0ccabe6a18b12eb1d8a9196e8bfaadae_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0ccabe6a18b12eb1d8a9196e8bfaadae_JaffaCakes118
Size

124KB
MD5

0ccabe6a18b12eb1d8a9196e8bfaadae
SHA1

9a4111e5aace6460f61588717934a8f1747b1e03
SHA256

92ddd379f955e67ed393419d8ba0148e4233ec6a427b0951f64f0d85ac08fe32
SHA512

cd944fa05b1b418023d51da9ddb408e1c2751d9e36ecbe1496fd3cf2d3eb1a2e2164fb88d2a7c4cf44e11f01bf94f6e665c4e91ef6dffca92e24b01e549c0dab
SSDEEP

3072:lOKTZvPvMcKf9+ojd1wGktaSUiGBXp9GaBCuj941Vf+Eh6d1:xTFXzK1+IcaSrGZzCuj94XhcH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ccabe6a18b12eb1d8a9196e8bfaadae_JaffaCakes118

Files

0ccabe6a18b12eb1d8a9196e8bfaadae_JaffaCakes118
.dll windows:4 windows x86 arch:x86

958dcdb9b07b83c392f4069ea94c6216

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateEventA
CreateMutexA
ExitProcess
GetProcAddress
GetCommandLineA
EnterCriticalSection
GetTickCount
WriteFile
CreateFileMappingA
LocalFree
InterlockedCompareExchange
GetModuleFileNameA
UnmapViewOfFile
SetLastError
LoadLibraryA
GetComputerNameA
WaitForSingleObject
HeapAlloc
lstrlenA
MapViewOfFile
LeaveCriticalSection
GetCurrentProcessId
InterlockedIncrement
OpenEventA
GetModuleHandleA
ReleaseMutex
InterlockedDecrement
CreateProcessA
Sleep
GetVolumeInformationA
CreateFileA
GetLastError
CreateDirectoryA
CopyFileA
GetProcessHeap
HeapFree
lstrlenW

ole32

OleCreate
CoCreateGuid
CreateBindCtx
OleSetContainedObject
CoUninitialize
CoInitialize
CoTaskMemAlloc

user32

TranslateMessage
KillTimer
GetParent
UnhookWindowsHookEx
GetWindowLongA
DispatchMessageA
SetWindowLongA
GetSystemMetrics
FindWindowA
DestroyWindow
SendMessageA
RegisterWindowMessageA
PostMessageA
SetWindowsHookExA
CreateWindowExA
SetTimer
GetWindowThreadProcessId
DefWindowProcA
PostQuitMessage
GetClassNameA
GetMessageA

oleaut32

SysAllocString
SysAllocStringLen
SysFreeString

shlwapi

UrlUnescapeW
StrStrIW

advapi32

RegDeleteValueA
RegCloseKey
RegSetValueExA
RegCreateKeyExA
RegQueryValueExA
GetUserNameA
RegOpenKeyExA

shell32

SHGetFolderPathA

Exports

Exports

Clipmapmm

Sections

.text
Size: 104KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

958dcdb9b07b83c392f4069ea94c6216

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

shlwapi

advapi32

shell32

Exports

Exports

Sections

.text Size: 104KB - Virtual size: 102KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 8KB - Virtual size: 7KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 104KB - Virtual size: 102KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 8KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 2KB