a8009c9942d73b426024725649de3dd4_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

a8009c9942d73b426024725649de3dd4_JaffaCakes118
Size

126KB
MD5

a8009c9942d73b426024725649de3dd4
SHA1

945911a8578ca93f6f757b26a310e68c05b89e19
SHA256

4cbd8f1ecffe57d6857e4910f5159dea90cc01cd2e0a57daaf9ca4481fe690c5
SHA512

b0d85289160e5c9a5e6b1d164479fc33e58c1c8dd42146dbe817094beef64a4075ab664c574c6f6df6264dc45796ac2a1169a8132cf377c7183c7fe68ae6ac9e
SSDEEP

3072:MdEHXundA3hnJWDrezjlRMIWgUILao/s6w3Zb2nZ:THp0azjjIgUIGpG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a8009c9942d73b426024725649de3dd4_JaffaCakes118

Files

a8009c9942d73b426024725649de3dd4_JaffaCakes118
.dll windows:4 windows x86 arch:x86

04d7eea1f0551f712d5cf6d6e0c2735b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ResumeThread
CompareFileTime
GetTickCount
TerminateProcess
AssignProcessToJobObject
CreateProcessW
DeleteTimerQueueTimer
CreateTimerQueueTimer
CreateThread
GetModuleFileNameW
LocalAlloc
LocalFree
SetLastError
FormatMessageW
WaitForSingleObject
VirtualUnlock
SetThreadPriority
HeapSize
HeapAlloc
GetLastError
HeapCreate
MultiByteToWideChar
GetFileAttributesW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InterlockedIncrement
GetModuleHandleW
GetModuleHandleA
GetProcAddress
GetVersion
OutputDebugStringA
CreateJobObjectW
GetCommandLineW
TerminateJobObject
ResetEvent
InterlockedDecrement
GetSystemTimeAsFileTime
CompareStringW
GetShortPathNameW
ExpandEnvironmentStringsW
GetCurrentProcessId
WaitForSingleObjectEx
InterlockedExchange
UnregisterWaitEx
Sleep
CreateEventW
SetEvent
CloseHandle
HeapDestroy
GetProcessHeap
HeapFree
GetCommandLineA
VirtualFree
VirtualProtect
GetCurrentProcess
VirtualAlloc

user32

GetWindowRect
ScreenToClient
MoveWindow
KillTimer
LoadStringW
SetWindowTextW
IsWindow
IsRectEmpty
DestroyWindow
SystemParametersInfoW
GetWindowLongW
EnableWindow
GetWindowTextLengthW
SetFocus
GetDlgItemTextW
DestroyIcon
SetRect
GetClientRect
SendDlgItemMessageW
GetDlgItem
SetDlgItemTextW
GetSystemMetrics
LoadImageW
SetWindowLongW
GetAncestor
GetParent
PostMessageW
CopyIcon
CloseDesktop
MessageBoxW
ExitWindowsEx
ShowWindow
SendMessageW

advapi32

LsaFreeMemory
RegSetValueExW
RegEnumValueW
RegDeleteValueW
UnregisterTraceGuids
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
NotifyBootConfigStatus
RegCreateKeyExW
DeregisterEventSource
RegisterEventSourceW
ImpersonateLoggedOnUser
RevertToSelf
TraceMessage
GetTokenInformation

gdi32

SetTextColor
SetROP2
GetStockObject
SetBkMode
SelectObject
Rectangle
DeleteObject

ole32

CoGetObject
CoTaskMemFree
PropVariantClear
CoCreateInstance
CoUninitialize

rpcrt4

UuidFromStringW
I_RpcMapWin32Status
RpcAsyncCompleteCall
RpcBindingFree
NdrClientCall2
RpcStringFreeW
RpcMgmtIsServerListening
RpcAsyncCancelCall
RpcAsyncInitializeHandle

msvcr71

_except_handler3
free
abs
wcstok
wcschr
_wcsicmp
memmove
_vsnwprintf
memset
memcpy
wcstoul
wcstol
_initterm
malloc
_adjust_fdiv
__CppXcptFilter
__dllonexit
_onexit

Sections

.text
Size: 79KB - Virtual size: 78KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sxdata
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

04d7eea1f0551f712d5cf6d6e0c2735b

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

ole32

rpcrt4

msvcr71

Sections

.text Size: 79KB - Virtual size: 78KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 35KB - Virtual size: 68KB

.sxdata Size: 512B - Virtual size: 8B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 79KB - Virtual size: 78KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 35KB - Virtual size: 68KB

.sxdata
Size: 512B - Virtual size: 8B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 5KB - Virtual size: 4KB