c06bfec7b6d650fbd6b5ea0042f54c08_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

c06bfec7b6d650fbd6b5ea0042f54c08_JaffaCakes118
Size

1.1MB
MD5

c06bfec7b6d650fbd6b5ea0042f54c08
SHA1

1ba17574963b9388962f589618a707064242b3f5
SHA256

493b4986a60eecf17506ab9ef0df1d29de8d17c93a5768f649f41e6037a07826
SHA512

697ea6c1a9addf684a8226b0a40500994468941add1821126f7bac624cc0812a6dc8c455aaf0b090a36ab09147d68265a5cbed4cc37a5b00a2fb6ecb9d3ba3d1
SSDEEP

12288:2TbWfJk0Zqz4EzwkVxNDmKdWaWzCXKOgJARzznnfXHBDzg8zn815ATjB9OwZu3SR:cWfJk0E4VkNmeWaWTAFH2eTjy72

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c06bfec7b6d650fbd6b5ea0042f54c08_JaffaCakes118

Files

c06bfec7b6d650fbd6b5ea0042f54c08_JaffaCakes118
.dll windows:6 windows x86 arch:x86

e0fff2d8f27aa43d9f49d3caa076f11f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessHeap
InitializeCriticalSectionEx
DeleteCriticalSection
GetCurrentProcess
VirtualProtect
ReadProcessMemory
WriteProcessMemory
MultiByteToWideChar
Sleep
CreateThread
CloseHandle
OpenProcess
CreateToolhelp32Snapshot
Process32First
Process32Next
TerminateProcess
GetModuleHandleA
GetProcAddress
SetEndOfFile
GetTimeZoneInformation
HeapSize
ReadConsoleW
SetStdHandle
GetStringTypeW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
VirtualQuery
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetModuleFileNameA
HeapQueryInformation
SetFilePointerEx
ReadFile
GetConsoleMode
HeapFree
HeapReAlloc
HeapAlloc
HeapDestroy
GetLastError
RaiseException
CreateFileW
DecodePointer
GetConsoleCP
FlushFileBuffers
IsDebuggerPresent
OutputDebugStringW
EnterCriticalSection
LeaveCriticalSection
EncodePointer
GetModuleFileNameW
GetModuleHandleExW
RtlUnwind
ExitProcess
AreFileApisANSI
WideCharToMultiByte
IsProcessorFeaturePresent
HeapValidate
GetSystemInfo
GetCommandLineA
GetCurrentThreadId
FatalAppExitA
SetConsoleCtrlHandler
WaitForSingleObjectEx
LoadLibraryExW
GetStdHandle
GetFileType
WriteFile
OutputDebugStringA
WriteConsoleW
SetLastError
GetCurrentThread
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InitializeCriticalSectionAndSpinCount
CreateEventW
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetTickCount
GetModuleHandleW
CreateSemaphoreW
FreeLibrary
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
SetEnvironmentVariableA

user32

GetAsyncKeyState
LoadImageA
LoadCursorA
SetWindowLongA
GetWindowLongA
GetClientRect
EndPaint
BeginPaint
UpdateWindow
GetSystemMetrics
ShowWindow
CreateWindowExA
RegisterClassExA
DefWindowProcA
DispatchMessageA
TranslateMessage
GetMessageA
FindWindowA
WindowFromPoint
GetWindowTextA
FindWindowExA
MessageBoxA
UnregisterClassA
DestroyWindow

gdi32

SelectObject
GetStockObject
DeleteObject
DeleteDC
CreateCompatibleDC
BitBlt
GetObjectA

shell32

ShellExecuteA

Exports

Exports

ShaiyaDestek

Sections

.text
Size: 910KB - Virtual size: 910KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 162KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.reloc
Size: 33KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 512B - Virtual size: 469B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e0fff2d8f27aa43d9f49d3caa076f11f

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

Exports

Exports

Sections

.text Size: 910KB - Virtual size: 910KB

.rdata Size: 162KB - Virtual size: 162KB

.data Size: 17KB - Virtual size: 36KB

.idata Size: 4KB - Virtual size: 4KB

.vmp0 Size: 4KB - Virtual size: 3KB

.reloc Size: 33KB - Virtual size: 33KB

.rsrc Size: 512B - Virtual size: 469B

.text
Size: 910KB - Virtual size: 910KB

.rdata
Size: 162KB - Virtual size: 162KB

.data
Size: 17KB - Virtual size: 36KB

.idata
Size: 4KB - Virtual size: 4KB

.vmp0
Size: 4KB - Virtual size: 3KB

.reloc
Size: 33KB - Virtual size: 33KB

.rsrc
Size: 512B - Virtual size: 469B