aea0d5b9f776fac31cded233c0d7adae_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

aea0d5b9f776fac31cded233c0d7adae_JaffaCakes118
Size

128KB
MD5

aea0d5b9f776fac31cded233c0d7adae
SHA1

643f0e522d285ede72d38e5ea9842b1b183eb457
SHA256

98346713b2f8d957fee857e4437a48acbba42bb8be68dcb0268259f9f45d8e11
SHA512

9592a43f8a750bc56b15cd97f282e17e687daf2b3d92aacdcdb9d3e6f59e78b495591f5f604251951999571c4fbcc869df757354a9f9f774535e08e4fe6b2464
SSDEEP

3072:jNFE6/3xiIz9tlusI4ABfcB1voY184ajQK+v9zCVk3/:ztTBctC7fm4+sv9zC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aea0d5b9f776fac31cded233c0d7adae_JaffaCakes118

Files

aea0d5b9f776fac31cded233c0d7adae_JaffaCakes118
.dll windows:4 windows x86 arch:x86

01b7e22778d9dfe2b478c61fe647be46

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_WDM_DRIVER

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ExitProcess
GetFileType
FindFirstFileW
lstrcpynA
LoadLibraryA
ZombifyActCtx
OutputDebugStringA
VirtualAlloc
GetNumberFormatW
LocalFileTimeToFileTime
SetConsoleMode
GetLocaleInfoW
GetModuleHandleA
WriteTapemark
GlobalFree
GetLocaleInfoA
lstrlenW
SetHandleCount
GetFullPathNameW
SetErrorMode
GetProcAddress
VirtualProtect
GlobalReAlloc
LockResource
VirtualFree
GetCommandLineW
ExitThread
TlsAlloc
GetExitCodeProcess
GetSystemTime

msvcrt

wcsncat
towupper
_wcsicmp
__setusermatherr
memcpy
_c_exit
wcstok
sprintf
_except_handler3
fclose
swscanf
wcschr
__p__commode
printf
_ftol
_acmdln
__CxxFrameHandler
_cexit
_vsnwprintf
__p__fmode
_exit
strchr
_iob
exit
isxdigit

gdi32

SaveDC
SetMapMode
RestoreDC
CreateCompatibleBitmap
SetBkMode
BitBlt
ExtTextOutW
TextOutW
MoveToEx
GetObjectW
GetRegionData
CreateFontIndirectA
Rectangle
SetTextColor
SetPixel
CreateRoundRectRgn
TranslateCharsetInfo
GetDeviceCaps
CreatePen

user32

SetProcessWindowStation
CloseClipboard
MapWindowPoints
IsClipboardFormatAvailable
DefWindowProcA
RegisterClassA
LoadCursorW
SetRect
DefDlgProcW
DrawFocusRect
SetWindowLongA
GetMenu
TranslateMessage
GetAsyncKeyState
SetWindowPos
GetSystemMenu
LoadStringA
EqualRect
GetKeyState
RegisterClipboardFormatW
RegisterClassExW
GetWindow
PostThreadMessageW
SendDlgItemMessageW
SetCapture
LoadIconA
GetMessageA

tapi32

lineAddProvider
lineGetAddressCaps
lineSetupTransferA
lineSetupConferenceA
lineGetAgentActivityListW

Exports

Exports

FfdYpvvdxuJgkqeuxJfqxQx
DrrOzvb
StquAiehPztqgumUg

Sections

.text
Size: 22KB - Virtual size: 21KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 45KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 126B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

01b7e22778d9dfe2b478c61fe647be46

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

gdi32

user32

tapi32

Exports

Exports

Sections

.text Size: 22KB - Virtual size: 21KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 25KB - Virtual size: 24KB

.CRT Size: 32KB - Virtual size: 31KB

.rsrc Size: 45KB - Virtual size: 44KB

.reloc Size: 512B - Virtual size: 126B

.text
Size: 22KB - Virtual size: 21KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 25KB - Virtual size: 24KB

.CRT
Size: 32KB - Virtual size: 31KB

.rsrc
Size: 45KB - Virtual size: 44KB

.reloc
Size: 512B - Virtual size: 126B