d129411b8ac07f15c2e5190c44865c36_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d129411b8ac07f15c2e5190c44865c36_JaffaCakes118
Size

361KB
MD5

d129411b8ac07f15c2e5190c44865c36
SHA1

3176f3f9984b548290bd49489b0bf95c8bbbc474
SHA256

0fcb88d4604759cb09c9c76c47bc4164a14a7e477b95c0a6fa9fd0f7b528f270
SHA512

75004659cad876659063fef53475a49f56d9d44edcc153dc60e82c02c944e742d922005866e38f4fd7793e031038ff51c0a0dcdf2c484a80f21a4a3dcfc037a7
SSDEEP

6144:mFAL/D6bZuyUKkyD9dtnEeSNT5rgTt4jDXhZ9HSV+eMWsoErJKqI/M9:T/D6/UKkC9rnEnT50T23DojhErJ8I

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/Osiris_V2.dll

Files

d129411b8ac07f15c2e5190c44865c36_JaffaCakes118
.rar
Osiris_V2.dll
.dll windows:6 windows x86 arch:x86

aa9b40cbae083eb5fca216f83a22510f

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shell32

SHGetKnownFolderPath

ole32

CoTaskMemFree

user32

LoadCursorA
ScreenToClient
GetCapture
ClientToScreen
IsChild
GetForegroundWindow
SetCapture
SetCursor
GetClientRect
ReleaseCapture
SetCursorPos
GetKeyState
GetCursorPos
OpenClipboard
CloseClipboard
EmptyClipboard
GetClipboardData
SetClipboardData
ShowWindow
FlashWindowEx
SetWindowLongA
CallWindowProcA
MessageBoxA
FindWindowW
GetAsyncKeyState

kernel32

FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
HeapReAlloc
GetTimeZoneInformation
ReadConsoleW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
HeapAlloc
HeapFree
GetConsoleMode
GetConsoleCP
WriteFile
FlushFileBuffers
GetFileType
GetStdHandle
GetFileSizeEx
GetModuleFileNameW
ReadFile
MultiByteToWideChar
WideCharToMultiByte
GetCurrentProcess
K32GetModuleInformation
VirtualQuery
GetProcAddress
GetModuleHandleW
VirtualProtect
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
QueryPerformanceFrequency
QueryPerformanceCounter
CreateDirectoryW
CreateFileW
DeleteFileW
FindClose
SetEnvironmentVariableW
FindNextFileW
GetFileAttributesExW
GetFileInformationByHandle
RemoveDirectoryW
SetEndOfFile
SetFilePointerEx
AreFileApisANSI
CloseHandle
GetLastError
SetLastError
MoveFileExW
FormatMessageW
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
CreateEventW
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
EncodePointer
DecodePointer
CompareStringW
LCMapStringW
GetLocaleInfoW
GetCPInfo
SetEvent
ResetEvent
WaitForSingleObjectEx
IsProcessorFeaturePresent
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
GetCurrentProcessId
GetCurrentThreadId
InitializeSListHead
TerminateProcess
GetModuleHandleExW
GetProcessHeap
SetStdHandle
WriteConsoleW
HeapSize
FindFirstFileExW
GetStringTypeW
RtlUnwind
RaiseException
InterlockedFlushSList
FreeLibrary
LoadLibraryExW
ExitProcess

imm32

ImmReleaseContext
ImmSetCompositionWindow
ImmGetContext

Sections

.text
Size: 690KB - Virtual size: 690KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_RDATA
Size: 19KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 880B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aa9b40cbae083eb5fca216f83a22510f

Headers

DLL Characteristics

File Characteristics

Imports

shell32

ole32

user32

kernel32

imm32

Sections

.text Size: 690KB - Virtual size: 690KB

.rdata Size: 107KB - Virtual size: 107KB

.data Size: 4KB - Virtual size: 14KB

_RDATA Size: 19KB - Virtual size: 18KB

.rsrc Size: 1024B - Virtual size: 880B

.reloc Size: 30KB - Virtual size: 29KB

.text
Size: 690KB - Virtual size: 690KB

.rdata
Size: 107KB - Virtual size: 107KB

.data
Size: 4KB - Virtual size: 14KB

_RDATA
Size: 19KB - Virtual size: 18KB

.rsrc
Size: 1024B - Virtual size: 880B

.reloc
Size: 30KB - Virtual size: 29KB