fffc46dacfe5493bc3c6d020f0bd9ea9_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

fffc46dacfe5493bc3c6d020f0bd9ea9_JaffaCakes118
Size

116KB
MD5

fffc46dacfe5493bc3c6d020f0bd9ea9
SHA1

f958f8300ed3952d290237cdc559723c175cb3ae
SHA256

a7adaa91e6be3079d114b44c991f00dfe90cc5e19c9401e9439f780df43fa072
SHA512

c99b7448c2c85285053fd32846d172aba85bb1b2e0da4057259c19caf68f280a1251e302e99cd5a3aec422a2692d241a0efaaa73eefdf9bcec639e0ce0acf3e9
SSDEEP

1536:CE789lfSD/7DKHvB4n8UVS8MTBdzoLzVEgDMSeymq0XDdMOUBWRQtIas4V:yfigKnZVS8MTBdM1TDMAIdxU4TaV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fffc46dacfe5493bc3c6d020f0bd9ea9_JaffaCakes118

Files

fffc46dacfe5493bc3c6d020f0bd9ea9_JaffaCakes118
.dll windows:4 windows x86 arch:x86

981485aad6d38aa705ebb72a53bebb7b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
SetUnhandledExceptionFilter
SetLastError
FreeLibrary
DisableThreadLibraryCalls
GetVersionExA
GetFileAttributesW
ReleaseMutex
WaitForSingleObject
CreateMutexW
GetLocaleInfoW
GetGeoInfoW
GetTickCount
GetUserDefaultLCID
GetUserGeoID
LocalFree
LocalAlloc
GetUserDefaultLangID
HeapFree
FormatMessageW
lstrcmpW
GetProcessHeap
HeapAlloc
lstrlenW
InterlockedDecrement
InterlockedIncrement
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
QueryPerformanceCounter
InterlockedCompareExchange
Sleep
InterlockedExchange
CloseHandle
GetLastError
GetCommandLineA
GlobalFree
VirtualProtect
GetSystemDefaultLCID
GlobalAlloc

user32

PostMessageW
GetParent
GetWindowLongW
SetWindowLongW
GetDlgItem
LoadStringW
SetDlgItemTextW
IsWindowVisible
SendMessageW
GetDlgItemTextW
LoadIconW
DestroyIcon
EnableWindow
SetFocus
MessageBoxW
CheckDlgButton
SendDlgItemMessageW
SetCursor
LoadCursorW
CharLowerBuffW
KillTimer
ShowWindow
IsDlgButtonChecked

advapi32

RegOpenKeyExW
DuplicateTokenEx
GetTokenInformation
RevertToSelf
RegCloseKey
RegCreateKeyExW
SetThreadToken

gdi32

GetObjectType
GetCurrentObject
DeleteDC
GetDeviceCaps
GetObjectA

ole32

CreateBindCtx
OleUninitialize
CoCreateInstance
CoTaskMemFree
StringFromCLSID
CoCreateGuid
CoInitializeEx

msvcr71

_except_handler3
_adjust_fdiv
_amsg_exit
_XcptFilter
_onexit
malloc
free
_wcsicmp
memset
_initterm
memcpy
_vsnwprintf
__CppXcptFilter
__dllonexit

Sections

.text
Size: 56KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

981485aad6d38aa705ebb72a53bebb7b

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

ole32

msvcr71

Sections

.text Size: 56KB - Virtual size: 52KB

.rdata Size: 40KB - Virtual size: 36KB

.data Size: 4KB - Virtual size: 34KB

.rsrc Size: 8KB - Virtual size: 5KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 56KB - Virtual size: 52KB

.rdata
Size: 40KB - Virtual size: 36KB

.data
Size: 4KB - Virtual size: 34KB

.rsrc
Size: 8KB - Virtual size: 5KB

.reloc
Size: 4KB - Virtual size: 3KB