ac2a4aeb327c4c1386d9a89a12682e80_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ac2a4aeb327c4c1386d9a89a12682e80_JaffaCakes118
Size

60KB
MD5

ac2a4aeb327c4c1386d9a89a12682e80
SHA1

9aed05a4d997038b9110b4106eb9d00520e1db1b
SHA256

fb2f39cac0552c11e437efb1dc7e8de1bc050d85efbe0578e362d475a82100b3
SHA512

a151e0f86afa4ca69ed71e5194ff871e9e80ca96ab6218ab87fc5c6edc3c937b4f1b70a48d8d05177c0c86e534fe68db97c1a07a1ec1144af88377a7bacbd9c6
SSDEEP

768:M/pheS5H+NwRYdeGaWFkmlg0mR5t/znyDjevxbRlvWiojBkGo6qCHbpbvM+hpDyB:MP+OYIrW2v5ZznyDqlRlvxG6spds68

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac2a4aeb327c4c1386d9a89a12682e80_JaffaCakes118

Files

ac2a4aeb327c4c1386d9a89a12682e80_JaffaCakes118
.dll windows:5 windows x86 arch:x86

88e714f4ccd9f566fb9f976e27d3f471

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateProcessA
CloseHandle
WriteFile
CreateFileA
lstrcpynA
CreateEventA
GetVersionExA
lstrcmpA
VirtualAlloc
VirtualFree
lstrcmpiA
FreeLibrary
LoadLibraryA
GetSystemDirectoryA
GetSystemTime
MoveFileA
GetCurrentThreadId
WritePrivateProfileStringA
GetWindowsDirectoryA
MoveFileExA
GetTempPathA
ReleaseMutex
GetTickCount
GetVersion
GetVolumeInformationA
SetEvent
GetFileSize
SystemTimeToFileTime
GetProcessHeap
HeapFree
ReadFile
HeapAlloc
GetTempFileNameA
DeleteFileA
GlobalAlloc
VirtualQueryEx
GetThreadContext
GlobalFree
TerminateProcess
ResumeThread
RtlUnwind
VirtualQuery
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
Sleep
ExitProcess
WaitForSingleObject
CreateMutexA
OpenProcess
GetLastError
lstrcpyA
GetModuleHandleA
GetProcAddress
RaiseException
lstrlenA
lstrcatA
GetLocaleInfoA
GetModuleFileNameA

user32

LoadIconA
DefWindowProcA
GetWindowTextA
CloseDesktop
SetThreadDesktop
GetThreadDesktop
OpenInputDesktop
MessageBoxA
LoadCursorA
FindWindowA
SetWindowsHookExA
PostMessageA
FindWindowExA
GetWindowThreadProcessId
GetFocus
EqualRect
GetCursorPos
ClientToScreen
IsWindowVisible
RegisterClassExA
CreateWindowExA
GetMessageA
TranslateMessage
CallNextHookEx
wsprintfA
InflateRect
DispatchMessageA

advapi32

RegCloseKey
RegCreateKeyExA
RegDeleteValueA
RegEnumValueA
RegDeleteKeyA
RegQueryValueExA
RegEnumKeyExA
RegOpenKeyExA
OpenProcessToken
CreateProcessAsUserA

shlwapi

SHDeleteKeyA
SHDeleteValueA
SHSetValueA
SHGetValueA

gdi32

GetBkColor
GetBkMode

Exports

Exports

RbBvmvWyouuf
ZsdJTNcJ
nAnSwk
ruxGeUd
tZVNqGTPJyx

Sections

.text
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

88e714f4ccd9f566fb9f976e27d3f471

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shlwapi

gdi32

Exports

Exports

Sections

.text Size: 51KB - Virtual size: 50KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 1KB - Virtual size: 13KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 51KB - Virtual size: 50KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 1KB - Virtual size: 13KB

.reloc
Size: 3KB - Virtual size: 2KB