dfa403e1593b3da3a15185ffdb3adfba_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

dfa403e1593b3da3a15185ffdb3adfba_JaffaCakes118
Size

84KB
MD5

dfa403e1593b3da3a15185ffdb3adfba
SHA1

6734236c1b66107642704610a7e9e058af188427
SHA256

4c0d6b2d192d20d670012aceba39aeb85cbd07d8f5f3f7d9f34695e1166415a3
SHA512

aca5b1d0a76f051b68c2be11963dcd5c67a15dca484c2104b878699c45666451536951191684c65eb552ece589e7e6416e602007338ff19ddf0e9bc9517a7bfb
SSDEEP

1536:Okqk9M/CT4Oj0bFJkoUX8963U0VZ9XiHOGHRz+eEqjRBjyRGEWdX25cxtmbj1PXM:ZkCEOYbjUs5YQ8B5iYLhZPsMS/7oV2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dfa403e1593b3da3a15185ffdb3adfba_JaffaCakes118

Files

dfa403e1593b3da3a15185ffdb3adfba_JaffaCakes118
.dll windows:4 windows x86 arch:x86

f3b3b00db4f25056434e8f625ea37ff9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetSystemPowerStatus
GetThreadTimes
GlobalDeleteAtom
GetConsoleCP
WaitForMultipleObjectsEx
GetFileInformationByHandle
ExitThread
lstrcpyA
CopyFileW
FindNextVolumeW
GetTempFileNameW
PeekConsoleInputA
GetTempFileNameA
IsValidCodePage
GetModuleHandleW
SetMailslotInfo
IsBadHugeReadPtr
FileTimeToDosDateTime
WaitForMultipleObjects
InitializeCriticalSection
GetCommMask
SystemTimeToTzSpecificLocalTime
MoveFileW
GetFileTime
LocalFileTimeToFileTime
SetVolumeMountPointW
DeviceIoControl
IsBadWritePtr
EnumResourceNamesA
DosDateTimeToFileTime
SetEnvironmentVariableA
GetVolumePathNameW
lstrcpyW
CreateMutexW
DeleteCriticalSection
GetFileAttributesW
SetStdHandle
VirtualQueryEx
SetHandleInformation
FreeResource
GetShortPathNameW
GetExitCodeThread
EnumResourceNamesW
SetConsoleActiveScreenBuffer
ConvertDefaultLocale
GetCurrentDirectoryW
GetSystemWindowsDirectoryA
GlobalReAlloc
GetAtomNameA
FindResourceW
GetProcessAffinityMask
HeapReAlloc
InitializeCriticalSectionAndSpinCount
GetProcAddress
WriteFile
VirtualQuery
GetSystemTimeAsFileTime
lstrlenA
GetModuleFileNameA
InterlockedIncrement
CopyFileA
CreateFileMappingA
HeapAlloc
SetLastError
GetComputerNameA
InterlockedExchange
lstrlenW
LoadLibraryA
CloseHandle
GetLogicalDrives

user32

OpenIcon
CopyRect
EndDeferWindowPos
GetScrollRange
ExitWindowsEx
GetUserObjectInformationA
GetUpdateRect
GetTabbedTextExtentA
IsDlgButtonChecked
DefDlgProcW
DestroyMenu
GetDlgItemInt
CharUpperBuffW
DefDlgProcA
PackDDElParam
DialogBoxParamA
DialogBoxIndirectParamA
PostThreadMessageA
GetWindowLongW
SetPropA
FillRect
DestroyCaret
CreateMenu
CreateAcceleratorTableW
DrawIcon
CharNextExA
MoveWindow
GetMenuItemInfoW
LoadBitmapA
SetWindowsHookExW
CloseWindowStation
GetMonitorInfoW
UpdateLayeredWindow
GetWindowTextW
TabbedTextOutA
GetShellWindow
SetScrollPos
MessageBoxExW
CharLowerBuffA
SetDlgItemInt
GetMenuItemID
DefFrameProcW
GetProcessDefaultLayout
SetRectEmpty
CreateCursor
FindWindowExA
SetProcessDefaultLayout
SetCapture
IsWindow
ToAscii
SystemParametersInfoW
UnhookWindowsHookEx
RegisterClassExA
DispatchMessageA
RegisterWindowMessageA
TranslateMessage
PostMessageA
CreateWindowExA
GetWindowThreadProcessId
CallNextHookEx
UnhookWinEvent

oleaut32

SysAllocStringLen
SysStringLen

advapi32

RegQueryValueExA
RegSetValueExA
SetSecurityInfo
RegDeleteValueA
RegisterEventSourceW
CredWriteW
ElfRegisterEventSourceW
NotifyBootConfigStatus
ReadEventLogA
RegQueryInfoKeyA
RegLoadKeyW
RegOpenCurrentUser
MakeAbsoluteSD
GetUserNameW
OpenSCManagerA
QueryServiceLockStatusA
CloseServiceHandle
RegOpenKeyA
QueryServiceStatus
RegOpenKeyW
NotifyChangeEventLog
ImpersonateSelf
GetUserNameA

Exports

Exports

WincrtInterval

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f3b3b00db4f25056434e8f625ea37ff9

Headers

File Characteristics

Imports

kernel32

user32

oleaut32

advapi32

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 59KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 8KB - Virtual size: 6KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 60KB - Virtual size: 59KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 6KB

.reloc
Size: 4KB - Virtual size: 2KB