d54a6522937b56fa77add452dbd27dea_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

d54a6522937b56fa77add452dbd27dea_JaffaCakes118
Size

2.5MB
MD5

d54a6522937b56fa77add452dbd27dea
SHA1

e9d9278460e89193ba64ea27acd07d19a90161e0
SHA256

a0c89e916208296d51e6dfb7f956ea1749b555e2adb6d1593f141a4debfbc68b
SHA512

aa2303becf1e666d25cac7ef853b6de0f20ca8d390d2006e64a127430640f2803571201b755d476432a4bbe6a61f99e65c7c9bf77f6cab0edb094f85afd67cfc
SSDEEP

24576:Op79nhhd+3NDOtbWuXGHL3CWJ9NSFNX7oskG3aJZ20dIvy0tJT6k:ON9Xd+FoI3lLyNsskJJZK11

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d54a6522937b56fa77add452dbd27dea_JaffaCakes118

Files

d54a6522937b56fa77add452dbd27dea_JaffaCakes118
.dll windows:5 windows x86 arch:x86

49110b255998ae41cc160ec4102dd69a

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

MapViewOfFile
UnmapViewOfFile
GetModuleHandleA
GetSystemDirectoryW
CreateDirectoryW
GetVersionExW
Sleep
InterlockedExchange
CloseHandle
CreateEventA
GetExitCodeProcess
WriteFile
CreateProcessW
GetEnvironmentVariableW
GetTempPathW
GetWindowsDirectoryW
GetFullPathNameW
CreateFileW
GetFileAttributesW
WaitForSingleObject
TerminateProcess
MoveFileExW
GetVolumeInformationA
FreeLibrary
HeapAlloc
HeapFree
GetProcessHeap
GetCurrentProcessId
LoadLibraryA
GetModuleFileNameW
LocalFree
SetEnvironmentVariableA
FlushFileBuffers
WriteConsoleW
SetStdHandle
SetFilePointerEx
GetConsoleMode
GetConsoleCP
LoadLibraryW
GetLastError
GetFileAttributesExW
CreateThread
ExitProcess
GetCurrentProcess
GetProcAddress
InitializeCriticalSectionAndSpinCount
VirtualProtect
GlobalAlloc
GetTickCount
DeleteFileW
LoadLibraryExW
OutputDebugStringW
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetModuleFileNameA
GetFileType
GetTimeZoneInformation
VirtualQuery
InterlockedIncrement
InterlockedDecrement
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
WideCharToMultiByte
MultiByteToWideChar
GetStringTypeW
HeapReAlloc
GetSystemTimeAsFileTime
RaiseException
RtlUnwind
IsProcessorFeaturePresent
GetCommandLineA
GetCurrentThreadId
GetCPInfo
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetLastError
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetStartupInfoW
GetModuleHandleW
CompareStringW
LCMapStringW
GetLocaleInfoW
IsValidLocale
GetUserDefaultLCID
EnumSystemLocalesW
GetStdHandle
GetModuleHandleExW
HeapSize
IsDebuggerPresent
IsValidCodePage
GetACP
GetOEMCP

user32

CreateWindowExW
PeekMessageW
DispatchMessageW
GetDlgItemInt
SetDlgItemInt
CreateDialogIndirectParamW
IsWindowVisible
MoveWindow
CloseWindow
FlashWindowEx

gdi32

CreateFontW
DeleteDC

advapi32

RegOpenKeyExW
RegSetValueExW
RegQueryValueExW
RegEnumKeyExW
RegCreateKeyExW
RegCloseKey

Exports

Exports

DllInstall

Sections

.text
Size: 195KB - Virtual size: 195KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

49110b255998ae41cc160ec4102dd69a

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Exports

Exports

Sections

.text Size: 195KB - Virtual size: 195KB

.rdata Size: 46KB - Virtual size: 46KB

.data Size: 2.3MB - Virtual size: 2.3MB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 28KB - Virtual size: 27KB

.text
Size: 195KB - Virtual size: 195KB

.rdata
Size: 46KB - Virtual size: 46KB

.data
Size: 2.3MB - Virtual size: 2.3MB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 28KB - Virtual size: 27KB