d53ecf6b34fa56443e1f516fa0e066f0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d53ecf6b34fa56443e1f516fa0e066f0_JaffaCakes118
Size

68KB
MD5

d53ecf6b34fa56443e1f516fa0e066f0
SHA1

79aa008fa9cd64c3bf4eabf3b58964d8c7d7f74f
SHA256

9ae5bf448150b8fc1feb88ae963b67c788412bd5a902b009d0dcdfcbc098d16b
SHA512

4574f732b2b5b6f8d03383f8951349f3f3602204254cd33b59239605275958ff806266bd7c93805e14b3700740460f4b3faef10796c4cd1a25bbb316f8ba00bb
SSDEEP

768:/4ejtAm7OiAUF3Uv4fD5pHor/xcZHfiiVNVDd8WGxzsjCJ4bNXgXmu/COOPzD3:/vnrA/cIVcIiZDGC2gC/bS

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d53ecf6b34fa56443e1f516fa0e066f0_JaffaCakes118

Files

d53ecf6b34fa56443e1f516fa0e066f0_JaffaCakes118
.dll windows:4 windows x86 arch:x86

932be09bfad0c0af2da9d9308a80779a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetSystemTime
WaitForSingleObjectEx
GetTimeFormatA
SetConsoleWindowInfo
SetCurrentDirectoryA
CreateJobObjectW
SystemTimeToFileTime
SetEndOfFile
ConnectNamedPipe
UnregisterWaitEx
DeleteTimerQueueEx
SetConsoleCursorPosition
GetBinaryTypeA
FormatMessageA
GetDateFormatW
ExpandEnvironmentStringsA
SetEnvironmentVariableW
LocalFileTimeToFileTime
DosDateTimeToFileTime
FindClose
AddAtomA
EscapeCommFunction
SetEnvironmentVariableA
GetVolumeNameForVolumeMountPointW
Beep
FlushFileBuffers
LocalReAlloc
GetBinaryTypeW
GetLargestConsoleWindowSize
GetLogicalDriveStringsA
GetVolumeInformationW
SetVolumeLabelW
FlushConsoleInputBuffer
WaitForMultipleObjectsEx
GetLocaleInfoW
UnlockFileEx
CopyFileA
GetModuleHandleA
VirtualQuery
GetComputerNameA
HeapFree
EnterCriticalSection
lstrlenA
CreateDirectoryA
GetLastError
LoadLibraryA
MoveFileExA
lstrcatW
CreateMutexA
lstrcpyW
GetModuleFileNameA
GetProcAddress
CloseHandle
CreateProcessA
VirtualProtect
IsValidLanguageGroup
WaitForSingleObject

ole32

OleUninitialize
CreateBindCtx
CoFileTimeNow
OleRegGetUserType
GetHGlobalFromILockBytes
CoInitialize
CoTaskMemFree
CoTaskMemAlloc

shlwapi

PathAddExtensionW
PathRemoveFileSpecW
PathCompactPathExW
PathGetArgsW
StrDupA
StrCmpW
StrTrimW
PathIsPrefixW
PathIsNetworkPathW
SHAutoComplete
PathMatchSpecW
StrStrIA

gdi32

GetFontResourceInfoW
AddFontResourceA
GetTextExtentExPointW
PlayEnhMetaFile
SetMapperFlags
StrokeAndFillPath
SwapBuffers
OffsetViewportOrgEx
SetLayout
TranslateCharsetInfo
SelectObject
CreateDCA
CreateBrushIndirect
DeleteMetaFile
SetViewportExtEx
GetStockObject
PlayEnhMetaFileRecord
ExtCreateRegion
SetAbortProc
CopyMetaFileW
CreateDIBSection
SetBitmapBits
GetTextAlign

Exports

Exports

DllInit
DllInstall

Sections

.text
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

932be09bfad0c0af2da9d9308a80779a

Headers

File Characteristics

Imports

kernel32

ole32

shlwapi

gdi32

Exports

Exports

Sections

.text Size: 52KB - Virtual size: 49KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 52KB - Virtual size: 49KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 1KB