c04c7e0afefcd9dbd8b8a4e7a3cbf83e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c04c7e0afefcd9dbd8b8a4e7a3cbf83e_JaffaCakes118
Size

80KB
MD5

c04c7e0afefcd9dbd8b8a4e7a3cbf83e
SHA1

882beafc08d01c445d4400258203ebf5cb557cd3
SHA256

a22b2665a24ae4e9d60c2ab74e32ad659e21fcd3e22cdfafbbd499cb3c2d50b5
SHA512

c9c763db399c5668cb2267d9dbc2871c0de5a77a5d8fd1f868ad1744dea1930e6a31ec4eca8a0f511820e7781af74523aede2fdb1e39d72f32634b651b8a3386
SSDEEP

768:n3Hv2UZyVAoXfPJEjvmvx0F7W6dna2kg4UuUh/D96PwcGOuM5SG6Aui9aygig7na:OUiJREDk0FSaPuEr96PD5S5xR9ZmVyX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c04c7e0afefcd9dbd8b8a4e7a3cbf83e_JaffaCakes118

Files

c04c7e0afefcd9dbd8b8a4e7a3cbf83e_JaffaCakes118
.dll windows:4 windows x86 arch:x86

474ff1bdaf7622063a5ed64810261ce0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetConsoleCtrlHandler
HeapLock
GlobalMemoryStatusEx
GetLargestConsoleWindowSize
GetCommandLineA
DeleteFileW
AreFileApisANSI
CallNamedPipeA
FindAtomW
CreateFileA
GetConsoleScreenBufferInfo
ReadConsoleA
OpenFileMappingW
FindVolumeClose
GetAtomNameA
ReleaseSemaphore
GetThreadTimes
GetEnvironmentVariableA
lstrcpynW
SetConsoleActiveScreenBuffer
SetVolumeLabelW
FindClose
LocalAlloc
CreateWaitableTimerA
GetThreadLocale
GetNumberFormatW
RemoveDirectoryW
GetTempFileNameA
VerifyVersionInfoW
RegisterWaitForSingleObject
FindResourceExA
FindNextFileW
SetEvent
IsWow64Process
HeapValidate
RegisterWaitForSingleObjectEx
SetComputerNameExW
LockFileEx
GetVersionExA
GetTimeFormatW
lstrcpynA
GetStdHandle
GetProfileSectionA
CreateFileW
CreateNamedPipeA
ChangeTimerQueueTimer
GetCommandLineW
GetTapeParameters
SetConsoleWindowInfo
GlobalDeleteAtom
GetEnvironmentStrings
SetComputerNameA
GetProfileIntA
HeapWalk
GetDiskFreeSpaceExW
QueryPerformanceFrequency
WriteConsoleA
CreateIoCompletionPort
CompareStringA
UnregisterWaitEx
MoveFileW
GetStartupInfoW
GetFullPathNameA
FlushFileBuffers
ResumeThread
DisconnectNamedPipe
SetEnvironmentVariableW
GetFileSize
SetFileApisToOEM
GlobalAddAtomA
FindFirstVolumeW
SetLocalTime
LocalUnlock
ExitProcess
WaitForSingleObjectEx
IsBadWritePtr
GetFileType
FindNextFileA
PeekConsoleInputW
SetConsoleMode
InterlockedDecrement
FileTimeToDosDateTime
CopyFileW
GlobalFree
CopyFileExW
ReadConsoleInputW
GetVersion
GetBinaryTypeA
SetFilePointerEx
IsBadReadPtr
OpenThread
GetCompressedFileSizeW
GetModuleHandleW
CreateMailslotW
LocalFree
ProcessIdToSessionId
FindVolumeMountPointClose
GlobalAddAtomW
OpenSemaphoreW
WriteProfileStringA
LockResource
VirtualAllocEx
AddAtomW
GlobalFlags
IsBadHugeReadPtr
DeleteTimerQueueEx
GetConsoleOutputCP
SizeofResource
FindNextVolumeW
VerSetConditionMask
CreateSemaphoreA
SwitchToThread
GetShortPathNameW
HeapCompact
EnumResourceLanguagesA
CreateEventW
FindResourceExW
GetVersionExW
LocalLock
ReadFile
GlobalFindAtomA
GetVolumeInformationW
GetProcessHeap
CreateFileMappingA
CreateProcessA
lstrcpyW
CreateMutexA
UnmapViewOfFile
HeapFree
GetLastError
WaitForSingleObject
VirtualQuery
lstrlenA
ReleaseMutex
VirtualProtect
GetModuleHandleA
GetProcAddress
CloseHandle
MoveFileExA
CreateDirectoryA
lstrlenW
LoadLibraryA
lstrcatW
HeapAlloc
GetModuleFileNameA
VerLanguageNameW
LeaveCriticalSection

