ba4e95405fbe23954bcff255fec292d0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ba4e95405fbe23954bcff255fec292d0_JaffaCakes118
Size

93KB
MD5

ba4e95405fbe23954bcff255fec292d0
SHA1

2fc7e71bcd6c463e6b1c4531abdee06c92bf79e7
SHA256

dc09366f506a339d56e24278b3a28fd134b8d9903e63d35842e727e8658726ba
SHA512

6c0529a8aae2b6b46ca20d8fd3b56e3f13f6fad240455f0c9eaf6a7cb85d0668648382438e73b60c78f6c35a022d2b6aa4ea235fa2784690b8f3c6530f47aa4f
SSDEEP

1536:FMV7dNrMuCicEsaaJVFTWa2VMdbJdB/dC5MVGBpdnd9ojUBTioVdEJphbD4ICddP:KV7zrMJjaaJVFTWa2VMdbJdB/dC5MVGV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ba4e95405fbe23954bcff255fec292d0_JaffaCakes118

Files

ba4e95405fbe23954bcff255fec292d0_JaffaCakes118
.dll windows:4 windows x86 arch:x86

05557254b0d0a187626d13085ae13b32

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
VirtualProtect
GlobalFree
GetCommandLineA
HeapAlloc
GetProcessHeap
DeleteFileW
HeapFree
CreateFileW
FindResourceW
FindFirstFileW
FindNextFileW
FindClose
SizeofResource
LoadResource
LockResource
WriteFile
GetLastError
SetUnhandledExceptionFilter
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
WaitForSingleObject
CreateThread
GetProcAddress
LoadLibraryW
GetVersionExW
lstrlenA
FreeLibrary
WriteConsoleW
GetFileType
GetStdHandle
CloseHandle
EnterCriticalSection
LeaveCriticalSection
GetModuleHandleExW
LocalFree
GetModuleFileNameW
InterlockedCompareExchange
Sleep
InterlockedExchange
DisableThreadLibraryCalls
InterlockedIncrement
InterlockedDecrement
GetModuleHandleW
CreateActCtxW
ReleaseActCtx
ActivateActCtx

user32

RegisterDeviceNotificationW
GetSystemMetrics
CreateWindowExW
SetCursor
SetPropW
RemovePropW
SetWindowLongW
LoadStringW
PostMessageW
LoadImageW
DestroyIcon
RegisterClassExW

ole32

CoTaskMemFree
CoCreateInstance

msvcr71

fopen
__dllonexit
__CppXcptFilter
_adjust_fdiv
malloc
_initterm
free
_unlock
_vsnwprintf
printf
_wcsicmp
memset
fgets
wcschr
exit
_except_handler3
strstr
_vsnprintf
fprintf
_iob
_onexit
strncmp
_wfopen
fclose
memcpy

Sections

.text
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

05557254b0d0a187626d13085ae13b32

Headers

File Characteristics

Imports

kernel32

user32

ole32

msvcr71

Sections

.text Size: 44KB - Virtual size: 44KB

.rdata Size: 36KB - Virtual size: 36KB

.data Size: 4KB - Virtual size: 35KB

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 44KB - Virtual size: 44KB

.rdata
Size: 36KB - Virtual size: 36KB

.data
Size: 4KB - Virtual size: 35KB

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 3KB - Virtual size: 3KB