e09c8965aa4d441d333f0805fda55cc5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e09c8965aa4d441d333f0805fda55cc5_JaffaCakes118
Size

68KB
MD5

e09c8965aa4d441d333f0805fda55cc5
SHA1

2ccd6e9635cfebf04eb70e0394af3e88853c70d1
SHA256

453bfb55b5d01ed40e33f6267e67e1533db3aabba18c273a2b1e4980011e99f9
SHA512

2f1b0282e16b28f8aff0d4429773b1c93d9132005ddfdd09551b581dd08ced4174f81b1e5397a7e257894a1d31610c4fc3d680dcb18eadd69ffe2c73d3563a75
SSDEEP

1536:RkFps0yJ67W0oQjW1TMy/GidwNjLi896lK:KCQC0o0WGiqNjL996

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e09c8965aa4d441d333f0805fda55cc5_JaffaCakes118

Files

e09c8965aa4d441d333f0805fda55cc5_JaffaCakes118
.dll windows:4 windows x86 arch:x86

2b6fe66180f3fa480701a944cd7ea53a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateMutexA
CopyFileA
LeaveCriticalSection
GetModuleFileNameA
LoadLibraryA
InterlockedExchange
lstrlenA
CreateProcessA
VirtualQuery
GetSystemTimeAsFileTime
lstrcatW
GetProcessHeap
CreateThread
EnterCriticalSection
HeapAlloc
lstrcpyW
MoveFileExA
GetProcAddress
GetComputerNameA
UnmapViewOfFile
InitializeCriticalSection
GetModuleHandleA
HeapFree
CreateDirectoryA
ReleaseMutex
CreateFileMappingA
ExitThread
GetUserDefaultUILanguage
GetProfileIntW
SetConsoleCtrlHandler
WriteFileEx
QueueUserAPC
GetCurrentThreadId
SetEvent
OpenSemaphoreW
GetQueuedCompletionStatus
FindFirstFileExW
GetLogicalDrives
ReadFileEx
RegisterWaitForSingleObject
FindAtomA
DeleteCriticalSection
AddAtomA
GetProcessVersion
GetTapeParameters
SetConsoleCursorPosition
GetProcessAffinityMask
FindFirstChangeNotificationA
IsProcessorFeaturePresent
LocalUnlock
SetVolumeLabelW
CreateJobObjectW
DosDateTimeToFileTime
FindNextVolumeW
FindNextVolumeMountPointW
SetStdHandle
EnumSystemLocalesA
PeekNamedPipe
FreeEnvironmentStringsW
HeapLock
PeekConsoleInputW
GetBinaryTypeA
Sleep
GetDiskFreeSpaceExW
TerminateThread
GetStringTypeExA
VirtualQueryEx
SetFileApisToOEM
FindResourceW
SetSystemTime
DeleteTimerQueueTimer
GetDiskFreeSpaceA
VirtualUnlock
GetFileSize
CreateDirectoryW
GetExitCodeThread
FindNextFileA
CreateWaitableTimerA
IsBadStringPtrW
GetSystemDirectoryW
GetTempFileNameA
VerSetConditionMask
GetProfileStringA
IsValidLocale
FileTimeToLocalFileTime
HeapCreate
lstrcmpW
SetLocalTime
TransactNamedPipe
IsBadCodePtr
SetErrorMode
CreateSemaphoreA
FindVolumeMountPointClose
GetStartupInfoW
SearchPathA
FormatMessageA
MoveFileA
CreateTimerQueueTimer
GetStringTypeW
SetInformationJobObject
GetThreadLocale
GetThreadTimes
GetFileAttributesW
ReadDirectoryChangesW
SetProcessWorkingSetSize
lstrcpynA
GetCompressedFileSizeW
GetSystemTimeAdjustment
GetLogicalDriveStringsA
IsBadWritePtr
ExpandEnvironmentStringsW
CreateToolhelp32Snapshot
ClearCommError
FindResourceExA
FindFirstVolumeW
SetWaitableTimer
GetTempPathA
GetSystemWow64DirectoryW
SetEndOfFile
GetFullPathNameA
UnlockFileEx
lstrcpynW
LocalFileTimeToFileTime
ConnectNamedPipe
lstrcmpiA
LocalFlags
WaitForMultipleObjects
AreFileApisANSI
LockResource
OpenJobObjectW
FlushFileBuffers
OpenThread
GlobalAddAtomW
IsWow64Process
DeleteFileA
WriteFile
GetBinaryTypeW
LocalLock
RaiseException
SetDefaultCommConfigW
OpenFileMappingW
GetVolumeInformationW
ExitProcess
VirtualAlloc

