0a831e91534fc143d9072b77e77fe250_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0a831e91534fc143d9072b77e77fe250_JaffaCakes118
Size

282KB
MD5

0a831e91534fc143d9072b77e77fe250
SHA1

927e62fc0c7fa1c166b872462354ee110feac918
SHA256

9669782b3501cdcb1a72eea781a12bde97e23f60e0750f390d8c931142fed00d
SHA512

fba38ff4bd81634681bd84878890026a08c8a7e38beedc5b8c13e648d196aa723d2134cab6139b036315a7f4861f3b20611506cbf32a0db932544fabbc0ae951
SSDEEP

3072:gHXUE042gtrmBsCO/SNr7U076NDeELn/osyLlTn6xtakOv0wGwuffjqLD:gkZ42YmB8Wrw0mNHGLlj6t8ufrq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0a831e91534fc143d9072b77e77fe250_JaffaCakes118

Files

0a831e91534fc143d9072b77e77fe250_JaffaCakes118
.dll windows:4 windows x86 arch:x86

90f83ff4b552b4a5dced7fdb867458b0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\Whereby\The\Correspond\Of.pdb

Imports

kernel32

LeaveCriticalSection
InitializeCriticalSectionAndSpinCount
LocalFree
GetModuleHandleW
SetLastError
CloseHandle
GetEnvironmentVariableW
GetLocalTime
Sleep
WriteFile
CompareStringW
lstrlenW
QueryPerformanceCounter
HeapAlloc
HeapFree
DisableThreadLibraryCalls
GetSystemInfo
VirtualAlloc
GetLastError
DeleteCriticalSection
ExpandEnvironmentStringsA
HeapSetInformation
GlobalUnlock
FreeLibrary
EncodePointer
GetStdHandle
GetFileType
GetConsoleMode
CreateFileW
WriteConsoleW

user32

IsCharUpperA
FindWindowA
GetWindowTextW
GetWindowTextLengthW
LoadStringW
IsDlgButtonChecked
CallWindowProcW
GetWindowLongW
SetForegroundWindow
SetFocus
ExitWindowsEx
RegisterClipboardFormatW
SetWindowLongW
EnableWindow
CheckDlgButton
EnableMenuItem
SetWindowPos

advapi32

RegCloseKey
InitiateSystemShutdownExW
RegCreateKeyExW
ReportEventW
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyExW
RegQueryValueExW
RegEnumKeyExW
RegSetValueExW
RegDeleteValueW
DeregisterEventSource
RegisterEventSourceW

ole32

CoUninitialize
ReleaseStgMedium

msvcrt

printf
memchr
memmove
strtoul
isdigit
wcstoul
malloc
free
wcsncmp

secur32

GetUserNameExW

shlwapi

PathCombineW

Exports

Exports

MeansOrTheJavaEndorsed

Sections

.text
Size: 68KB - Virtual size: 65KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.idata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

bss
Size: 4KB - Virtual size: 923B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 220KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 80KB - Virtual size: 77KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

90f83ff4b552b4a5dced7fdb867458b0

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

advapi32

ole32

msvcrt

secur32

shlwapi

Exports

Exports

Sections

.text Size: 68KB - Virtual size: 65KB

.idata Size: 4KB - Virtual size: 3KB

bss Size: 4KB - Virtual size: 923B

.rdata Size: 28KB - Virtual size: 24KB

.data Size: 24KB - Virtual size: 220KB

.rsrc Size: 80KB - Virtual size: 77KB

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 68KB - Virtual size: 65KB

.idata
Size: 4KB - Virtual size: 3KB

bss
Size: 4KB - Virtual size: 923B

.rdata
Size: 28KB - Virtual size: 24KB

.data
Size: 24KB - Virtual size: 220KB

.rsrc
Size: 80KB - Virtual size: 77KB

.reloc
Size: 4KB - Virtual size: 1KB