b4509ff7c7815fe3263f1420eaebbe0c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b4509ff7c7815fe3263f1420eaebbe0c_JaffaCakes118
Size

80KB
MD5

b4509ff7c7815fe3263f1420eaebbe0c
SHA1

e33f8e636c586cccf891c0d6767f1ba8c5fc9778
SHA256

7692f70e0d2f6f4480f699cae98990633eb0b0448d924da735242c73683922a1
SHA512

44afebc082baeffe89688d85cd642b2dd4af96d1bdd8618e24eb6c5ad3f51e075aef89146ca77fef326d2bcd5b724057a21dbf319312f82d6963eb5d7e3a9967
SSDEEP

1536:6MfbTECpy/kFh9MbPBw4OjQ8h4zHLD/q8ekJNoaFH4WA:6MfdtMbPtwQHLG8RJJH4W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b4509ff7c7815fe3263f1420eaebbe0c_JaffaCakes118

Files

b4509ff7c7815fe3263f1420eaebbe0c_JaffaCakes118
.dll windows:4 windows x86 arch:x86

7b1fd804b93194e534fc59e43c73f726

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ReadConsoleInputA
DeleteTimerQueueTimer
GetSystemPowerStatus
GetCurrentDirectoryW
QueryPerformanceFrequency
SetNamedPipeHandleState
SetConsoleActiveScreenBuffer
CallNamedPipeA
ProcessIdToSessionId
CreateDirectoryW
GetExitCodeThread
PulseEvent
LocalFree
ReadConsoleW
SearchPathW
QueueUserAPC
FlushConsoleInputBuffer
FlushViewOfFile
SetDefaultCommConfigW
GetModuleHandleW
GetLocaleInfoW
OpenProcess
WriteProcessMemory
FindNextChangeNotification
GlobalMemoryStatusEx
ClearCommError
GetFileSize
MultiByteToWideChar
GetVolumePathNameW
CompareFileTime
GetVersion
SetStdHandle
UnlockFileEx
FindResourceExA
GetSystemDirectoryA
SetComputerNameA
HeapDestroy
GetUserDefaultUILanguage
PostQueuedCompletionStatus
WriteFileEx
WaitNamedPipeW
RtlUnwind
CreateFileMappingW
WriteProfileStringW
DeviceIoControl
GlobalFlags
IsBadReadPtr
ResetEvent
CancelWaitableTimer
HeapReAlloc
DosDateTimeToFileTime
GetTempPathW
GetSystemDirectoryW
CreateMailslotW
GlobalAddAtomW
GetFullPathNameA
GlobalGetAtomNameW
HeapSize
QueueUserWorkItem
SetProcessShutdownParameters
FindNextVolumeMountPointW
ExitThread
GetVersionExA
GetFileAttributesExW
GetDriveTypeA
ConnectNamedPipe
GetDefaultCommConfigW
GetTimeZoneInformation
FreeLibraryAndExitThread
CopyFileExW
GetSystemDefaultLangID
GetFileAttributesW
AreFileApisANSI
GetConsoleOutputCP
FlushFileBuffers
FindResourceW
LocalSize
FindVolumeClose
GetTimeFormatW
GetSystemDefaultUILanguage
FileTimeToSystemTime
LoadResource
MoveFileA
GetLogicalDrives
GetHandleInformation
LCMapStringA
HeapLock
ResumeThread
SystemTimeToFileTime
TerminateThread
HeapWalk
FindFirstChangeNotificationA
FindNextVolumeW
RtlMoveMemory
SetConsoleMode
ReadConsoleInputW
SetVolumeLabelW
SetVolumeLabelA
InterlockedCompareExchange
SetFilePointerEx
AddAtomA
CreateMutexA
UnmapViewOfFile
CreateThread
HeapFree
MoveFileExA
LeaveCriticalSection
InitializeCriticalSection
WaitForSingleObject
CreateProcessA
HeapAlloc
GetProcAddress
VirtualQuery
CopyFileA
ReleaseMutex
GetComputerNameA
lstrcpyW
LoadLibraryA
HeapValidate
InterlockedExchange
GetModuleFileNameA
SetHandleInformation
lstrlenW

advapi32

EnumServicesStatusExW
MakeSelfRelativeSD
RegDeleteKeyW
RegQueryValueExW
RegisterServiceCtrlHandlerA
ClearEventLogW
QueryServiceLockStatusA
GetNumberOfEventLogRecords
DuplicateToken
RegUnLoadKeyW
RegUnLoadKeyA
OpenServiceW
RegisterServiceCtrlHandlerW
RegOpenCurrentUser
StartServiceA
GetEffectiveRightsFromAclW
RegSetValueW
GetAclInformation
RegEnumValueA
CreateProcessAsUserW
RegSetValueExW
MakeAbsoluteSD
ReadEventLogW
MapGenericMask
ControlService
RegOpenKeyA
OpenServiceA
LockServiceDatabase
ReportEventW
CreateProcessWithLogonW
RegFlushKey
CreateServiceA
GetUserNameW
StartServiceW
RegSetValueA
ChangeServiceConfigA
StartServiceCtrlDispatcherW
RegQueryValueA
OpenProcessToken
RevertToSelf
RegQueryValueExA
RegDeleteValueA
RegOpenKeyExA
RegEnumKeyExW

Exports

Exports

DllInit
DllInstall

Sections

.text
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1016B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7b1fd804b93194e534fc59e43c73f726

Headers

File Characteristics

Imports

kernel32

advapi32

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 56KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 1016B

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 60KB - Virtual size: 56KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 1016B

.reloc
Size: 4KB - Virtual size: 1KB