d627eea373a2302118f57dc5f2f00f15_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d627eea373a2302118f57dc5f2f00f15_JaffaCakes118
Size

447KB
MD5

d627eea373a2302118f57dc5f2f00f15
SHA1

9c74ae9bcd84c2d9cb1f8afe98b33a6b875861bc
SHA256

f61e71bca2b6babad0586696a84916ab5e85af29b1cdad7e7f9e34a49689bdda
SHA512

a7099f3062230bde9a7a31dc529fd0a3f4ca6fefcb36b864c2cd26efb42cb0eeef2170b552ab8f68f5be4cd63663b17d3af703c33628fb7952d33bed021c66e3
SSDEEP

12288:8eeWy7PBZkZw7uY9BSeQwRBO1uyALp3bX:8bdPEZvY9Ie+1uyw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d627eea373a2302118f57dc5f2f00f15_JaffaCakes118

Files

d627eea373a2302118f57dc5f2f00f15_JaffaCakes118
.dll windows:5 windows x86 arch:x86

f26bbea8cc130299df9f339750c9fc86

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

setupapi

SetupDiOpenDeviceInterfaceW
SetupDiOpenClassRegKey
SetupDiGetHwProfileFriendlyNameExW
SetupDiGetDeviceInfoListClass
SetupDiGetClassRegistryPropertyW
SetupDiGetClassDevsA
SetupCommitFileQueueA
CM_Set_HW_Prof_Ex
CM_Request_Device_EjectA
CM_Get_Resource_Conflict_DetailsW
CM_Get_Res_Des_Data_Ex
CM_Get_DevNode_Custom_PropertyW
CM_Enable_DevNode
CM_Disable_DevNode_Ex
CM_Create_Range_List
CMP_Report_LogOn

ntdll

RtlxUnicodeStringToAnsiSize
RtlUpdateTimer
RtlUnicodeToOemN
RtlSetAllBits
RtlNtStatusToDosError
RtlInitUnicodeString
RtlGetUserInfoHeap
RtlGetOwnerSecurityDescriptor
RtlFindClearBitsAndSet
RtlEqualPrefixSid
ZwAdjustPrivilegesToken
RtlDeleteSecurityObject
RtlDeleteAtomFromAtomTable
RtlCreateUserThread
RtlCreateAcl
RtlApplyRXactNoFlush
RtlAddAccessDeniedAceEx
NtSetDefaultLocale
NtReadFileScatter
NtQueryTimerResolution
NtPrivilegeObjectAuditAlarm
NtNotifyChangeDirectoryFile
NtFlushVirtualMemory
NtCloseObjectAuditAlarm
NtAllocateUuids
LdrFlushAlternateResourceModules
ZwCompleteConnectPort
ZwImpersonateThread
RtlEqualComputerName

kernel32

GetCompressedFileSizeA
ExitProcess
EscapeCommFunction
EnumSystemLanguageGroupsA
EnumSystemCodePagesA
EnumDateFormatsExA
EnumCalendarInfoA
DeleteFileA
CreateSemaphoreA
CreateMutexW
CompareStringA
CancelTimerQueueTimer
CancelDeviceWakeupRequest
FindFirstFileExA
FindFirstVolumeMountPointA
FreeUserPhysicalPages
GetCommState
lstrcpyW
lstrcpyA
WriteFileGather
VerifyVersionInfoA
VerLanguageNameW
VerLanguageNameA
SetupComm
SetLastError
SetFilePointerEx
SetCommMask
ResetEvent
PrepareTape
OpenWaitableTimerW
OpenSemaphoreA
MoveFileWithProgressA
LocalSize
LCMapStringA
HeapAlloc
GlobalUnWire
GlobalFindAtomW
GetTickCount
GetProfileIntA
GetProcessPriorityBoost
GetProcAddress
GetPrivateProfileIntW
GetMailslotInfo
GetLocalTime
GetFileSize
GetDateFormatA
GetCommandLineA
FatalAppExitA

version

GetFileVersionInfoSizeW
GetFileVersionInfoSizeA
GetFileVersionInfoW
VerFindFileA
VerInstallFileA
VerInstallFileW
VerQueryValueA
VerQueryValueW
GetFileVersionInfoA

winmm

midiOutMessage
midiOutGetID
midiOutSetVolume
midiStreamOut
midiStreamPosition
mixerGetDevCapsA
mixerGetDevCapsW
mmTaskBlock
mmGetCurrentTask
midiOutLongMsg
mixerGetLineInfoW

comdlg32

FindTextW
GetOpenFileNameW
GetFileTitleW

user32

PostMessageA
LoadIconA
GetMenu
GetDC
EndDialog
DestroyWindow
DefDlgProcA
CharUpperA
CharToOemA
ActivateKeyboardLayout
SendMessageA
UpdateWindow
RegisterClassA

Exports

Exports

BHffjxKFiDvzcHrjm
IbrMuceFjkkfv
Ihi
KptCZL
Lilheqbckuflfpd
SkXklhWccupwyHvkmry
csgjXecpfR
eHazdsbuiawhrsUulz
ihsv
ihxfjowX
qgrrh
ukopygpzziTu
xnonukvdIx
yoqxp

Sections

.text
Size: 57KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 362KB - Virtual size: 667KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 26KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f26bbea8cc130299df9f339750c9fc86

Headers

DLL Characteristics

File Characteristics

Imports

setupapi

ntdll

kernel32

version

winmm

comdlg32

user32

Exports

Exports

Sections

.text Size: 57KB - Virtual size: 57KB

.data Size: 362KB - Virtual size: 667KB

.rsrc Size: 26KB - Virtual size: 26KB

.text
Size: 57KB - Virtual size: 57KB

.data
Size: 362KB - Virtual size: 667KB

.rsrc
Size: 26KB - Virtual size: 26KB