a82415c678b3ef122a97fad88beb4670_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a82415c678b3ef122a97fad88beb4670_JaffaCakes118
Size

63KB
MD5

a82415c678b3ef122a97fad88beb4670
SHA1

fd0ceb5f0668e5e07d131d298ea94a1be362a2d8
SHA256

89ac70b60d0476a1ee51ee12061032a67760b12b112b0ca552d5b0b24f3f43d4
SHA512

23a3f14de4eb77ba7b4dee5f09bd2d69dc794220b9a249cff0cbe1c9b45ad8d39446e0da5a446bff52553bebf8777c5149f8ad00c42680eab2324d6ad7a71a88
SSDEEP

1536:Mu/m+emByjkxAxLcAOhzNdwfGi9+w/FUYSSgE:M80Eyjk4jOp/wT/ZLg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a82415c678b3ef122a97fad88beb4670_JaffaCakes118

Files

a82415c678b3ef122a97fad88beb4670_JaffaCakes118
.dll windows:5 windows x86 arch:x86

a907efd001f75b3c35729be90d76cc6e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

TerminateProcess
WaitForMultipleObjects
lstrlenW
CreatePipe
UnmapViewOfFile
GlobalUnlock
lstrcatA
SetEndOfFile
ReadFile
GlobalAlloc
SetFileAttributesA
CreateFileMappingA
GetCurrentProcessId
GetModuleHandleA
FindNextFileA
VirtualProtectEx
GetCurrentThread
MapViewOfFile
WaitForSingleObject
GetCurrentProcess
FindFirstFileA
VirtualQuery
GlobalLock
GetFileSize
CreateProcessA
FindClose
VirtualAlloc
VirtualUnlock
WritePrivateProfileStructA
GetProcAddress
CreateFileA
GetCurrentDirectoryA
CloseHandle
MulDiv
IsProcessorFeaturePresent
lstrcpynA
SetPriorityClass
LoadLibraryA
lstrcpyA
GetPriorityClass
SetFilePointer
VirtualQueryEx
SetThreadPriority
VirtualLock
WriteFile
DeleteFileA
WritePrivateProfileStringA
VirtualFree

user32

LoadBitmapA
DestroyCursor
SetMenuItemInfoA
GetClassInfoA
SetWindowLongA
EmptyClipboard
IsZoomed
GetCursorPos
LoadIconA
IsIconic
DestroyMenu
SetWindowPos
TrackPopupMenu
CheckMenuRadioItem
GetWindowTextA
KillTimer
GetActiveWindow
EnumClipboardFormats
GetClipboardData
InvalidateRect
IsWindowEnabled
wsprintfA
GetAsyncKeyState
LoadCursorA
CheckDlgButton
OpenClipboard
CallWindowProcA
CheckRadioButton
CloseClipboard
MoveWindow
EnableMenuItem
SetTimer
SetClipboardData
ShowWindow
CreatePopupMenu

fldrwcfg

_FExp
_Dscale
_Inf
_Tolower
_FDtest
_Snan
_Eps
_FDnorm
_LNan
_FRteps
_LExp
_Stod
_FXbig
_FCosh
_Sinh
_LDenorm
_FInf
_LDtest
_Stold
_FSnan
_Dtest
_Poly
_LSnan
_Hugeval
_Rteps
_LInf
_Denorm

gdi32

SetTextColor
DeleteObject
GetDeviceCaps

msvcrt

strchr
free
realloc
strncmp
malloc
div
toupper
strstr
gmtime

comctl32

ImageList_Remove
ImageList_ReplaceIcon

shell32

DragAcceptFiles
SHGetFileInfoA

advapi32

LookupPrivilegeValueA
RegCreateKeyExA
RegCloseKey
AdjustTokenPrivileges
OpenProcessToken

comdlg32

GetOpenFileNameA

imagehlp

BindImageEx

Exports

Exports

CreateProcessNotify
ctfminst

Sections

.text
Size: 53KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a907efd001f75b3c35729be90d76cc6e

Headers

File Characteristics

Imports

kernel32

user32

fldrwcfg

gdi32

msvcrt

comctl32

shell32

advapi32

comdlg32

imagehlp

Exports

Exports

Sections

.text Size: 53KB - Virtual size: 56KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 3KB - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 53KB - Virtual size: 56KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB