c77822c1b5035d24d0f95a9e66a95898_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c77822c1b5035d24d0f95a9e66a95898_JaffaCakes118
Size

330KB
MD5

c77822c1b5035d24d0f95a9e66a95898
SHA1

789c0437c3072c93416caa00e88f95b381e30a3a
SHA256

1bc788e24366a4595174cd1af77996b3efc2d228b5ee96d20e977fd470bbfdf9
SHA512

7bf8d1d13c8530f27b9563b4bb173d9c03127123cf4fc5d41690591800070db75ff66712918526206835a3d8d18ac5a6e7578bac9788acabaee909126a742745
SSDEEP

3072:TI8knOKBeq3gH3rkjfhucMdlhyMsFxEm5X3S+XJO3mZ3Vd4BVwdKetLj+Up/sOZR:0zfusz3L0mZ3VdmCKYsOZuCGgxXvy6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c77822c1b5035d24d0f95a9e66a95898_JaffaCakes118

Files

c77822c1b5035d24d0f95a9e66a95898_JaffaCakes118
.dll windows:4 windows x86 arch:x86

177407802477da082a952da1b4733cb2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DisableThreadLibraryCalls
FreeLibraryAndExitThread
GetCurrentProcess
WriteProcessMemory
CloseHandle
ReleaseMutex
CreateMutexA
OpenMutexA
ReadFile
GetLastError
CreateFileA
HeapFree
HeapAlloc
GetProcessHeap
GetProcAddress
LoadLibraryA
ReadProcessMemory
GetStdHandle
VirtualProtect
GetFullPathNameA
GetModuleFileNameA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetCurrentDirectoryA
ExitProcess
Sleep
GetModuleHandleA
GetCurrentProcessId
SetEndOfFile
GetLocaleInfoW
CreateFileW
WriteConsoleW
GetConsoleOutputCP
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
RaiseException
RtlUnwind
SetStdHandle
GetFileType
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
WideCharToMultiByte
GetSystemTimeAsFileTime
MultiByteToWideChar
GetCurrentThreadId
GetCommandLineA
GetVersionExA
LCMapStringA
LCMapStringW
GetCPInfo
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
WriteFile
SetHandleCount
GetStartupInfoA
GetACP
GetOEMCP
GetConsoleCP
GetConsoleMode
FlushFileBuffers
SetFilePointer
HeapSize
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetStringTypeA
GetStringTypeW
WriteConsoleA

user32

ShowWindow
MessageBoxA

wininet

InternetReadFile
InternetOpenUrlA
InternetOpenA
InternetCloseHandle

Exports

Exports

Initialize

Sections

.text
Size: 180KB - Virtual size: 180KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 196KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

qyju58uq
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

d.hvx5uj
Size: 69KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

j6eolv09
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

177407802477da082a952da1b4733cb2

Headers

File Characteristics

Imports

kernel32

user32

wininet

Exports

Exports

Sections

.text Size: 180KB - Virtual size: 180KB

.rdata Size: 32KB - Virtual size: 32KB

.data Size: 16KB - Virtual size: 196KB

.rsrc Size: 4KB - Virtual size: 4KB

qyju58uq Size: 16KB - Virtual size: 16KB

d.hvx5uj Size: 69KB - Virtual size: 72KB

j6eolv09 Size: 12KB - Virtual size: 12KB

.text
Size: 180KB - Virtual size: 180KB

.rdata
Size: 32KB - Virtual size: 32KB

.data
Size: 16KB - Virtual size: 196KB

.rsrc
Size: 4KB - Virtual size: 4KB

qyju58uq
Size: 16KB - Virtual size: 16KB

d.hvx5uj
Size: 69KB - Virtual size: 72KB

j6eolv09
Size: 12KB - Virtual size: 12KB