b167464d7f01c71b96f7fcf9b6a93a4b_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b167464d7f01c71b96f7fcf9b6a93a4b_JaffaCakes118
Size

416KB
MD5

b167464d7f01c71b96f7fcf9b6a93a4b
SHA1

3c46960d299d1fa710659081614096acee813301
SHA256

b7f96f1c01da2df6d7e3aca21c14d8b47e7b7210b87f6123649dcd8d9e45aa50
SHA512

b92e3b4d758aa8307f2fb1fbcbfb332f6116f773f163eec394c94658da73f2054740c9fa07aa9dbb78b91d8aae21140850879fba70838e80266ba049c7bcc493
SSDEEP

12288:r5X6k9NAUITi7ulXDAYa2e9hTKnjXHDOENjhU:L7ulXDxa2shTOjXDNjhU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b167464d7f01c71b96f7fcf9b6a93a4b_JaffaCakes118

Files

b167464d7f01c71b96f7fcf9b6a93a4b_JaffaCakes118
.dll windows:4 windows x86 arch:x86

5521ab405f15b01fa461c4bd9a388c8a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

EnterCriticalSection
GetCurrentThreadId
GetModuleHandleA
GetModuleFileNameA
LeaveCriticalSection
lstrlenA
MultiByteToWideChar
InitializeCriticalSection
HeapDestroy
DeleteCriticalSection
lstrlenW
WideCharToMultiByte
SetCurrentDirectoryA
GetFileAttributesA
GetCurrentDirectoryA
RtlUnwind
LCMapStringA
FileTimeToLocalFileTime
GetVersionExA
GetCommandLineA
EnumSystemLocalesA
IsValidCodePage
SetEnvironmentVariableA
SetEndOfFile
CreateFileA
LoadLibraryA
ReadFile
SetStdHandle
IsBadCodePtr
IsBadWritePtr
IsBadReadPtr
GetTimeZoneInformation
GetStringTypeW
GetStringTypeA
LCMapStringW
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
GetStdHandle
SetHandleCount
GetProcAddress
GetOEMCP
GetACP
HeapSize
GetCurrentProcess
TerminateProcess
Sleep
InterlockedExchange
InterlockedDecrement
InterlockedIncrement
DeleteFileA
RaiseException
HeapFree
GetLastError
FindFirstFileA
FindNextFileA
FileTimeToSystemTime
IsValidLocale
GetUserDefaultLCID
GetVersion
HeapAlloc
HeapReAlloc
ExitProcess
VirtualAlloc
SetLastError
TlsFree
CompareStringA
CompareStringW
GetCPInfo
GetLocaleInfoA
GetLocaleInfoW
TlsSetValue
TlsAlloc
HeapCreate
VirtualFree
TlsGetValue
CloseHandle
WriteFile
SetFilePointer
FlushFileBuffers
SetUnhandledExceptionFilter

advapi32

RegOpenKeyExA
RegCloseKey
RegQueryValueExA

oleaut32

SysAllocString
SysFreeString

Exports

Exports

ActualizeNews
DllMain

Sections

.text
Size: 256KB - Virtual size: 255KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 23KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 99KB - Virtual size: 98KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5521ab405f15b01fa461c4bd9a388c8a

Headers

File Characteristics

Imports

kernel32

advapi32

oleaut32

Exports

Exports

Sections

.text Size: 256KB - Virtual size: 255KB

.rdata Size: 23KB - Virtual size: 23KB

.data Size: 17KB - Virtual size: 23KB

.idata Size: 2KB - Virtual size: 2KB

.rsrc Size: 99KB - Virtual size: 98KB

.reloc Size: 16KB - Virtual size: 16KB

.text
Size: 256KB - Virtual size: 255KB

.rdata
Size: 23KB - Virtual size: 23KB

.data
Size: 17KB - Virtual size: 23KB

.idata
Size: 2KB - Virtual size: 2KB

.rsrc
Size: 99KB - Virtual size: 98KB

.reloc
Size: 16KB - Virtual size: 16KB