ac37696449d3648c5eab5ffdd8bbf4f7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ac37696449d3648c5eab5ffdd8bbf4f7_JaffaCakes118
Size

69KB
MD5

ac37696449d3648c5eab5ffdd8bbf4f7
SHA1

11f641236bb3e2957dbf0a0185d64b167a637723
SHA256

0b1a2fec57e65ee7d4c1bea93f2376c4f43e2208dd8d87100270f1573709e655
SHA512

2e3d0dd3b5e4b2d964fa9bb3fe4ec41dfc4422d45a855657f28398f5fcb576be52c681083334e312a2cfac45184177f55cfa2bc773636dddbb571aa79bddb09b
SSDEEP

1536:BqjfsjOJcovRdydePeR11l6KUZNdXL520Nam6Gqk7H1vIIF:BqjkjtovjydePeoZNd120NXP7H1II

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ac37696449d3648c5eab5ffdd8bbf4f7_JaffaCakes118

Files

ac37696449d3648c5eab5ffdd8bbf4f7_JaffaCakes118
.dll windows:4 windows x86 arch:x86

7b5373aefed1d4c1c83bd03474321f5d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

TerminateProcess
UnhandledExceptionFilter
InterlockedDecrement
GetCurrentProcess
VirtualAlloc
GetProcessHeap
GetProcAddress
IsBadReadPtr
MulDiv
lstrlenW
lstrcmpW
InterlockedIncrement
GetCurrentThreadId
DisableThreadLibraryCalls
GetCurrentProcessId
GetSystemTimeAsFileTime
InterlockedExchange
Sleep
GetCommandLineA
InterlockedCompareExchange
QueryPerformanceCounter
GetTickCount
VirtualProtect
SetUnhandledExceptionFilter

user32

KillTimer
SetRect
SetTimer
IsDlgButtonChecked
GetDC
ReleaseDC
IsRectEmpty

advapi32

RegDeleteKeyW
RegCloseKey
RegOpenKeyExW
RegEnumKeyExW

gdi32

CreateFontIndirectA
SetBkMode
CreateDIBSection
SetTextColor
ExtTextOutA
SetBkColor
GetSystemPaletteEntries
GetDeviceCaps
GetTextColor
DeleteObject
SelectObject

ole32

CoFreeUnusedLibraries
CoUninitialize
CoTaskMemAlloc
CoCreateInstance
CoTaskMemFree
CoInitialize

rpcrt4

NdrCStdStubBuffer_Release

msvcrt

malloc
_CxxThrowException
sprintf
_XcptFilter
free
_initterm
_amsg_exit
_adjust_fdiv
_except_handler3
memcpy

Sections

.text
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7b5373aefed1d4c1c83bd03474321f5d

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

ole32

rpcrt4

msvcrt

Sections

.text Size: 27KB - Virtual size: 27KB

.rdata Size: 2KB - Virtual size: 1KB

.data Size: 36KB - Virtual size: 69KB

.rsrc Size: 1024B - Virtual size: 1024B

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 27KB - Virtual size: 27KB

.rdata
Size: 2KB - Virtual size: 1KB

.data
Size: 36KB - Virtual size: 69KB

.rsrc
Size: 1024B - Virtual size: 1024B

.reloc
Size: 2KB - Virtual size: 1KB