da4abf3b1946c2417b054318dce5ecca_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

da4abf3b1946c2417b054318dce5ecca_JaffaCakes118
Size

116KB
MD5

da4abf3b1946c2417b054318dce5ecca
SHA1

f4fd2fc24ed8482281f287c099de9ce3d3f24038
SHA256

545214e52b85f3f22bf5f6dc404da40d01ab05a1c93ca0ae58bb8b4b178ac7bc
SHA512

9e343afd5062b9237efbec37f8eb6d443164db616c3d6203bf3bc6c4fa200eddf1123c7322fabef71d1ab858da697256c9eb60340c4b33044acabbea4b036e50
SSDEEP

3072:pD26hpfKsEo2pvnFZPCMW5LNPCVpXUt1hMfD:ZZZEo2DW5FL

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
da4abf3b1946c2417b054318dce5ecca_JaffaCakes118

Files

da4abf3b1946c2417b054318dce5ecca_JaffaCakes118
.dll windows:4 windows x86 arch:x86

824064aa1e62b27ac682e70ed86f66a1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FormatMessageA
WriteFile
SetFilePointer
ReleaseMutex
GetFileSize
WaitForSingleObject
GetSystemTime
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetUserDefaultLangID
lstrcmpiW
GetModuleFileNameW
InterlockedDecrement
InterlockedIncrement
DeleteCriticalSection
InitializeCriticalSection
FormatMessageW
GetModuleHandleW
GetSystemDirectoryW
SetLastError
GetCurrentProcess
lstrlenW
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
LoadLibraryW
InterlockedCompareExchange
FreeLibrary
LocalAlloc
LocalFree
GetLastError
ReleaseActCtx
CreateActCtxW
GlobalUnlock
GlobalLock
DisableThreadLibraryCalls
ActivateActCtx
InterlockedExchange
Sleep
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
DeactivateActCtx
GetModuleFileNameA
WideCharToMultiByte
CreateEventW
SetFilePointerEx
FlushFileBuffers
HeapFree
GetProcessHeap
HeapAlloc
InitializeCriticalSectionAndSpinCount
OutputDebugStringA
IsDebuggerPresent
GetLocaleInfoW
lstrcmpW
DnsHostnameToComputerNameW
VirtualAlloc
FreeResource
FindResourceW
LoadResource
LockResource
SizeofResource
MapViewOfFile
UnmapViewOfFile
CreateFileA
CreateFileMappingA
CloseHandle
VirtualProtect
GlobalFree
GetCommandLineA
GetProcAddress
GlobalAlloc

user32

DestroyWindow
LoadStringW
GetDlgItemTextW
GetDlgItemInt
GetWindowTextW
GetDlgItem
SetTimer
CharNextW
IsWindow
GetWindowLongW
SendMessageW
SetWindowLongW
ShowWindow
RegisterClipboardFormatW
EnableWindow

advapi32

GetSecurityDescriptorControl
LookupAccountSidA
TraceMessage
MakeSelfRelativeSD
FreeSid
GetAce
GetAclInformation
GetSecurityDescriptorDacl
IsValidSecurityDescriptor
RegCloseKey
RegCreateKeyExW
RegOpenKeyExW
RegSetValueExW
SetSecurityDescriptorGroup
RegDeleteKeyW
RegEnumKeyExW
GetSecurityDescriptorLength
RegCreateKeyExA
RegQueryValueExW
DeleteAce

ole32

CoTaskMemFree
PropVariantClear
StringFromGUID2
CLSIDFromString
CoCreateInstance
StringFromCLSID

msvcr71

_wcsdup
_adjust_fdiv
_amsg_exit
_XcptFilter
memset
_vsnwprintf
strrchr
_vsnprintf
memcpy
_initterm
malloc
__CppXcptFilter
__dllonexit
_onexit
_wmakepath
_wsplitpath
wcsncpy
_CxxThrowException
_wcsicmp
wcsncat
wcslen
free
_except_handler3
_strnicmp
strncpy
_snprintf
iswctype
wcstoul
printf
toupper
wcsncmp
wcscmp

Sections

.text
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

824064aa1e62b27ac682e70ed86f66a1

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

msvcr71

Sections

.text Size: 60KB - Virtual size: 57KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 36KB - Virtual size: 69KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 60KB - Virtual size: 57KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 36KB - Virtual size: 69KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 4KB