02b0fc5102efdb74ead8f9ac64501dee_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

02b0fc5102efdb74ead8f9ac64501dee_JaffaCakes118
Size

573KB
MD5

02b0fc5102efdb74ead8f9ac64501dee
SHA1

aaf2f3797aafe95710c959467f530bcca4b0d208
SHA256

a359b2b08bd38aa368765763f0854bc8243c46b8c895ab5b1862e0099d1872a3
SHA512

7ec754fdf097930b884df18f127b11d5bfb87f4313ceaceff331d77888f77a7ec2cf865dd834a3d778390f4f3b680e7ed03cc0307452e6946df84ebd5610b3cd
SSDEEP

12288:u84/vVmjkdZlxWAIoisOaSJijpDgGktQJNZRA/ep0a:Osgdf4XHBijpsGsQzfSU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
02b0fc5102efdb74ead8f9ac64501dee_JaffaCakes118

Files

02b0fc5102efdb74ead8f9ac64501dee_JaffaCakes118
.dll windows:4 windows x86 arch:x86

5ed9919b4cb4eef50d07af036070c728

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCommandLineA
GetConsoleCP
GetConsoleMode
GetConsoleOutputCP
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetFileType
GetLastError
GetLocaleInfoA
GetModuleFileNameA
GetModuleFileNameW
GetModuleHandleA
GetModuleHandleW
GetOEMCP
GetProcAddress
GetProcessPriorityBoost
GetStartupInfoA
GetStringTypeA
GetStringTypeW
GetSystemInfo
GetSystemTimeAsFileTime
GetThreadLocale
GetTickCount
GetVersionExA
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
HeapSize
GetCPInfo
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
LCMapStringA
LCMapStringW
LeaveCriticalSection
LoadResource
MultiByteToWideChar
OutputDebugStringA
QueryPerformanceCounter
RaiseException
RtlUnwind
SetEvent
SetFilePointer
SetHandleCount
SetLastError
SetStdHandle
SetThreadLocale
SizeofResource
Sleep
TerminateProcess
VirtualAlloc
VirtualFree
VirtualProtect
VirtualQuery
WideCharToMultiByte
WriteConsoleA
WriteConsoleW
WriteFile
lstrcmpiW
lstrlenW
GetACP
FreeEnvironmentStringsW
FreeEnvironmentStringsA
FlushFileBuffers
FindResourceW
ExitProcess
EnterCriticalSection
CreateFileA
InitializeCriticalSection
CloseHandle

ole32

CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
PropVariantClear

user32

CharNextW

oleaut32

SysFreeString
SysStringLen
UnRegisterTypeLi
VarUI4FromStr
RegisterTypeLi
LoadTypeLi
SysAllocString

advapi32

RegCreateKeyExW
RegDeleteKeyW
RegDeleteValueW
RegEnumKeyExW
RegOpenKeyExW
RegQueryInfoKeyW
RegQueryValueExW
RegSetValueExW
RegCloseKey

Exports

Exports

AcquireLock
Dir
EvalCodeEx
Number_Multiply
RuntimeError
StreamWriter
create_info_struct

Sections

.text
Size: 124KB - Virtual size: 124KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 292KB - Virtual size: 291KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5ed9919b4cb4eef50d07af036070c728

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

advapi32

Exports

Exports

Sections

.text Size: 124KB - Virtual size: 124KB

.rdata Size: 292KB - Virtual size: 291KB

.data Size: 107KB - Virtual size: 107KB

.rsrc Size: 40KB - Virtual size: 39KB

.reloc Size: 8KB - Virtual size: 8KB

.text
Size: 124KB - Virtual size: 124KB

.rdata
Size: 292KB - Virtual size: 291KB

.data
Size: 107KB - Virtual size: 107KB

.rsrc
Size: 40KB - Virtual size: 39KB

.reloc
Size: 8KB - Virtual size: 8KB