ad9cf5648f1202a557dbf9eafbba382d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ad9cf5648f1202a557dbf9eafbba382d_JaffaCakes118
Size

120KB
MD5

ad9cf5648f1202a557dbf9eafbba382d
SHA1

e86bd842f5a4e8c9c59c206cf34c65c1ab6aad8c
SHA256

c403531a9e542d8fba8678e592e0d18f64dbe2785ab6860c6c4c54fde5169ea5
SHA512

8870f1010e4da92bab27060a297926fe9592f7e41482711f36569fcd6ae0235fcea575e3f74d358a7762b99c0348e40d84691a4ab5ac7690eb2b60db80ec854a
SSDEEP

3072:x/Xj8ntYsIdegopKgDS+Xn6vn+m5Av+3ywTZ7oWMy4Yq/:BjytYsIVIXn6/+magVWL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ad9cf5648f1202a557dbf9eafbba382d_JaffaCakes118

Files

ad9cf5648f1202a557dbf9eafbba382d_JaffaCakes118
.dll windows:4 windows x86 arch:x86

86f8a1121e8f0b7c4faa7dd7856e7172

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LCMapStringA
DisableThreadLibraryCalls
GetPrivateProfileIntA
HeapFree
GetCurrentThreadId
SetFilePointer
SetStdHandle
FlushFileBuffers
GetLocaleInfoW
LoadLibraryA
VirtualAlloc
GetLocaleInfoA
GetStringTypeA
GetStringTypeW
WriteFile
InterlockedDecrement
InterlockedIncrement
GetLastError
ResumeThread
CreateThread
TlsSetValue
ExitThread
CloseHandle
GetCommandLineA
GetProcAddress
GetModuleHandleA
GetVersion
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
MultiByteToWideChar
WideCharToMultiByte
GetModuleFileNameA
LCMapStringW
GetStdHandle
SetHandleCount
TlsAlloc
TlsFree
SetLastError
TlsGetValue
HeapAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
RtlUnwind
HeapCreate
VirtualFree
GetFileType
GetStartupInfoA
GetCPInfo
GetACP
GetOEMCP
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy

user32

CallNextHookEx
IsZoomed
DefWindowProcW
DefWindowProcA
MoveWindow
GetWindowRect
SetWindowPos
SetWindowLongA
GetWindowLongW
SetWindowLongW
GetWindowDC
DeferWindowPos
GetWindowPlacement
IsWindow
GetWindowLongA
ShowWindow
SetWindowPlacement
SetWindowRgn

Exports

Exports

GetAddr
GetModCount
GetWndProc
HH
HH2
ResetHelper
ResizeWindow
SetAddr
SetHk
SetHk2
SetModCount
SetSizes
SwitchSys

Sections

.text
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.sdata
Size: 512B - Virtual size: 12B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 71KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

86f8a1121e8f0b7c4faa7dd7856e7172

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 23KB - Virtual size: 23KB

.sdata Size: 512B - Virtual size: 12B

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 13KB - Virtual size: 19KB

.idata Size: 2KB - Virtual size: 2KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 3KB

.rmnet Size: 71KB - Virtual size: 72KB

.text
Size: 23KB - Virtual size: 23KB

.sdata
Size: 512B - Virtual size: 12B

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 13KB - Virtual size: 19KB

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 3KB

.rmnet
Size: 71KB - Virtual size: 72KB