a8227d556c6d8620e2d52786a63193c8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a8227d556c6d8620e2d52786a63193c8_JaffaCakes118
Size

52KB
MD5

a8227d556c6d8620e2d52786a63193c8
SHA1

28c4f486a3cbe0ffd76656eebb95df4118dfb9e2
SHA256

5d41ee107add7b44b55c847f7d688ddd98efa8b77697eb5b72537431e531b9a8
SHA512

110b77a8cfc7b621bd28d47383740723423ddba2a506bbdd142a6b3b6aa62ae2fbd280f4a8d68a55738d83c20c472f3e527d04489f3b11a8ca57ad1aa2f4fbea
SSDEEP

768:ILfWsdKbFokrLYCJ/zGXu1PTIq1wm/Lc0Vj637aOHMcSBtWh7EwE57hTy/tsu+:UlgdrFRzG0PTIqmq7lOPrZEBy/tsu+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a8227d556c6d8620e2d52786a63193c8_JaffaCakes118

Files

a8227d556c6d8620e2d52786a63193c8_JaffaCakes118
.dll windows:4 windows x86 arch:x86

7522083e52f7bec4ed9f92eb435a7d94

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

UrlCanonicalizeA

kernel32

CreateHardLinkW
GetFileTime
Beep
CopyFileW
CopyFileExW
CopyFileExA
CopyFileA
ConvertThreadToFiber
ConvertDefaultLocale
ContinueDebugEvent
ConnectNamedPipe
CompareStringW
CompareStringA
CompareFileTime
CommConfigDialogW
CreateMailslotW
CreateMailslotA
CreateJobObjectW
CreateJobObjectA
CreateIoCompletionPort
CreateHardLinkA
CreateFileW
CreateFileMappingW
CreateFileMappingA
CreateFileA
CreateFiberEx
CreateFiber
CreateEventW
CreateEventA
CreateDirectoryW
CreateDirectoryExW
CreateDirectoryExA
CreateDirectoryA
CreateConsoleScreenBuffer
HeapAlloc
GetProcessHeap
HeapFree

user32

CharPrevA
ChildWindowFromPointEx
ChildWindowFromPoint
CheckRadioButton
ChangeClipboardChain
ChangeDisplaySettingsA
ChangeDisplaySettingsExA
ChangeDisplaySettingsExW
ChangeDisplaySettingsW
ChangeMenuA
ChangeMenuW
CharLowerA
CharLowerBuffA
CharLowerBuffW
CharLowerW
CharNextExA
CharNextW
CharNextA
CharPrevExA
CharPrevW
CharToOemA
CharToOemBuffA
CharToOemBuffW
CharToOemW
CharUpperA
CharUpperBuffA
CharUpperBuffW
CharUpperW
CheckDlgButton
CheckMenuItem
CheckMenuRadioItem

msvcrt

memset

winmm

mmioInstallIOProcA

setupapi

SetupDiEnumDeviceInterfaces
CM_Open_Class_KeyA
CM_Register_Device_InterfaceW
CM_Register_Device_Interface_ExA
CM_Register_Device_Interface_ExW
CM_Remove_SubTree
CM_Remove_SubTree_Ex
CM_Request_Device_EjectA
CM_Request_Device_EjectW
CM_Request_Device_Eject_ExA
CM_Request_Device_Eject_ExW
CM_Request_Eject_PC
CM_Request_Eject_PC_Ex
CM_Set_HW_Prof_Ex
CM_Set_HW_Prof_FlagsA
CM_Set_HW_Prof_FlagsW
CM_Set_HW_Prof_Flags_ExA
CM_Set_HW_Prof_Flags_ExW
SetupDiClassGuidsFromNameA
SetupDiClassGuidsFromNameExA
SetupDiEnumDriverInfoA
SetupDiClassGuidsFromNameExW
SetupDiClassGuidsFromNameW
SetupDiClassNameFromGuidA
SetupDiClassNameFromGuidExA
SetupDiClassNameFromGuidExW
SetupDiClassNameFromGuidW
SetupDiCreateDevRegKeyA
SetupDiCreateDevRegKeyW
SetupDiCreateDeviceInfoA
SetupDiCreateDeviceInfoList
SetupDiCreateDeviceInfoListExA
SetupDiCreateDeviceInfoListExW
SetupDiCreateDeviceInfoW
SetupDiCreateDeviceInterfaceA
SetupDiDestroyDriverInfoList
SetupDiDrawMiniIcon
SetupDiGetClassDescriptionA
SetupDiGetClassBitmapIndex
SetupDiEnumDriverInfoW
SetupDiEnumDeviceInfo

Exports

Exports

sirwr

Sections

.code
Size: 44KB - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1B

IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 1B

IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 792B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 828B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7522083e52f7bec4ed9f92eb435a7d94

Headers

File Characteristics

Imports

shlwapi

kernel32

user32

msvcrt

winmm

setupapi

Exports

Exports

Sections

.code Size: 44KB - Virtual size: 134KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 512B - Virtual size: 1B

.reloc Size: 512B - Virtual size: 1B

.rsrc Size: 1024B - Virtual size: 792B

.reloc Size: 1024B - Virtual size: 828B

.code
Size: 44KB - Virtual size: 134KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 512B - Virtual size: 1B

.reloc
Size: 512B - Virtual size: 1B

.rsrc
Size: 1024B - Virtual size: 792B

.reloc
Size: 1024B - Virtual size: 828B