abfa70d90d96fef340386b1662754527_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

abfa70d90d96fef340386b1662754527_JaffaCakes118
Size

128KB
MD5

abfa70d90d96fef340386b1662754527
SHA1

2935509744af2b81c1be449d186b1a42f735b508
SHA256

4401dbb25087d1d433ed8e693ada1692035c9bcc72c675111ec448411668dc98
SHA512

e4689e2b02e2b11231e3ac6a5f4417dcc477744b6498db782507eaae22f8ec99807c7ee19227a22a39c1bdda809d69cf8c224f27a8cdcbc555164dcc52b66357
SSDEEP

3072:WicGJu0xBYQRQeOTJE5Tj8FQvld+Z8uaT1hTz5R0jnm1PP3LjqolDnaOrjx6ROQb:WJGQnTJkls6VY9

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
abfa70d90d96fef340386b1662754527_JaffaCakes118

Files

abfa70d90d96fef340386b1662754527_JaffaCakes118
.dll windows:4 windows x86 arch:x86

f423b3ac79153ac6185e563a460ca106

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CancelIo
Sleep
InterlockedExchange
InterlockedCompareExchange
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
FreeLibrary
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetModuleHandleA
FormatMessageW
WriteConsoleW
GetStdHandle
ExitProcess
HeapReAlloc
CreateThread
GetProcessHeap
WideCharToMultiByte
CompareStringA
GetThreadLocale
CompareStringW
GetConsoleOutputCP
MultiByteToWideChar
lstrcpynW
InterlockedIncrement
SetThreadPriority
LoadLibraryW
CreateSemaphoreW
ReleaseSemaphore
GetVersionExW
IsBadWritePtr
IsBadReadPtr
IsBadStringPtrW
WaitForMultipleObjects
lstrcmpW
GetProcAddress
SetLastError
DisableThreadLibraryCalls
SetEvent
WaitForSingleObject
CreateEventW
GetCurrentThread
GetCurrentProcess
LocalFree
CreateFileW
CloseHandle
GetModuleFileNameW
lstrcmpiW
GetModuleHandleW
InterlockedDecrement
GetLastError
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
lstrlenW
GetTickCount
LocalAlloc
GlobalFree
GetCommandLineA
GlobalAlloc
HeapFree
VirtualProtect

user32

RegisterClassExW
CharNextW
UnregisterDeviceNotification
RegisterDeviceNotificationW
DispatchMessageW
PostQuitMessage
LoadStringW
UnregisterClassW
CreateWindowExW
DefWindowProcW
DestroyWindow
GetMessageW
TranslateMessage

advapi32

TraceMessage
GetTraceEnableFlags
GetTraceEnableLevel
GetTraceLoggerHandle
RegDeleteValueW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
RegSetValueExW
RegQueryInfoKeyW
RegEnumKeyExW
ConvertSidToStringSidW
GetTokenInformation
OpenProcessToken
RegisterTraceGuidsW
UnregisterTraceGuids
RegCreateKeyExW
CloseServiceHandle
CreateServiceW
OpenServiceW
UnlockServiceDatabase
ChangeServiceConfig2W
DeleteService
ChangeServiceConfigW
LockServiceDatabase
OpenSCManagerW
LookupAccountSidW
ReportEventW
OpenThreadToken

ole32

CoTaskMemFree
CoUninitialize
CoCreateInstance
PropVariantClear

msvcr71

_adjust_fdiv
memmove
wcsstr
wcscat
wcslen
fflush
fprintf
__iob_func
time
strncpy
wcscmp
__CppXcptFilter
_wcsnicmp
_wcsicmp
wcsncmp
_XcptFilter
_initterm
memset
_except_handler3
_lock
__dllonexit
_unlock
_onexit
malloc
free
_CxxThrowException
iswalpha
wcschr
_vsnwprintf

Sections

.text
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f423b3ac79153ac6185e563a460ca106

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

msvcr71

Sections

.text Size: 98KB - Virtual size: 97KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 36KB

.rsrc Size: 17KB - Virtual size: 16KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 98KB - Virtual size: 97KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 36KB

.rsrc
Size: 17KB - Virtual size: 16KB

.reloc
Size: 4KB - Virtual size: 3KB