c782f33d85add3b6676bf2cf5604e6a0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c782f33d85add3b6676bf2cf5604e6a0_JaffaCakes118
Size

128KB
MD5

c782f33d85add3b6676bf2cf5604e6a0
SHA1

90ef2b3b10a329e46b4451778e7f2c990f351e27
SHA256

723d3d6465f1f9081aedd719430d9a777c8103f20fa0b585110b48f05def58f0
SHA512

04b6f12cda4da1ffac9e6b3c527f59b4ac4fa9f56f86b897e6820a7a56b6599e3fb1c506525f91c4cf1040837f991a69adce0e9206c8fd4d346b05ef9e0360da
SSDEEP

3072:qcu/2x62J8dWtWZ+ImmVOrsIlHvVSbu/yf33:7u/K6hv+Fxsnum3

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c782f33d85add3b6676bf2cf5604e6a0_JaffaCakes118

Files

c782f33d85add3b6676bf2cf5604e6a0_JaffaCakes118
.dll windows:4 windows x86 arch:x86

119d368b7ff439556c209058173c99e1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WriteConsoleW
GetStdHandle
FreeLibrary
GetProcAddress
LoadLibraryW
GetSystemDirectoryW
GetFileAttributesW
FindNextFileW
FindClose
FindFirstFileW
DeleteFileW
SetFileAttributesW
CopyFileW
CreateDirectoryW
GetSystemTimeAsFileTime
GetCurrentProcess
TerminateProcess
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
SetUnhandledExceptionFilter
InterlockedCompareExchange
Sleep
InterlockedExchange
UnhandledExceptionFilter
LoadLibraryA
InterlockedDecrement
lstrcmpiA
lstrlenA
CreateProcessW
GetVersionExW
lstrlenW
ResetEvent
DeviceIoControl
WaitForSingleObject
GetOverlappedResult
CancelIo
AddAtomW
GetProcessHeap
InterlockedIncrement
LocalAlloc
CloseHandle
GetModuleHandleW
UnregisterWait
RegisterWaitForSingleObject
lstrcmpW
FormatMessageW
ExpandEnvironmentStringsW
GetModuleFileNameW
ProcessIdToSessionId
GetLocaleInfoA
GetStringTypeW
GetStringTypeA
LCMapStringW
MultiByteToWideChar
LCMapStringA
HeapSize
GetCPInfo
GetOEMCP
GetACP
GetSystemInfo
GetEnvironmentStringsW
GetLastError
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetModuleFileNameA
GetStartupInfoA
SetHandleCount
GetModuleHandleA
ExitProcess
VirtualQuery
HeapReAlloc
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
GetVersionExA
RtlUnwind
HeapFree
HeapAlloc
WideCharToMultiByte
WriteFile
LocalFree
GetFileType
GetConsoleMode
GetSystemWindowsDirectoryW
VirtualProtect
CreateFileW
GetCommandLineA

user32

DispatchMessageA
MessageBoxA
PostQuitMessage
GetMessageA
LoadStringW
DestroyIcon
DestroyWindow
LoadCursorW
RegisterClassExW
SystemParametersInfoW
LoadImageW
FindWindowW
PostMessageW
AppendMenuW
IsWindowVisible
GetDoubleClickTime
RegisterHotKey
ShowWindow
GetMenuItemCount
GetMenuItemInfoW
DestroyMenu
DefWindowProcW
KillTimer
SetTimer
SendMessageW
GetSystemMetrics
NotifyWinEvent
InsertMenuItemW
CreateWindowExW
SendNotifyMessageW
EnumWindows

advapi32

RegDeleteValueW
RegQueryInfoKeyW
RegCreateKeyExW
RegSetValueExW
RegOpenKeyExW
RegCloseKey

gdi32

DeleteObject

ole32

CoUninitialize
CoRevokeClassObject
CoRegisterClassObject
CoInitialize
CoRegisterPSClsid

rpcrt4

NdrDllGetClassObject

Sections

.text
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

119d368b7ff439556c209058173c99e1

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

ole32

rpcrt4

Sections

.text Size: 60KB - Virtual size: 57KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 40KB - Virtual size: 72KB

.rsrc Size: 8KB - Virtual size: 6KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 60KB - Virtual size: 57KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 40KB - Virtual size: 72KB

.rsrc
Size: 8KB - Virtual size: 6KB

.reloc
Size: 8KB - Virtual size: 4KB