069836c2ab656343130dfeabfbceac77_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

069836c2ab656343130dfeabfbceac77_JaffaCakes118
Size

108KB
MD5

069836c2ab656343130dfeabfbceac77
SHA1

2889fd417a7a3a5d056d42896f033a00dc09290c
SHA256

a828d3910e8785e32f4e6cae1dd8ac7435674c160542ec1f657af4f254abfb6a
SHA512

557fd5b4bce4c15a848e305e5cff1147d095ad8cc1ba1224918778f5637587aa4ad577a927f05b75b02270b1896f32fcf2c5687e25bf045e7a1a8181dcc40579
SSDEEP

1536:nx87MXAxdnnPkp2yWiyKqfViTwx2NMkMWTusb3+TO1oElzKoW:nxRqdnPkMiyK6mMkMgoElzj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
069836c2ab656343130dfeabfbceac77_JaffaCakes118

Files

069836c2ab656343130dfeabfbceac77_JaffaCakes118
.dll windows:4 windows x86 arch:x86

173231b16de7ce82e974016f322a8d07

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetErrorMode
CreateMutexA
GlobalUnlock
GlobalLock
GetModuleFileNameA
CloseHandle
CreateThread
MultiByteToWideChar
FreeLibrary
GetProcAddress
LoadLibraryA
GetCurrentProcess
VirtualFree
VirtualAlloc
Sleep
GetCurrentProcessId
CreateEventA
DisconnectNamedPipe
WriteFile
WaitForMultipleObjects
WaitNamedPipeA
GetLastError
CreateFileA
SetEvent
GetModuleHandleA
FindClose
DisableThreadLibraryCalls
FindFirstFileA
GetWindowsDirectoryA
GetSystemTimeAdjustment
GetSystemTime
CompareStringW
CompareStringA
FlushFileBuffers
SetStdHandle
SetFilePointer
IsBadCodePtr
IsBadReadPtr
GetOEMCP
GetACP
GetCPInfo
SetUnhandledExceptionFilter
GetStringTypeW
WaitForSingleObject
FindNextFileA
ReleaseMutex
GetStringTypeA
GetEnvironmentStringsW
GetEnvironmentStrings
RtlUnwind
InterlockedDecrement
InterlockedIncrement
HeapFree
HeapAlloc
GetCommandLineA
GetVersion
RaiseException
GetTimeZoneInformation
GetLocalTime
HeapReAlloc
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
ExitProcess
WideCharToMultiByte
LCMapStringA
LCMapStringW
HeapDestroy
HeapCreate
IsBadWritePtr
TerminateProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
SetEnvironmentVariableA

user32

GetAncestor
RegisterWindowMessageA
SendMessageTimeoutA
SendMessageA
GetWindowTextA
GetWindowTextLengthW
GetParent
CallWindowProcW
IsWindowVisible
IsWindowEnabled
EnumChildWindows
GetWindowTextW
GetWindowLongA
OpenClipboard
GetClipboardData
CloseClipboard
GetClassNameA
SetWindowsHookExW
CallNextHookEx
GetForegroundWindow

advapi32

GetTokenInformation
OpenProcessToken

oleaut32

SysAllocStringByteLen
SysFreeString

Exports

Exports

hk_start

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

173231b16de7ce82e974016f322a8d07

Headers

File Characteristics

Imports

kernel32

user32

advapi32

oleaut32

Exports

Exports

Sections

.text Size: 80KB - Virtual size: 79KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 8KB - Virtual size: 13KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 80KB - Virtual size: 79KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 13KB

.reloc
Size: 8KB - Virtual size: 4KB