c065e664c4d39668502cbdf06f66b085_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c065e664c4d39668502cbdf06f66b085_JaffaCakes118
Size

84KB
MD5

c065e664c4d39668502cbdf06f66b085
SHA1

21bfe90fadf3d233e7bf9b86e879bf5bbd7d18b2
SHA256

359a11cef2f16e62a02e7bdcb019752b9ae292402048eef6fb535bb39b1c38c7
SHA512

07cb3dbab153ca777000c3d2221fc79e9ca93f695866e395dfbeac463467ad5f7f08060eb21dba7a05e1e6f26577421084a3dace740a2ce26cf2a56dbef43525
SSDEEP

1536:F0epmSHlAUjqJZtT7IV9r2zGaB2aZ/g/vQknvHSPz7X:FmSHl7jqbtT7IV9qzbB2ahsYmvHmH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c065e664c4d39668502cbdf06f66b085_JaffaCakes118

Files

c065e664c4d39668502cbdf06f66b085_JaffaCakes118
.dll windows:4 windows x86 arch:x86

061e3367b3ef7ba9d9cc3db26994e75d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

IsBadWritePtr
SetVolumeMountPointW
IsBadStringPtrW
BackupWrite
LocalUnlock
FormatMessageW
GetTempPathW
GetExitCodeProcess
InterlockedExchangeAdd
GetBinaryTypeW
GlobalReAlloc
GetEnvironmentVariableW
GetStdHandle
lstrcmpiW
PostQueuedCompletionStatus
GetFullPathNameW
HeapReAlloc
GetProcessVersion
SetHandleCount
EndUpdateResourceA
GetConsoleOutputCP
SetComputerNameA
DeleteTimerQueue
FileTimeToSystemTime
GetVolumePathNameW
BeginUpdateResourceA
GetStartupInfoW
GetFileAttributesExW
EscapeCommFunction
BackupRead
GetVolumePathNamesForVolumeNameW
PeekNamedPipe
WaitCommEvent
GetVolumeNameForVolumeMountPointW
DeviceIoControl
HeapUnlock
SetConsoleTitleA
ActivateActCtx
FillConsoleOutputAttribute
ReadConsoleW
ExpandEnvironmentStringsW
CreateNamedPipeW
GetDateFormatW
OpenFile
WriteProfileStringW
DeleteTimerQueueEx
OpenEventW
CreateEventW
GetAtomNameA
VerSetConditionMask
SetConsoleActiveScreenBuffer
FindFirstFileExW
GetAtomNameW
HeapCompact
AddAtomW
CreateIoCompletionPort
SleepEx
GetSystemWindowsDirectoryA
CreateTimerQueueTimer
CompareStringA
SearchPathA
GetProcessAffinityMask
SystemTimeToTzSpecificLocalTime
FindNextChangeNotification
ChangeTimerQueueTimer
GetQueuedCompletionStatus
GetProfileIntW
InterlockedCompareExchange
lstrlenA
GetModuleHandleA
HeapAlloc
LocalFree
CopyFileA
MapViewOfFile
InterlockedIncrement
WaitForSingleObject
GetProcessHeap
LoadLibraryA
CreateFileMappingA
CreateMutexA
GetTempFileNameA
GetProcAddress

ole32

OleSaveToStream
CoReleaseMarshalData
OleQueryCreateFromData
CoCreateInstance
OleUninitialize
CoMarshalInterThreadInterfaceInStream
OleInitialize
StgCreateDocfileOnILockBytes
CoImpersonateClient
CreateItemMoniker
GetHGlobalFromStream
OleGetAutoConvert
StgOpenStorageOnILockBytes
RevokeDragDrop
OleCreateLinkFromData
OleIsRunning
CoInitialize
CoUninitialize
CoTaskMemFree
CreateBindCtx

oleaut32

SysFreeString
SysAllocString

shlwapi

SHRegGetValueW
StrStrIA
StrFormatByteSizeW
SHCreateStreamOnFileW
PathSkipRootW
SHRegGetUSValueW
SHCreateShellPalette
PathCreateFromUrlW
SHRegSetPathW
SHDeleteKeyW
StrToIntExW
UrlUnescapeW
PathIsDirectoryA
wvnsprintfW
PathFindExtensionA
PathGetArgsW

gdi32

AbortPath
GetRandomRgn
EnumMetaFile
SetStretchBltMode
CombineRgn
GetBitmapBits
GetTextExtentPoint32W
SetRectRgn
ArcTo
CreateFontW
OffsetViewportOrgEx
GetPath
AddFontResourceW
PtVisible
SetPixel
ScaleWindowExtEx
ExtCreateRegion
GetTextExtentPointW
CloseFigure
GetNearestPaletteIndex
ExtFloodFill
CreateBitmap
GetMetaFileA
SetColorAdjustment
GetPolyFillMode
GetTextMetricsA
CreateDiscardableBitmap
CreateRectRgn
GetViewportExtEx
SetTextColor
DescribePixelFormat
BitBlt
ResetDCA
SetBrushOrgEx

Exports

Exports

rasMobileOffice

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

061e3367b3ef7ba9d9cc3db26994e75d

Headers

File Characteristics

Imports

kernel32

ole32

oleaut32

shlwapi

gdi32

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 59KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 8KB - Virtual size: 6KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 60KB - Virtual size: 59KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 6KB

.reloc
Size: 4KB - Virtual size: 2KB