05038de46b95a50354d991be9d5353d9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

05038de46b95a50354d991be9d5353d9_JaffaCakes118
Size

40KB
MD5

05038de46b95a50354d991be9d5353d9
SHA1

e129030f9e95d557a71c60572e3ac78056383b9a
SHA256

aeabd9582b56ca27bcd1d44677b2cfb5aacf21ef0af444db32d1b5574b2e6521
SHA512

8b8cedb181705ab7d55f9bb49774f0c95d1966de4ceea77fe0be820eafec784fd08f9bf6b8964c1b5b6b3076835a402b4641e305ebe3fbe3c4a9c22801ea8510
SSDEEP

384:kO/xAtxZy44Kbyln4auN3ZzwJX/KifpJQXu3BABOU:7Cq446yln4aS4/KifpJzBABOU

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
05038de46b95a50354d991be9d5353d9_JaffaCakes118

Files

05038de46b95a50354d991be9d5353d9_JaffaCakes118
.dll windows:4 windows x86 arch:x86

5e3a752aa98b6b19fc55868c0c0200d9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FindClose
FindNextFileA
FindFirstFileA
CloseHandle
CreateFileA
DeleteFileA
lstrlenA
GetSystemTimeAsFileTime
HeapFree
HeapAlloc
HeapCreate
GetProcessHeap
HeapDestroy
GetWindowsDirectoryA
GetVolumeInformationA
GetThreadLocale
SetThreadLocale
FindResourceA
LoadResource
LockResource
FreeLibrary
CopyFileA
LoadLibraryA
GetProcAddress
MultiByteToWideChar
WideCharToMultiByte
GetModuleFileNameA

user32

LoadStringA

advapi32

RegEnumValueA
RegEnumKeyA
RegQueryInfoKeyA
RegCloseKey
RegCreateKeyExA
RegSetValueExA
RegDeleteValueA
RegQueryValueExA
RegCreateKeyA
RegOpenKeyA
RegDeleteKeyA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

msvcrt

memset
_strdup
_ltoa
_adjust_fdiv
_initterm
_onexit
__dllonexit
strstr
ftell
fseek
fopen
fread
fclose
memcmp
sprintf
strcat
_mbsicmp
strcpy
strtok
strchr
__CxxFrameHandler
strncat
_except_handler3
_snprintf
??3@YAXPAX@Z
atoi
strcmp
atol
wcschr
_stricmp
??2@YAPAXI@Z
strlen
strncpy
free
memcpy
malloc

Exports

Exports

AddCNS
AddCNSEx
AddCNSExOrder
AddWnd
DelCNSEx
DeleteName
Free
GetCount
GetName
Init
Lookup
Reset
Save
Set

Sections

.text
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.cnsmini
Size: 4KB - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5e3a752aa98b6b19fc55868c0c0200d9

Headers

File Characteristics

Imports

kernel32

user32

advapi32

version

msvcrt

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 11KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 30KB

.cnsmini Size: 4KB - Virtual size: 8B

.rsrc Size: 8KB - Virtual size: 5KB

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 12KB - Virtual size: 11KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 30KB

.cnsmini
Size: 4KB - Virtual size: 8B

.rsrc
Size: 8KB - Virtual size: 5KB

.reloc
Size: 4KB - Virtual size: 1KB