a69acc0e1850c50d7af34dd37dfe0b2c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a69acc0e1850c50d7af34dd37dfe0b2c_JaffaCakes118
Size

36KB
MD5

a69acc0e1850c50d7af34dd37dfe0b2c
SHA1

1ea0d0468d9afced3c94f8d424d6aa9d860ac9bf
SHA256

236c9bc583c6dff84fcbd6bcc2bbab761f1c33c1b2c1f481d1dde460585322cb
SHA512

6357bd2c7d41e1987c70ea23b708b49ee8e0c34843c29a8707be54617b98db021fcde2b4560197292163587161beca21e30b54e3f5c9280b97426f8b85556791
SSDEEP

768:T4yJh4t0A6qIRfdcc9n5X1g4WsgQEIrRZddiACas:Eyz4t03qI1tjWsgQEIFYABs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a69acc0e1850c50d7af34dd37dfe0b2c_JaffaCakes118

Files

a69acc0e1850c50d7af34dd37dfe0b2c_JaffaCakes118
.dll windows:1 windows x86 arch:x86

2b6fdf6dda907ffa4485d88ced5fbb33

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

AreFileApisANSI
ClearCommError
CreateIoCompletionPort
DebugActiveProcess
EnterCriticalSection
EraseTape
ExitProcess
FindCloseChangeNotification
FreeEnvironmentStringsW
GetCPInfoExW
GetCommMask
GetCommState
GetComputerNameA
GetComputerNameW
GetConsoleAliasExesLengthW
GetConsoleInputWaitHandle
GetEnvironmentVariableW
GetFileSize
GetLastError
GetModuleFileNameA
GetOEMCP
GetPrivateProfileStructA
GetProcessHeap
GetProfileIntW
GetProfileSectionA
GetStringTypeExA
HeapCreate
HeapLock
IsBadStringPtrA
IsDBCSLeadByteEx
LoadLibraryW
LocalUnlock
OpenEventA
OpenFile
OpenSemaphoreW
ReadFileScatter
ResetEvent
RtlFillMemory
SetConsoleTitleA
Sleep
VerLanguageNameW
VirtualProtect
WriteConsoleInputW
lstrcmpA
lstrcmpiA

user32

ChangeClipboardChain
CheckDlgButton
DlgDirListComboBoxA
DrawFrame
EndDialog
EnumDisplayMonitors
EnumWindows
GetAltTabInfoA
GetAncestor
GetClassWord
GetDC
GetDCEx
GetKBCodePage
GetKeyboardType
GetMenuContextHelpId
GetMenuState
GetTopWindow
GetWindowTextLengthW
InsertMenuW
IsCharAlphaA
IsDlgButtonChecked
IsWindowUnicode
RegisterClassExW
RegisterDeviceNotificationW
ReleaseDC
SendDlgItemMessageW
SendNotifyMessageA
SetDoubleClickTime
SetForegroundWindow
SetMenuItemBitmaps
SetUserObjectInformationA
ToUnicode
TranslateAcceleratorA
wsprintfA

gdi32

AbortPath
CreateFontA
GdiComment
GetBitmapBits
GetBitmapDimensionEx
GetCharABCWidthsFloatA
GetClipBox
GetClipRgn
GetCurrentObject
GetDIBColorTable
GetMetaFileA
GetPath
GetPixel
GetPixelFormat
GetTextCharacterExtra
GetTextFaceA
GetTextFaceW
OffsetWindowOrgEx
PolyPolygon
ResetDCW
SaveDC
SetGraphicsMode
SetWinMetaFileBits

msvcrt

_clearfp
_ctype
_getcwd
_setsystime
_snwprintf
_strlwr
_wspawnle
setbuf
strlen
tmpfile
wcstod
wcstol

Exports

Exports

CtbrvsH
ENbtmjbG
EwZDuxlkhrzixFA
FmrzhjqFaejLSE
GfVvAtHrfxfkqoidl
HTGnssagsiretyTq
Hutgxzs
OcYucyCpeOvbbewx
PNedfdGzhny
SpKIfRO
TLeFww
UiSiwJaDLnwrrTdKgh
VjOccPlQgc
YdwdeiPIvNxhdweuV
YegGMbsixTpwEOh

Sections

.text
Size: 9KB - Virtual size: 84KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.fdata
Size: 512B - Virtual size: 401B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 784B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2b6fdf6dda907ffa4485d88ced5fbb33

Headers

File Characteristics

Imports

kernel32

user32

gdi32

msvcrt

Exports

Exports

Sections

.text Size: 9KB - Virtual size: 84KB

.data Size: 23KB - Virtual size: 34KB

.fdata Size: 512B - Virtual size: 401B

.rsrc Size: 1024B - Virtual size: 784B

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 9KB - Virtual size: 84KB

.data
Size: 23KB - Virtual size: 34KB

.fdata
Size: 512B - Virtual size: 401B

.rsrc
Size: 1024B - Virtual size: 784B

.reloc
Size: 2KB - Virtual size: 1KB