b97cdd255d5361689926fead8164c075_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b97cdd255d5361689926fead8164c075_JaffaCakes118
Size

224KB
MD5

b97cdd255d5361689926fead8164c075
SHA1

fe7bac7d753b06e09ae7876efda69b268fd855e4
SHA256

1534267f9b86f0436ac1276d5dd292c3237fdf2199c0cd8eb637fe6ca7f968a7
SHA512

18514dca39653f7c0345c7b6b6d0ebee738835c6cebaa92f931aac8a4d42388c88587a18415923838b8c1d3c1086f448bf415e48cbda4ff9786bbff142826d48
SSDEEP

6144:V9xcRpDXRCDMYJRhMsw6SGYNvBd3vrneD8:Vi5QDMYtw6SGY35vrneD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b97cdd255d5361689926fead8164c075_JaffaCakes118

Files

b97cdd255d5361689926fead8164c075_JaffaCakes118
.dll windows:4 windows x86 arch:x86

ff0aae2aad9d410952c4f5b1db3f6daa

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
EnterCriticalSection
ExitProcess
FileTimeToLocalFileTime
FindFirstFileA
FreeEnvironmentStringsW
FreeLibrary
GetCommandLineA
GetCurrentProcessId
GetDateFormatA
GetDriveTypeA
GetEnvironmentVariableA
GetExitCodeThread
GetFileType
GetLastError
GetModuleFileNameA
GetModuleHandleA
GetPriorityClass
GetTickCount
GetTimeFormatA
GetVersionExA
GlobalReAlloc
HeapAlloc
HeapCreate
InterlockedExchange
InterlockedIncrement
LCMapStringA
MulDiv
OpenProcess
SetFilePointer
TlsSetValue
VirtualFree
WideCharToMultiByte
lstrcmpiA
lstrcpynA

advapi32

AccessCheck
BackupEventLogW
BuildImpersonateTrusteeW
CopySid
CryptSignHashA
EqualPrefixSid
GetWindowsAccountDomainSid
LogonUserW
LsaClose
LsaQuerySecurityObject
LsaRemovePrivilegesFromAccount
RegQueryMultipleValuesA
RegSetKeySecurity
RegisterEventSourceA

user32

ScrollWindowEx
ReleaseDC
LoadStringA
IsZoomed
SetScrollInfo
LoadImageA
IsIconic
IsDlgButtonChecked
GetSubMenu
DrawIconEx
DialogBoxParamA
DestroyWindow
DeferWindowPos
CloseClipboard
SetWindowTextA
CheckRadioButton

ole32

CoRegisterMessageFilter
CoCreateInstance
IsEqualGUID

ddraw

GetDDSurfaceLocal
DirectDrawEnumerateW
DirectDrawEnumerateExW
DirectDrawEnumerateExA
DirectDrawEnumerateA
DirectDrawCreateClipper
DSoundHelp
DDInternalLock
GetSurfaceFromDC

Exports

Exports

GetObjectData

Sections

.text
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 92KB - Virtual size: 160KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ff0aae2aad9d410952c4f5b1db3f6daa

Headers

File Characteristics

Imports

kernel32

advapi32

user32

ole32

ddraw

Exports

Exports

Sections

.text Size: 120KB - Virtual size: 120KB

.data Size: 92KB - Virtual size: 160KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 120KB - Virtual size: 120KB

.data
Size: 92KB - Virtual size: 160KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 4KB