83KB - Virtual size: 84KB

.rdata Size: 126KB - Virtual size: 128KB

.data Size: 151KB - Virtual size: 152KB

.rsrc Size: 2KB - Virtual size: 4KB

.reloc Size: 1KB - Virtual size: 4KB

.text
Size: 83KB - Virtual size: 84KB

.rdata
Size: 126KB - Virtual size: 128KB

.data
Size: 151KB - Virtual size: 152KB

.rsrc
Size: 2KB - Virtual size: 4KB

.reloc
Size: 1KB - Virtual size: 4KB