ade94488fa99ecedccf2a42edfe3a7b7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ade94488fa99ecedccf2a42edfe3a7b7_JaffaCakes118
Size

60KB
MD5

ade94488fa99ecedccf2a42edfe3a7b7
SHA1

ae3e276668576291839244c591e5517ad3f4e20d
SHA256

6990feaa01c24e534ecb5a3715772a7e6ad2451d0a15dac7aa6c3db854a26c15
SHA512

c2c235a18db73bda9f3c235d6f0d4f3dbe782ba0a1adcc57d9a95ba8354c97aafe86e6985170ee16f64630fa8abc24c0ce65c417f64dee797ee177162af46d54
SSDEEP

768:3S3bXfRNBWUX3ZVqOkZJRGJRGoo4RWDgMISPNr2oJjmRURtZ:3SLX9Ww3ZM7sD9WPICJjmRURtZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ade94488fa99ecedccf2a42edfe3a7b7_JaffaCakes118

Files

ade94488fa99ecedccf2a42edfe3a7b7_JaffaCakes118
.dll windows:4 windows x86 arch:x86

de3cfe60e93215848b8c561ea6345215

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

??1type_info@@UAE@XZ
_CxxThrowException
printf
sprintf
??3@YAXPAX@Z
??2@YAPAXI@Z
wcslen
wcscpy
wcscmp
atoi
memmove
strstr
free
_initterm
malloc
_adjust_fdiv
_except_handler3
__dllonexit
_onexit

ws2_32

gethostbyname
inet_addr
closesocket
inet_ntoa
select
send
__WSAFDIsSet
WSACleanup
WSAStartup
recv
connect
htons
WSAAsyncSelect
socket
setsockopt

user32

EnumWindowStationsA
CloseWindowStation
GetUserObjectInformationA
OpenWindowStationA
ExitWindowsEx
wsprintfA
PostQuitMessage
DefWindowProcA
DispatchMessageA
TranslateMessage
GetMessageA
SetTimer
CreateWindowExA
RegisterClassExA
ShowWindow
SetProcessWindowStation
GetProcessWindowStation

advapi32

SetSecurityDescriptorDacl
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
RegDeleteKeyA
RegQueryInfoKeyA
RegCloseKey
RegEnumKeyA
OpenSCManagerA
OpenServiceA
QueryServiceStatus
StartServiceA
ControlService
CloseServiceHandle
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
InitializeSecurityDescriptor

kernel32

SetConsoleActiveScreenBuffer
GetStdHandle
WriteConsoleInputW
GenerateConsoleCtrlEvent
TerminateThread
TerminateProcess
FreeConsole
ReadConsoleOutputCharacterW
GetConsoleOutputCP
GetConsoleScreenBufferInfo
InterlockedIncrement
InterlockedDecrement
IsBadWritePtr
HeapFree
SetConsoleScreenBufferSize
GetLastError
GetProcessHeap
HeapAlloc
ReleaseMutex
InitializeCriticalSection
lstrcpynA
CreateThread
WaitForSingleObject
FindFirstFileW
FindNextFileW
FindClose
GetLogicalDrives
GetDriveTypeA
MultiByteToWideChar
CreateConsoleScreenBuffer
AllocConsole
UnmapViewOfFile
GetFileSize
MapViewOfFile
CreateFileMappingA
CreateFileW
DeleteFileW
CreateProcessW
GetStartupInfoW
FreeLibrary
LoadLibraryExA
FindNextFileA
FindFirstFileA
WideCharToMultiByte
LoadLibraryA
CreateMutexA
DeleteFileA
VirtualProtect
FlushInstructionCache
GetCurrentProcess
InterlockedExchange
GetProcAddress
GetModuleHandleA
Sleep
CloseHandle
CreateProcessA
GetModuleFileNameA
GetStartupInfoA
MoveFileExA
GetTempFileNameA
GetTempPathA
CopyFileA
lstrcatA
lstrcpyA
GetSystemDirectoryA
GetVolumeInformationA
GetVersionExA
GetComputerNameA
LocalFree
LocalAlloc
WriteFile
CreateFileA
lstrlenA
DeviceIoControl
GetTickCount
LeaveCriticalSection
EnterCriticalSection

ole32

CoInitialize
CoUninitialize

oleaut32

SysStringLen
SysFreeString
VariantClear
SysAllocStringByteLen
SysAllocString
VariantInit

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Exports

Exports

Fixup
XFDelFile
XFRestart
XFU

Sections

.text
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.share
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

de3cfe60e93215848b8c561ea6345215

Headers

File Characteristics

Imports

msvcrt

ws2_32

user32

advapi32

kernel32

ole32

oleaut32

version

Exports

Exports

Sections

.text Size: 24KB - Virtual size: 22KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 4KB - Virtual size: 2KB

.share Size: 12KB - Virtual size: 8KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 24KB - Virtual size: 22KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 4KB - Virtual size: 2KB

.share
Size: 12KB - Virtual size: 8KB

.reloc
Size: 4KB - Virtual size: 3KB