b1bd94bc1fc33fae21176d28f2a750f6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b1bd94bc1fc33fae21176d28f2a750f6_JaffaCakes118
Size

124KB
MD5

b1bd94bc1fc33fae21176d28f2a750f6
SHA1

f9df3a4739d161bd5d9515c481b34cd59f332194
SHA256

6d7451aa703843902be6eaefa5adef69269af5bd389ebe780d1629bee249fde5
SHA512

1654b60d6d0785bfe83f3e414d491f7901c6ad752f5f9f68b9c7297deda4a392170bbbbf379e7daa669ed6964eaf6f5cadcfaa284b9d66345b81f62baca92c79
SSDEEP

1536:wYSCPpoo20rrKlO47LgxZGeFkkuApTDqaa0qQc84l0dTFzpvWEDQte7byik:w6Pppb4n6ZGbaTD00dc84yTFME8iWH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b1bd94bc1fc33fae21176d28f2a750f6_JaffaCakes118

Files

b1bd94bc1fc33fae21176d28f2a750f6_JaffaCakes118
.dll windows:4 windows x86 arch:x86

d765b0c58bd7209619a7672cdf726a40

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CopyFileA
CreateDirectoryA
SetLastError
GetModuleHandleA
CreateProcessA
WaitForSingleObject
MapViewOfFile
ExitProcess
CreateEventA
lstrlenW
EnterCriticalSection
GetComputerNameA
Sleep
CreateFileA
CreateFileMappingA
GetCurrentProcessId
GetVolumeInformationA
HeapAlloc
LeaveCriticalSection
GetLastError
GetTickCount
WriteFile
InterlockedDecrement
LoadLibraryA
GetCommandLineA
OpenEventA
UnmapViewOfFile
HeapFree
LocalFree
GetProcessHeap
InterlockedIncrement
ReleaseMutex
GetProcAddress
CloseHandle
GetModuleFileNameA
CreateMutexA
lstrlenA
InterlockedCompareExchange

ole32

CoCreateGuid
CoTaskMemAlloc
CoUninitialize
OleSetContainedObject
CoInitialize
CreateBindCtx
OleCreate

user32

GetSystemMetrics
CreateWindowExA
SetWindowsHookExA
SetTimer
DefWindowProcA
PostMessageA
PostQuitMessage
TranslateMessage
GetParent
UnhookWindowsHookEx
KillTimer
GetWindowLongA
DestroyWindow
SendMessageA
GetClassNameA
FindWindowA
SetWindowLongA
RegisterWindowMessageA
GetWindowThreadProcessId
DispatchMessageA
GetMessageA

oleaut32

SysAllocStringLen
SysFreeString
SysAllocString

shlwapi

StrStrIW
UrlUnescapeW

advapi32

GetUserNameA
RegSetValueExA
RegDeleteValueA
RegCloseKey
RegCreateKeyExA
RegQueryValueExA
RegOpenKeyExA

shell32

SHGetFolderPathA

Exports

Exports

rasCommonclass

Sections

.text
Size: 104KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d765b0c58bd7209619a7672cdf726a40

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

shlwapi

advapi32

shell32

Exports

Exports

Sections

.text Size: 104KB - Virtual size: 102KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 8KB - Virtual size: 7KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 104KB - Virtual size: 102KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 8KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 2KB