bdb4954545eb51885f13de2bd8c808ad_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bdb4954545eb51885f13de2bd8c808ad_JaffaCakes118
Size

92KB
MD5

bdb4954545eb51885f13de2bd8c808ad
SHA1

40d01a4c342eaf6a6b9f4ad58ea879dccc0beacb
SHA256

e57f47fc88343c8fc0493d704a1d7db659a408718482253a8e7c984dbbed965c
SHA512

c1d2decf6ca17aa263940d0f2fed4d8e0abc292472a7fe373fcfdfe9f38a4a1a047dd0a887dd445201d2fb8bbe60cbbb06d1ed470182cb995c81249a72406a2f
SSDEEP

1536:K9wDFK2ervA1qcG5NbTZ7kcwuhj8y1yR9ZFCnVEAK8Qw62b7t6UxL3JgrcCN:jDt241qpzbF7kcwun14qVfQ8bkU/g4e

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bdb4954545eb51885f13de2bd8c808ad_JaffaCakes118

Files

bdb4954545eb51885f13de2bd8c808ad_JaffaCakes118
.dll windows:4 windows x86 arch:x86

c9f6f7f821053123fa740edde1f9b741

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

TerminateProcess
GetCurrentProcess
Sleep
SetUnhandledExceptionFilter
SetLastError
CreateEventW
FreeLibrary
lstrcmpW
SetEvent
WaitForSingleObject
GetOverlappedResult
CancelIo
ReadFile
UnhandledExceptionFilter
RaiseException
GetProcAddress
GetSystemTimeAsFileTime
ExpandEnvironmentStringsW
FindClose
FindNextFileW
FindFirstFileW
HeapAlloc
lstrcatW
lstrlenW
lstrcpyW
OpenEventW
GetVolumeNameForVolumeMountPointW
GetFileAttributesW
SetFileAttributesW
RemoveDirectoryW
DeleteFileW
LoadLibraryExW
ResetEvent
WriteFile
GetCurrentProcessId
QueryPerformanceCounter
GetCurrentThreadId
InitializeCriticalSection
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
lstrcpynW
lstrcmpiW
CreateFileW
CreateFileA
VirtualProtect
lstrcmpiA
GetVersionExA
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
HeapDestroy
CloseHandle
EnterCriticalSection
LeaveCriticalSection
WideCharToMultiByte
MultiByteToWideChar
GetLastError
GetProcessHeap
HeapFree
DisableThreadLibraryCalls
GetTickCount
GetCommandLineA
LoadLibraryW

user32

wsprintfW
LoadStringW
GetSystemMetrics
CreateWindowExA
CallWindowProcW
SetFocus
DestroyWindow
CharNextW
ShowWindow

advapi32

RegDeleteValueW
RegOpenKeyExW
ChangeServiceConfigW
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
SetFileSecurityW
FreeSid
RegOpenKeyW
AllocateAndInitializeSid
CheckTokenMembership
RegQueryValueExA
RegOpenKeyExA
OpenSCManagerW
OpenServiceW
StartServiceW
QueryServiceStatus
CloseServiceHandle
RegQueryValueExW
RegSetValueExW
RegCloseKey
RegDeleteKeyA

gdi32

CreateDCA
LPtoDP
SetMapMode
SetViewportOrgEx
DeleteDC
SaveDC
SetWindowOrgEx
RestoreDC
GetDeviceCaps
CreateDCW

ole32

OleRun
CreateBindCtx
CreateStreamOnHGlobal
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
CoCreateInstance

rpcrt4

NdrClientCall2
RpcStringFreeW
RpcBindingFromStringBindingW
RpcStringBindingComposeW
RpcBindingFree

msvcrt

_wtol
memcpy
_CxxThrowException
_callnewh
ldiv
memset
_wcsicmp
wcsncmp
_initterm
_adjust_fdiv
??3@YAXPAX@Z
__CxxFrameHandler
_except_handler3
_wcsnicmp
wcschr
wcscmp
malloc
wcslen
wcsncpy
free
realloc

msvcp60

?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??Ostd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??Mstd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z

Sections

.text
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c9f6f7f821053123fa740edde1f9b741

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

ole32

rpcrt4

msvcrt

msvcp60

Sections

.text Size: 47KB - Virtual size: 47KB

.rdata Size: 38KB - Virtual size: 37KB

.data Size: 1KB - Virtual size: 34KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 47KB - Virtual size: 47KB

.rdata
Size: 38KB - Virtual size: 37KB

.data
Size: 1KB - Virtual size: 34KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 3KB - Virtual size: 2KB