aec8a9d082a1c04863016e6255b0c69e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

aec8a9d082a1c04863016e6255b0c69e_JaffaCakes118
Size

228KB
MD5

aec8a9d082a1c04863016e6255b0c69e
SHA1

880d7d16400f829d11b30bb902397090205d8828
SHA256

ca98a2da07e405342eee52557d901f9dee1b7a4ad2c7c0375a8cc8369800306e
SHA512

d0059e778b34062a6a3e7a938326f64318a72943cd1fc8eeae1214dc4d90166cd3de1191c7dc2b51e30b886dc018a9158937221e46126b30fe17f94cdbf3907f
SSDEEP

6144:gbHCf6b4xvgh6DGjupseAtmkR/RzJpXyvim:gbif6bWvHqjupse+mARfyz

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aec8a9d082a1c04863016e6255b0c69e_JaffaCakes118

Files

aec8a9d082a1c04863016e6255b0c69e_JaffaCakes118
.dll windows:4 windows x86 arch:x86

ff0aae2aad9d410952c4f5b1db3f6daa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
EnterCriticalSection
ExitProcess
FileTimeToLocalFileTime
FindFirstFileA
FreeEnvironmentStringsW
FreeLibrary
GetCommandLineA
GetCurrentProcessId
GetDateFormatA
GetDriveTypeA
GetEnvironmentVariableA
GetExitCodeThread
GetFileType
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetPriorityClass
GetTickCount
GetTimeFormatA
GetVersionExA
GlobalReAlloc
HeapAlloc
HeapCreate
InterlockedExchange
InterlockedIncrement
LCMapStringA
MulDiv
OpenProcess
SetFilePointer
TlsSetValue
VirtualFree
WideCharToMultiByte
lstrcmpiA
lstrcpynA

advapi32

AccessCheck
BackupEventLogW
BuildImpersonateTrusteeW
CopySid
CryptSignHashA
EqualPrefixSid
GetWindowsAccountDomainSid
LogonUserW
LsaClose
LsaQuerySecurityObject
LsaRemovePrivilegesFromAccount
RegQueryMultipleValuesA
RegSetKeySecurity
RegisterEventSourceA

user32

ScrollWindowEx
ReleaseDC
LoadStringA
IsZoomed
SetScrollInfo
LoadImageA
IsIconic
IsDlgButtonChecked
GetSubMenu
DrawIconEx
DialogBoxParamA
DestroyWindow
DeferWindowPos
CloseClipboard
SetWindowTextA
CheckRadioButton

ole32

CoRegisterMessageFilter
CoCreateInstance
IsEqualGUID

ddraw

GetDDSurfaceLocal
DirectDrawEnumerateW
DirectDrawEnumerateExW
DirectDrawEnumerateExA
DirectDrawEnumerateA
DirectDrawCreateClipper
DSoundHelp
DDInternalLock
GetSurfaceFromDC

Exports

Exports

UnregisterDriveChangeCallback

Sections

.text
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ff0aae2aad9d410952c4f5b1db3f6daa

Headers

File Characteristics

Imports

kernel32

advapi32

user32

ole32

ddraw

Exports

Exports

Sections

.text Size: 120KB - Virtual size: 120KB

.data Size: 92KB - Virtual size: 160KB

.rsrc Size: 8KB - Virtual size: 8KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 120KB - Virtual size: 120KB

.data
Size: 92KB - Virtual size: 160KB

.rsrc
Size: 8KB - Virtual size: 8KB

.reloc
Size: 4KB - Virtual size: 4KB