ea89a69ef992557731208f1146d03a96_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ea89a69ef992557731208f1146d03a96_JaffaCakes118
Size

85KB
MD5

ea89a69ef992557731208f1146d03a96
SHA1

d04c66f5643052993249a4b7687f576356c8c727
SHA256

d55e792e620b9f3438416f41bf23a6e53fea06fe22c1311a7840929b7c219455
SHA512

ae02a3c61a23109869fc9b212fd1443216260b238a8a2df40148d1f4e4251c341dcd4ac3f9ea555cf017f2aed8ccb9daa5ea4a1ee255904c14efb5b687e57641
SSDEEP

1536:+LP+zMKsbRAMXRQ44d9JD1GYoII5LTAB1E0TkwJ6NHZlvqv/5YIS:GBmMy44d9JD1MII5fAB1Eo6BZlpB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ea89a69ef992557731208f1146d03a96_JaffaCakes118

Files

ea89a69ef992557731208f1146d03a96_JaffaCakes118
.dll windows:4 windows x86 arch:x86

0946c92edb955591977add6145f3724f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

EnterCriticalSection
LeaveCriticalSection
Sleep
VirtualFree
SetEvent
InterlockedIncrement
IsBadCodePtr
InitializeCriticalSection
TerminateProcess
UnhandledExceptionFilter
CreateFileW
SetUnhandledExceptionFilter
DeviceIoControl
HeapFree
GetCurrentProcess
GetLastError
HeapAlloc
GetProcessHeap
GetTickCount
IsBadReadPtr
VirtualProtect

advapi32

RegCreateKeyExA
RegOpenKeyExA
RegCreateKeyExW
OpenSCManagerW
RegQueryValueExW
RegSetValueExW
RegDeleteValueW
RegCloseKey
RegOpenKeyExW
ControlService
CloseServiceHandle
OpenServiceW

ole32

CoCreateInstance
CoInitializeEx
CoTaskMemFree
CoUninitialize

msvcrt

_wcsnicmp
wcstok
swprintf
wcsspn
iswdigit
wcslen
malloc
free
_strnicmp
_fullpath
wcscpy
_initterm
_adjust_fdiv
wcstoul
_wcsicmp
_except_handler3
time
__CxxFrameHandler
??3@YAXPAX@Z

msvcp60

?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@ABV12@II@Z
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ
??Ostd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??Mstd@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??8std@@YA_NABV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@0@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@PBD@Z
??Hstd@@YA?AV?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@0@ABV10@0@Z

Sections

.text
Size: 78KB - Virtual size: 77KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0946c92edb955591977add6145f3724f

Headers

File Characteristics

Imports

kernel32

advapi32

ole32

msvcrt

msvcp60

Sections

.text Size: 78KB - Virtual size: 77KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 512B - Virtual size: 33KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 78KB - Virtual size: 77KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 512B - Virtual size: 33KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 2KB - Virtual size: 1KB