ae3c072a23faab5cee8a54734a76ff6a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ae3c072a23faab5cee8a54734a76ff6a_JaffaCakes118
Size

129KB
MD5

ae3c072a23faab5cee8a54734a76ff6a
SHA1

fd6e2f8fed522c509d71ffc0ba3848e37173ebb0
SHA256

112022fa24711f8f3dae4e804428631a0db1fda44a938b20d3a53348a9beb6b7
SHA512

3e2a709d6fe2d74a83685afc7e1b0f65bd08829d93c6d1a71c31b1034a9719029363ea7fa49dda6ac03e572aa87a5b07f299428c7c5f6942ce6c5c9f50dcd4b2
SSDEEP

3072:vEGuwq7uHzaH82qZ8TPxcZvdu9RLTDhNJoqmz/s1GaE:YwYhHqCJgvdu9hTDhNJEydE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ae3c072a23faab5cee8a54734a76ff6a_JaffaCakes118

Files

ae3c072a23faab5cee8a54734a76ff6a_JaffaCakes118
.dll windows:4 windows x86 arch:x86

0f811fcfea7f5085e0194a8ef7e274d4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DeleteFileA
FileTimeToSystemTime
GetFileInformationByHandle
lstrcpynA
lstrlenA
FindClose
FindFirstFileA
lstrlenW
WideCharToMultiByte
MoveFileExA
FormatMessageA
IsDBCSLeadByte
CreateFileA
MultiByteToWideChar
InterlockedIncrement
GetCurrentThread
DeleteCriticalSection
FindNextFileW
GetProcAddress
lstrcmpW
BackupRead
GetFileAttributesA
FreeLibrary
LoadLibraryW
FormatMessageW
FindFirstFileW
DeleteFileW
RemoveDirectoryW
GetFileAttributesW
MoveFileW
CreateDirectoryW
SetVolumeMountPointW
SetFileAttributesW
lstrcmpiW
ReadFile
GetVolumeInformationW
GetDiskFreeSpaceExW
HeapReAlloc
WriteFile
lstrcpyW
lstrcatW
GetProcessHeap
LocalAlloc
CreateThread
SetLastError
LocalFree
GetLocalTime
InterlockedDecrement
FileTimeToLocalFileTime
UnhandledExceptionFilter
InterlockedExchange
Sleep
InterlockedCompareExchange
GetStartupInfoA
SetUnhandledExceptionFilter
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
SleepEx
GetOverlappedResult
CreateFileW
WriteFileEx
HeapFree
SetEvent
DeviceIoControl
CloseHandle
EnterCriticalSection
LeaveCriticalSection
HeapAlloc
GetLastError
CreateEventW
WaitForSingleObject
ReadFileEx
GetCommandLineA
ReleaseMutex
VirtualProtect

user32

LoadStringW
wsprintfW
CharPrevA
CharLowerA
wsprintfA
SendMessageW
SendDlgItemMessageW
WinHelpW
GetParent
CheckDlgButton
EnableWindow
IsDlgButtonChecked
GetSystemMetrics
LoadImageW
MessageBoxW
SetDlgItemTextW
GetDlgItem
SetWindowLongW
ShowWindow

advapi32

RegOpenKeyExA
RegReplaceKeyW
SetSecurityDescriptorDacl
InitializeSecurityDescriptor
RegDeleteKeyA
RegCreateKeyExA
RegSetValueExA
AccessCheck
OpenThreadToken
RegSetValueExW
RegCloseKey
RevertToSelf
ImpersonateLoggedOnUser
LsaClose
LsaFreeMemory
LsaQueryInformationPolicy
LsaNtStatusToWinError
RegQueryValueExA
GetTokenInformation
SetNamedSecurityInfoW
SetEntriesInAclW
SetSecurityInfo
RegDeleteKeyW
SetThreadToken
LsaOpenSecret
LsaQuerySecret
RegLoadKeyW
FreeSid
AllocateAndInitializeSid
OpenProcessToken
SetFileSecurityW
RegEnumValueW
RegOpenKeyW
RegCreateKeyExW
RegUnLoadKeyW

gdi32

DeleteObject

ole32

CoCreateInstance
CoGetCallContext
CoUninitialize
CoCreateFreeThreadedMarshaler

msvcrt

_mbsrchr
strrchr
memmove
wcschr
_wcsupr
wcsstr
_wcsnicmp
_wcsicmp
wcsrchr
wcscat
swprintf
swscanf
_wtol
free
malloc
_adjust_fdiv
strpbrk
atoi
strchr
_vsnprintf
asctime
fclose
__CxxFrameHandler
??2@YAPAXI@Z
??3@YAXPAX@Z
time
_except_handler3
_ismbblead
exit
_acmdln
_initterm
_amsg_exit
_cexit
_vsnwprintf
localtime
wcslen
_strnicmp
_strupr
strncpy
sprintf
_mbslen
_mbsicmp

Sections

.text
Size: 73KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 35KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0f811fcfea7f5085e0194a8ef7e274d4

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

ole32

msvcrt

Sections

.text Size: 73KB - Virtual size: 72KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 35KB - Virtual size: 68KB

.rsrc Size: 9KB - Virtual size: 8KB

.reloc Size: 6KB - Virtual size: 5KB

.text
Size: 73KB - Virtual size: 72KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 35KB - Virtual size: 68KB

.rsrc
Size: 9KB - Virtual size: 8KB

.reloc
Size: 6KB - Virtual size: 5KB