f0c6d1b74580db07ebef52e6efd9f5ce_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f0c6d1b74580db07ebef52e6efd9f5ce_JaffaCakes118
Size

207KB
MD5

f0c6d1b74580db07ebef52e6efd9f5ce
SHA1

75e5a937aa7cfc6c20261e3c44912a5eb4128657
SHA256

ab88550c89b3adec572aa84281071b5748313cf92e28efca39a57809e40bcc78
SHA512

501f19268ab0d135cfec4aed470fba47431a9d8e89987774b1f3699e8c41b086f2bbe76d59a67a6a4817c34f3c81f9e04907c407a573f449881e4598345d6ba8
SSDEEP

3072:1MmhoFdSFsVJA1UgLLuzf/QqZ2ZFS63QdG4EPb3rKbU1IfFRFBC:mdqswdPuzfHZSt4EPb2gUF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f0c6d1b74580db07ebef52e6efd9f5ce_JaffaCakes118

Files

f0c6d1b74580db07ebef52e6efd9f5ce_JaffaCakes118
.dll windows:4 windows x86 arch:x86

f5eda1ec95b514a5a7227155e474becd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

InterlockedExchange
LoadLibraryA
GetLastError
WideCharToMultiByte
SetEvent
HeapFree
HeapAlloc
LocalFree
CompareStringA
ExpandEnvironmentStringsA
GetTickCount
GetComputerNameA
LocalAlloc
Sleep
OpenProcess
LeaveCriticalSection
EnterCriticalSection
GetSystemTimeAsFileTime
GetSystemTime
DeviceIoControl
GetProcessHeap
WaitForSingleObject
GlobalFree
GlobalAlloc
MulDiv
InterlockedCompareExchange
OutputDebugStringA
DeleteCriticalSection
FreeLibrary
InterlockedIncrement
InterlockedDecrement
GetProcAddress
CloseHandle
UnmapViewOfFile
GetFileSize
MapViewOfFile
VirtualProtect
CreateFileMappingW
CreateFileW
GetModuleFileNameW
RtlUnwind
GetVersion
GetCommandLineA
MultiByteToWideChar

user32

CharToOemBuffA

advapi32

RegEnumKeyExA
RegOpenKeyExW
CryptAcquireContextA
CryptGenRandom
OpenProcessToken
GetTokenInformation
RegQueryValueExA
RegOpenKeyExA
RegQueryInfoKeyA
RegNotifyChangeKeyValue
RegSetValueA
RegQueryValueA
RegOpenKeyA
RegCloseKey
RegCreateKeyA
RegSetValueExA
RegSetValueExW
RegDeleteValueW

ole32

StringFromCLSID
CreateFileMoniker

msvcrt

free
_initterm
_vsnprintf
localtime
time
_except_handler3
_fileno
__pioinfo
__badioinfo
realloc
wcstombs
iswctype
wctomb
localeconv
__mb_cur_max
mbtowc
isxdigit
isdigit
memcpy
_errno
__CxxFrameHandler
memmove
malloc
wcschr
strncmp
_finite
_CxxThrowException
_lseeki64
_write
_isatty
_snprintf
memset
_adjust_fdiv
_XcptFilter
_iob
wcstoul
_itoa
_wcslwr
_wcsdup
srand
rand

Sections

.text
Size: 162KB - Virtual size: 162KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 34KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f5eda1ec95b514a5a7227155e474becd

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

msvcrt

Sections

.text Size: 162KB - Virtual size: 162KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 34KB - Virtual size: 67KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 162KB - Virtual size: 162KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 34KB - Virtual size: 67KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 5KB - Virtual size: 4KB