c15a52bf2fc5e09e66e8c0187a345f24_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c15a52bf2fc5e09e66e8c0187a345f24_JaffaCakes118
Size

260KB
MD5

c15a52bf2fc5e09e66e8c0187a345f24
SHA1

7134c889c5da79609e155021029375e717be79ea
SHA256

5a566a9dc1d8a54ff072e6d0307215d4f04677929ba8c70cf730542d4ba0085f
SHA512

e92b59dd82a543cf0525636bdcfc457fbe0a644d4235a1a64d25003ee8e2518952c2fa15f25db26ea8f52d1bfb33f82da6172483de15bd1c49db790dea586734
SSDEEP

6144:wG+XvEn0aaUjxlHYCnQ1cBGyKUpNAChmlFkcRD0:D+f0dXQjUpNAtjlB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c15a52bf2fc5e09e66e8c0187a345f24_JaffaCakes118

Files

c15a52bf2fc5e09e66e8c0187a345f24_JaffaCakes118
.dll windows:4 windows x86 arch:x86

f897debca2ba07061efa3ad5cf8a8e5b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
GetOEMCP
GetPriorityClass
GetProcAddress
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeW
GetTickCount
GetVersion
GetVersionExA
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
InitializeCriticalSection
InterlockedDecrement
InterlockedIncrement
IsBadCodePtr
IsBadReadPtr
IsBadWritePtr
LCMapStringA
LCMapStringW
LeaveCriticalSection
GetModuleFileNameA
MapViewOfFile
MultiByteToWideChar
OpenFileMappingA
OpenProcess
RtlUnwind
SetHandleCount
SetLastError
SetPriorityClass
SetUnhandledExceptionFilter
Sleep
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnmapViewOfFile
VirtualAlloc
VirtualFree
WideCharToMultiByte
WriteFile
lstrcatA
lstrcmpA
lstrcpyA
lstrlenA
lstrlenW
GetLastError
GetFileType
GetFileAttributesA
GetEnvironmentVariableA
GetEnvironmentStringsW
GetEnvironmentStringsA
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GetCurrentDirectoryA
GetCommandLineA
GetCPInfo
GetACP
FreeEnvironmentStringsW
FreeEnvironmentStringsA
ExitProcess
DeleteCriticalSection
EnterCriticalSection
LoadLibraryA
CloseHandle

gdi32

SetWindowOrgEx
SelectObject
Polyline
LPtoDP
GetStockObject
GetPixel
GetObjectA
GetClipBox
DeleteObject
DeleteDC
DPtoLP
CreateSolidBrush
CreatePen
CreateCompatibleDC
CreateCompatibleBitmap
BitBlt
StretchBlt

ole32

CoTaskMemFree

comctl32

ImageList_ReplaceIcon

shell32

SHGetPathFromIDListA
SHGetDesktopFolder
SHGetMalloc

Exports

Exports

EnumAvValueRelease
EnumFileInItemRelease
EstimateTrackSize
GLUnmapBufferObjectAsync
GetFunctions_i
Memcpy2DToArray
MutexOperation
TextureFetch

Sections

.text
Size: 152KB - Virtual size: 152KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f897debca2ba07061efa3ad5cf8a8e5b

Headers

File Characteristics

Imports

kernel32

gdi32

ole32

comctl32

shell32

Exports

Exports

Sections

.text Size: 152KB - Virtual size: 152KB

.data Size: 96KB - Virtual size: 128KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 152KB - Virtual size: 152KB

.data
Size: 96KB - Virtual size: 128KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 4KB