dc5975cf6873705f6c905958dfbb98d3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

dc5975cf6873705f6c905958dfbb98d3_JaffaCakes118
Size

1.8MB
MD5

dc5975cf6873705f6c905958dfbb98d3
SHA1

f05bd3ec4021353866490b093d9a4d94a720ca74
SHA256

25f911f8f332f120ef71351f6ecadd82013452cfb71070dacb51774868d8a713
SHA512

ee10eace1785fde17473ea8f95b5dd496e514a19b46f53ea26b6235b70a8ad92467ca4caca409a677d8bb3b9ac190b0af9efdfa5df66855268878103b2ce91a9
SSDEEP

24576:KBEaRCzzuESgkHhn0sTkWbEPZ9MKJEy1wsCjCd3QbR2B3cvJO8t:Lak7OeWbQMKene3Qblrt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dc5975cf6873705f6c905958dfbb98d3_JaffaCakes118

Files

dc5975cf6873705f6c905958dfbb98d3_JaffaCakes118
.dll windows:6 windows x86 arch:x86

3050b1c9b14c47322c6d191761c118be

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetTickCount
GetModuleHandleW
InitializeCriticalSection
DeleteCriticalSection
GetStdHandle
WriteConsoleA
ReadConsoleA
Sleep
FreeConsole
SetStdHandle
GetCurrentProcessId
VirtualProtect
GetModuleFileNameA
VirtualQuery
GlobalAlloc
GlobalFree
GlobalLock
GlobalUnlock
QueryPerformanceFrequency
QueryPerformanceCounter
GetProcAddress
FreeLibraryAndExitThread
DisableThreadLibraryCalls
CreateThread
GetModuleHandleA
WriteConsoleW
HeapSize
GetProcessHeap
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
GetOEMCP
GetACP
IsValidCodePage
HeapReAlloc
ReadConsoleW
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetConsoleMode
GetConsoleCP
WriteFile
FlushFileBuffers
GetFileSizeEx
GetFileType
HeapAlloc
HeapFree
GetModuleHandleExW
ExitProcess
GetPrivateProfileStringA
CreateDirectoryA
GetLastError
WritePrivateProfileStringA
DeleteFileW
RemoveDirectoryW
FormatMessageW
WideCharToMultiByte
CreateDirectoryW
CreateFileW
FindClose
FindFirstFileExW
FindNextFileW
GetFileAttributesExW
SetEndOfFile
SetFilePointerEx
AreFileApisANSI
CloseHandle
MultiByteToWideChar
EnterCriticalSection
LeaveCriticalSection
TryEnterCriticalSection
GetCurrentThreadId
SetLastError
InitializeCriticalSectionAndSpinCount
CreateEventW
SwitchToThread
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
GetSystemTimeAsFileTime
EncodePointer
DecodePointer
LCMapStringW
GetLocaleInfoW
GetStringTypeW
GetCPInfo
SetEvent
ResetEvent
WaitForSingleObjectEx
IsDebuggerPresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetStartupInfoW
IsProcessorFeaturePresent
InitializeSListHead
GetCurrentProcess
TerminateProcess
SignalObjectAndWait
SetThreadPriority
GetThreadPriority
GetLogicalProcessorInformation
CreateTimerQueueTimer
ChangeTimerQueueTimer
DeleteTimerQueueTimer
GetNumaHighestNodeNumber
GetProcessAffinityMask
SetThreadAffinityMask
RegisterWaitForSingleObject
UnregisterWait
GetCurrentThread
GetThreadTimes
FreeLibrary
GetModuleFileNameW
LoadLibraryExW
GetVersionExW
VirtualAlloc
VirtualFree
DuplicateHandle
ReleaseSemaphore
InterlockedPopEntrySList
InterlockedPushEntrySList
InterlockedFlushSList
QueryDepthSList
UnregisterWaitEx
CreateTimerQueue
LoadLibraryW
RtlUnwind
RaiseException
ReadFile

user32

GetAsyncKeyState
SetWindowLongW
CallWindowProcW
FindWindowA
FlashWindowEx
ShowWindow
SetClipboardData
GetKeyState
ScreenToClient
GetCapture
ClientToScreen
IsChild
GetForegroundWindow
LoadCursorW
SetCapture
SetCursor
GetClientRect
ReleaseCapture
SetCursorPos
GetCursorPos
OpenClipboard
CloseClipboard
EmptyClipboard
GetClipboardData

d3dx9_43

D3DXCreateTextureFromFileInMemoryEx

imm32

ImmReleaseContext
ImmSetCompositionWindow
ImmGetContext

xinput1_3

ord4
ord2

winmm

PlaySoundA

Sections

.text
Size: 679KB - Virtual size: 678KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 443KB - Virtual size: 443KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 729KB - Virtual size: 851KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3050b1c9b14c47322c6d191761c118be

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

d3dx9_43

imm32

xinput1_3

winmm

Sections

.text Size: 679KB - Virtual size: 678KB

.rdata Size: 443KB - Virtual size: 443KB

.data Size: 729KB - Virtual size: 851KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 34KB - Virtual size: 34KB

.text
Size: 679KB - Virtual size: 678KB

.rdata
Size: 443KB - Virtual size: 443KB

.data
Size: 729KB - Virtual size: 851KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 34KB - Virtual size: 34KB