user32

KillTimer
DispatchMessageA
CallNextHookEx
GetMessageA
TrackMouseEvent
ToUnicodeEx
SetMenu
ScrollWindow
OpenDesktopW
GetNextDlgGroupItem
EnumDisplaySettingsA
LoadImageA
CreatePopupMenu
IsMenu
InvertRect
SendNotifyMessageW
WindowFromPoint
SetWindowWord
TabbedTextOutW
SetMenuDefaultItem
ChangeDisplaySettingsExW
DestroyAcceleratorTable
SetDlgItemInt
AttachThreadInput
EnumDisplaySettingsW
ChangeDisplaySettingsA
SetWindowPos
GetUpdateRgn
GetMenuState
CreateCursor
CallMsgFilterW
CopyAcceleratorTableW
DrawStateA
NotifyWinEvent
ValidateRect
BringWindowToTop
GetMonitorInfoA
DrawTextA
wsprintfW
MessageBoxExW
InsertMenuItemA
IsCharAlphaA
LoadImageW
DestroyMenu
GetDCEx
SetDlgItemTextW
MapVirtualKeyA
IsWindow
GetMenuStringW
CreateMenu
SendMessageTimeoutW
GetDesktopWindow
CreateAcceleratorTableA
GrayStringA
GetWindowThreadProcessId
BeginDeferWindowPos
SwitchToThisWindow
CreateIconIndirect
ModifyMenuA
InSendMessage
GetMessageW
SetClassLongW
CreateAcceleratorTableW
GetClassNameA
SetCursor
AdjustWindowRect
DrawIconEx
SetParent
DefFrameProcA
PtInRect
AppendMenuA
LoadAcceleratorsW
ToAsciiEx
MonitorFromRect
DialogBoxIndirectParamA
IsRectEmpty
DestroyIcon
TranslateAcceleratorW
DrawAnimatedRects
GetGUIThreadInfo
IsDialogMessageA
MessageBoxExA
SetPropA
GetMessageTime
OemToCharA
SetCursorPos
CreateWindowExW
FindWindowExW
LoadIconW
SetScrollInfo
OpenDesktopA
GetFocus
PostThreadMessageW
CharLowerW
GetThreadDesktop
GetMenuItemCount
GetScrollInfo
GetMonitorInfoW
ShowOwnedPopups
WaitMessage
AdjustWindowRectEx
GetMenuItemID
LoadMenuW
MessageBoxIndirectA
ReleaseDC
GetTabbedTextExtentA
CharLowerA
GetActiveWindow
GetDlgItemTextA
LockWindowUpdate
VkKeyScanA
MapVirtualKeyExW
GetParent
UpdateWindow
EnumChildWindows
DestroyCursor
RegisterWindowMessageA
InvalidateRgn
GetCursorPos
UnregisterHotKey
WindowFromDC
AppendMenuW
SetRect
SystemParametersInfoA
EnumDesktopsW
RegisterWindowMessageW
MapWindowPoints
SendInput

Exports

Exports

DllInit
DllInstall

Sections

.text
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2b6fe66180f3fa480701a944cd7ea53a

Headers

File Characteristics

Imports

kernel32

user32

Exports

Exports

Sections

.text Size: 48KB - Virtual size: 46KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 48KB - Virtual size: 46KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 2KB