acd8da8fc770d16854fe58bd2297da80_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

acd8da8fc770d16854fe58bd2297da80_JaffaCakes118
Size

120KB
MD5

acd8da8fc770d16854fe58bd2297da80
SHA1

89c3592f5bf9e00dc1be0cca552a8d691295d1f0
SHA256

0f877017b93b6cd7f87c0656260680388d5b1e86c9a887b506cd9889c4fbe9db
SHA512

6768cc0352a89685e9f72331df4b6974daa8146a15216de61cfcb3d8d2881ca90012529522350b3ee525d2d922d83bd4652812b8b098ed9dd71868e07d98497f
SSDEEP

3072:5WC5SAmaQ7CC6ddFLo2h5t7OJhDo2QbY:3SAy7CXhoi5t7OfDo2x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
acd8da8fc770d16854fe58bd2297da80_JaffaCakes118

Files

acd8da8fc770d16854fe58bd2297da80_JaffaCakes118
.dll windows:4 windows x86 arch:x86

2dc6e805bb27076b33a740bf102d1bba

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

UnmapViewOfFile
MapViewOfFile
InterlockedCompareExchange
InterlockedIncrement
GetModuleHandleA
LoadLibraryA
GetCommandLineA
GetComputerNameA
WriteFile
LeaveCriticalSection
CreateFileA
EnterCriticalSection
GetLastError
CloseHandle
HeapFree
CreateProcessA
GetTickCount
WaitForSingleObject
GetCurrentProcessId
GetProcessHeap
CopyFileA
CreateEventA
GetProcAddress
GetModuleFileNameA
GetVolumeInformationA
lstrlenW
OpenEventA
CreateMutexA
ExitProcess
CreateDirectoryA
ReleaseMutex
HeapAlloc
InterlockedDecrement
Sleep
CreateFileMappingA
LocalFree
SetLastError
lstrlenA

ole32

CoUninitialize
OleCreate
CoCreateGuid
CoTaskMemAlloc
CoInitialize
OleSetContainedObject

user32

KillTimer
GetParent
CreateWindowExA
DispatchMessageA
UnhookWindowsHookEx
SetWindowLongA
SetWindowsHookExA
GetWindowLongA
DestroyWindow
PostQuitMessage
TranslateMessage
SetTimer
DefWindowProcA
FindWindowA
GetClassNameA
GetMessageA
GetWindowThreadProcessId
GetSystemMetrics
RegisterWindowMessageA
PostMessageA
SendMessageA

oleaut32

SysAllocStringLen
SysFreeString
SysAllocString

shlwapi

StrStrIW
UrlUnescapeW

advapi32

RegCloseKey
GetUserNameA
RegSetValueExA
RegOpenKeyExA
RegQueryValueExA
RegCreateKeyExA
RegDeleteValueA

shell32

SHGetFolderPathA

Exports

Exports

CatDBAuthenticationUI

Sections

.text
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2dc6e805bb27076b33a740bf102d1bba

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

shlwapi

advapi32

shell32

Exports

Exports

Sections

.text Size: 100KB - Virtual size: 99KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 8KB - Virtual size: 7KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 100KB - Virtual size: 99KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 8KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 2KB