05c10ce80908fe10058738010496d5e1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

05c10ce80908fe10058738010496d5e1_JaffaCakes118
Size

116KB
MD5

05c10ce80908fe10058738010496d5e1
SHA1

a37d14a70ab9183c0a670e2ec459221e98c812b5
SHA256

a58b5d7199f3563eb730b0af4c7096112a9f96ec958e4216df2daa1cb95eeb34
SHA512

deab9278a7391853389092e5b97e17af014d2fa74d3773a57fad3c821a4282dde0f9f4f015b77eef7f5654f20c0e0bf300d2c1a2f0e260729e3ea7edc8b95463
SSDEEP

3072:yYoJX265JYJHrDrKhhu40gn9Pmq7WBw0Aa+8Ae:CF263Y9XK3FrW4a+8Ae

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
05c10ce80908fe10058738010496d5e1_JaffaCakes118

Files

05c10ce80908fe10058738010496d5e1_JaffaCakes118
.dll windows:4 windows x86 arch:x86

19ed5b748e79e8f37dcca992fd7ded78

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegQueryInfoKeyW
CloseServiceHandle
RegEnumValueW
RegOpenKeyW
RegQueryValueExA
RegQueryValueExW
FreeSid
RegDeleteValueW
RegSetValueExA
EqualSid
RegOpenKeyExW
RegDeleteKeyW

version

GetFileVersionInfoSizeW
VerQueryValueA
GetFileVersionInfoW
GetFileVersionInfoSizeA

kernel32

RtlUnwind
MultiByteToWideChar
SetFilePointer
FlushFileBuffers
GetOEMCP
LoadLibraryA
IsValidLocale
GetModuleHandleA
GetProcAddress
GetHandleInformation
VirtualAlloc
InterlockedExchange
GetModuleHandleW
GetLocaleInfoA
CreateProcessW
FindResourceExW
GetTempFileNameW
GetConsoleCP
SystemTimeToFileTime
MapViewOfFile
LCMapStringA
GetVersionExA
ExitProcess
EnumSystemLocalesA
GlobalReAlloc
CompareStringA
GetModuleFileNameA
FreeLibrary
CreateEventW
ExitThread
SetEvent
CreateDirectoryA
ExpandEnvironmentStringsA
GetCurrentProcessId
CreateFileW
SetCurrentDirectoryW
LeaveCriticalSection
InterlockedCompareExchange
HeapFree
GetStringTypeA
GetLocaleInfoW
HeapSize
GlobalFree
InterlockedDecrement
CreateDirectoryW
SetHandleCount
VirtualQuery
InitializeCriticalSection
CreateMutexA
lstrcmpiA
GetLocalTime
WriteConsoleA
RaiseException
SetLastError
CreateProcessA
FindResourceA
VirtualFree
DeleteCriticalSection
CopyFileW
ResumeThread
GetVersion
GetCPInfo
LoadLibraryExW
HeapCreate
FindResourceW
GetCurrentThreadId
GlobalLock
GetLastError
GlobalUnlock
GetThreadLocale
GetCurrentDirectoryA
GetCurrentDirectoryW
WideCharToMultiByte
GetFileSize
IsBadReadPtr
SetErrorMode
SearchPathW
QueryPerformanceCounter
IsValidCodePage
SizeofResource
LCMapStringW
HeapDestroy
CreateFileA
Sleep
GetModuleFileNameW
GetStartupInfoW
ResetEvent
GetShortPathNameA
lstrcpynA
GetSystemInfo
GetFileTime
GetSystemTime
GetTickCount
CreateFileMappingA
IsBadWritePtr
UnmapViewOfFile
CopyFileA
ReadFile
lstrcpyA
GetTempPathA
GetConsoleMode
CloseHandle
SetStdHandle
FormatMessageA
GetStringTypeW
GetShortPathNameW
GetSystemTimeAsFileTime
GetTimeFormatA
LocalFree
InterlockedIncrement
HeapReAlloc
lstrcmpA
GlobalAlloc
WriteFile
SetEnvironmentVariableA
GlobalHandle
lstrcmpiW
WaitForSingleObject
SearchPathA
lstrcpynW
GetCurrentThread
GetStartupInfoA
CreateMutexW
HeapAlloc
GetThreadTimes
SuspendThread
GetACP
CreateEventA
GetTempPathW
ReleaseMutex
CreateFileMappingW
GetFileType
IsBadStringPtrW
lstrcmpW
GetTempFileNameA
CreateThread
CompareStringW
SetEndOfFile
GetCommandLineA
EnterCriticalSection
FatalAppExitA
TerminateProcess
GetCurrentProcess
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
GetStdHandle
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
UnhandledExceptionFilter

Exports

Exports

MZONKKOON

Sections

.text
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

19ed5b748e79e8f37dcca992fd7ded78

Headers

File Characteristics

Imports

advapi32

version

kernel32

Exports

Exports

Sections

.text Size: 44KB - Virtual size: 41KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 52KB - Virtual size: 54KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 44KB - Virtual size: 41KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 52KB - Virtual size: 54KB

.reloc
Size: 8KB - Virtual size: 4KB