0179561d692673f0fded0ef40b236d3c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0179561d692673f0fded0ef40b236d3c_JaffaCakes118
Size

271KB
MD5

0179561d692673f0fded0ef40b236d3c
SHA1

45bfc707c46f3afbff57ff4e6c47ad2186579d0b
SHA256

acb6dbb68f70c9eff87a439c74b83eec77baab22cdd3d90d276674d5ac6c58e1
SHA512

f93ffc7347bf3dd56b0f5447e571123a6739530c9da193127e18b69fc42e354f191a0e9f66d50ba2d5e15f2a0db71c841e5d554e3753939fcd31a7f4a8678567
SSDEEP

3072:FnDxnWHFXiGu7R676piyd7Wd3HPk2FAG14GygCWoXs9iMnA96ZrgTJ88bCIsS5Nu:FDxnuFi37876piyd7Wdfls0rgd88OI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0179561d692673f0fded0ef40b236d3c_JaffaCakes118

Files

0179561d692673f0fded0ef40b236d3c_JaffaCakes118
.dll windows:4 windows x86 arch:x86

a2742d91d8f7545328170e4e359cd4b8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

Sleep
GetCurrentThread
IsDBCSLeadByteEx
QueryPerformanceCounter
GetModuleHandleA
EnterCriticalSection
GetCurrentProcessId
GlobalMemoryStatus
InterlockedExchange
CreateFileA
WideCharToMultiByte
GetProcAddress
GetCurrentThreadId
CloseHandle
GetStartupInfoA
GetProcessWorkingSetSize
DeleteCriticalSection
SetUnhandledExceptionFilter
MultiByteToWideChar
InitializeCriticalSection
GetCurrentProcess
GetProcessTimes
GetThreadTimes
DeviceIoControl
LoadLibraryA
lstrlenA
SetEndOfFile
VirtualQuery
GetSystemInfo
SetStdHandle
GetConsoleOutputCP
WriteConsoleA
ReadFile
GetLocaleInfoA
GetProcessHeap
VirtualProtect
HeapValidate
UnhandledExceptionFilter
GetSystemTimeAsFileTime
InterlockedIncrement
InterlockedDecrement
ExitProcess
GetCommandLineA
GetVersionExA
TerminateProcess
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetLastError
OutputDebugStringA
GetModuleFileNameW
LeaveCriticalSection
GetCPInfo
GetACP
GetOEMCP
FatalAppExitA
GetModuleFileNameA
HeapDestroy
HeapCreate
VirtualFree
HeapFree
HeapAlloc
VirtualAlloc
HeapReAlloc
SetHandleCount
GetStdHandle
GetFileType
RtlUnwind
WriteFile
GetConsoleCP
GetConsoleMode
FlushFileBuffers
GetModuleHandleW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetTickCount
SetFilePointer
DebugBreak
WriteConsoleW
OutputDebugStringW
LoadLibraryW
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

user32

CharNextA
ReleaseDC
GetCursorPos
GetMessagePos
GetCapture
GetFocus
GetActiveWindow
GetClipboardOwner
GetOpenClipboardWindow
GetQueueStatus
GetCaretPos
GetMessageTime
GetInputState
GetProcessWindowStation

advapi32

RegQueryValueExA

Exports

Exports

DEWDSdsdrg
EWEDsvrersv

Sections

.text
Size: 109KB - Virtual size: 108KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 108KB - Virtual size: 290KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a2742d91d8f7545328170e4e359cd4b8

Headers

File Characteristics

Imports

kernel32

user32

advapi32

Exports

Exports

Sections

.text Size: 109KB - Virtual size: 108KB

.rdata Size: 38KB - Virtual size: 38KB

.data Size: 108KB - Virtual size: 290KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 9KB - Virtual size: 9KB

.text
Size: 109KB - Virtual size: 108KB

.rdata
Size: 38KB - Virtual size: 38KB

.data
Size: 108KB - Virtual size: 290KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 9KB - Virtual size: 9KB