user32

GetComboBoxInfo
SetWindowPos
FindWindowExW
GetMenuItemID
ShowWindow
DestroyAcceleratorTable
DrawTextExW
IsIconic
GetMenuState
InvalidateRgn
GetKeyNameTextA
SystemParametersInfoW
GetScrollRange
GetQueueStatus
GetUpdateRgn
BeginDeferWindowPos
HideCaret
SetPropW
IntersectRect
CharNextA
SetWindowContextHelpId
InsertMenuItemW
ChangeMenuA
GetMenuDefaultItem
CharLowerW
MessageBoxA
ChildWindowFromPointEx
GetCaretPos
GetDlgCtrlID
DrawStateA
SetClassLongW
DrawTextA
SetFocus
GetSystemMenu
IsCharAlphaNumericA
CharNextExA
DefMDIChildProcA
WaitMessage
IsZoomed
CharToOemA
IsRectEmpty
SwitchToThisWindow
GetTopWindow
TrackMouseEvent
LoadImageA
ScrollWindow
wvsprintfW
PostQuitMessage
DrawFocusRect
GetSubMenu
CheckDlgButton
GetWindowInfo
MonitorFromPoint
UnionRect
SetForegroundWindow
ScrollWindowEx
WinHelpW
AppendMenuA
DestroyCaret
UpdateLayeredWindow
GetDlgItem
CloseWindowStation
GetGUIThreadInfo
SetWindowPlacement
CreateAcceleratorTableA
InsertMenuA
RegisterHotKey
LoadCursorW
GetClassNameA
SetWindowRgn
DrawTextW
GrayStringA
CreateWindowExW
VkKeyScanW
RedrawWindow
EndDialog
GetMessageExtraInfo
GetLastActivePopup
CallMsgFilterW
TrackPopupMenuEx
FindWindowExA
SetScrollRange
InternalGetWindowText
SetProcessDefaultLayout
AllowSetForegroundWindow
ExitWindowsEx
OpenInputDesktop
PackDDElParam
InvalidateRect
GetInputState
MessageBoxIndirectW
LoadIconA
CreateDialogParamA
CharToOemBuffA
CharNextW
WindowFromPoint
GetClassLongA
SetPropA
GetWindowThreadProcessId
SetThreadDesktop
SetDlgItemTextW
GetProcessDefaultLayout
ShowWindowAsync
CreateIcon
CallWindowProcA
GetSystemMetrics
GetProcessWindowStation
MonitorFromRect
DeleteMenu
FindWindowA
GetShellWindow
GetCursor
BeginPaint
GetWindowRect
SendNotifyMessageW
GetClassInfoW
IsWindowVisible
LoadBitmapW
WindowFromDC
SendMessageTimeoutA
IsMenu
ModifyMenuW
GetMenuStringW
MessageBoxIndirectA
GetMessagePos
SetTimer
KillTimer
DispatchMessageA
SetWindowsHookExA
UnhookWindowsHookEx
AdjustWindowRect

advapi32

RegQueryValueExA
ImpersonateSelf
RegDeleteValueW
DeregisterEventSource
CreateProcessWithLogonW
GetInheritanceSourceW
GetEffectiveRightsFromAclW
ImpersonateNamedPipeClient
RegOpenKeyA
RegCreateKeyExW
EnumDependentServicesW
CloseServiceHandle
SetThreadToken
RegOpenKeyW
OpenProcessToken
RegDeleteKeyW
RegisterServiceCtrlHandlerExA
MakeAbsoluteSD
QueryServiceLockStatusA
ChangeServiceConfigA
OpenEventLogA
RegQueryInfoKeyA
RegCreateKeyExA
ControlService
ReportEventA
RegLoadKeyW
RegOpenKeyExA
RegDeleteValueA
RegCloseKey
LockServiceDatabase

shell32

SHGetFolderPathA
SHGetSpecialFolderPathW
SHPathPrepareForWriteW
ShellExecuteExA
ExtractIconExA
ExtractIconW
SHGetSpecialFolderPathA
SHOpenFolderAndSelectItems
SHSetLocalizedName
SHAppBarMessage
DragQueryFileW
SHGetFileInfoA
DragFinish
ShellExecuteA
SHFileOperationA

Exports

Exports

DllInit
DllInstall

Sections

.text
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

474ff1bdaf7622063a5ed64810261ce0

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

Exports

Exports

Sections

.text Size: 56KB - Virtual size: 52KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 56KB - Virtual size: 52KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 2KB