10ba9fbcc87bc7c1f12e15dfaebfddec_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

10ba9fbcc87bc7c1f12e15dfaebfddec_JaffaCakes118
Size

80KB
MD5

10ba9fbcc87bc7c1f12e15dfaebfddec
SHA1

c304671928adfacb3ab0b9412780f19ef0217f8a
SHA256

b742fffc68aa765b6a0336c28f666076518dbef95e5edbc1671a89e9a71ff929
SHA512

33394ae9c6e8016acf9f5813f87202c694d21c265531544cb0b3431189ff5054c50c2f8563089e834569b23141f0d95d63f177057fc3b591feb774ccdeb90b21
SSDEEP

1536:1XuLHP+m+BON8CfffwwH+emBCp2i7u/H8BYxmlY:szqBON8CfwwH+REpD7iH8wm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
10ba9fbcc87bc7c1f12e15dfaebfddec_JaffaCakes118

Files

10ba9fbcc87bc7c1f12e15dfaebfddec_JaffaCakes118
.dll windows:4 windows x86 arch:x86

d671a79943c8ee12c02c3c231c06f734

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetTimeZoneInformation
GetProfileIntA
GetCompressedFileSizeW
HeapLock
OpenEventW
GetDiskFreeSpaceExW
FindNextFileA
GetSystemPowerStatus
IsBadHugeReadPtr
TerminateJobObject
CompareStringW
GetWindowsDirectoryA
HeapReAlloc
CreateWaitableTimerA
GetProcessAffinityMask
CreateFileMappingW
IsValidLanguageGroup
UnregisterWaitEx
DosDateTimeToFileTime
GetConsoleCP
GetDateFormatW
DeleteFileA
HeapWalk
FindNextChangeNotification
GetVolumePathNameW
ConnectNamedPipe
SetNamedPipeHandleState
SetFilePointer
GetConsoleOutputCP
GlobalFindAtomA
GetSystemDefaultUILanguage
SetConsoleCtrlHandler
SuspendThread
GlobalReAlloc
ConvertDefaultLocale
GlobalGetAtomNameA
SetProcessShutdownParameters
WinExec
LocalFlags
UnlockFileEx
GetLocalTime
IsValidLocale
GetModuleHandleW
GetFullPathNameW
FindVolumeMountPointClose
GetThreadLocale
LocalAlloc
ClearCommError
GetTempFileNameA
CopyFileW
ChangeTimerQueueTimer
IsBadReadPtr
VerLanguageNameW
MoveFileW
IsBadStringPtrW
GetDiskFreeSpaceA
FindFirstVolumeMountPointW
RegisterWaitForSingleObject
LocalReAlloc
GlobalAddAtomA
HeapCreate
lstrcatA
SetErrorMode
GetVolumeInformationA
lstrcpyA
GetProfileStringW
FindAtomW
SearchPathA
WriteProcessMemory
FlushConsoleInputBuffer
HeapSetInformation
SetConsoleWindowInfo
OpenSemaphoreW
MultiByteToWideChar
GetFileType
FileTimeToLocalFileTime
FindVolumeClose
FindResourceW
CreateNamedPipeA
GetStringTypeExW
GetVolumeNameForVolumeMountPointW
IsBadStringPtrA
CreateIoCompletionPort
OpenMutexA
GetStdHandle
SetConsoleTextAttribute
GetNumberFormatA
GlobalFindAtomW
GetCurrentProcessId
GetSystemDefaultLangID
GetVersion
CreatePipe
GetCurrentDirectoryW
ReadFile
GetTempPathW
CreateTimerQueue
GetThreadPriority
PurgeComm
GetLongPathNameW
PostQueuedCompletionStatus
GetSystemDirectoryW
SetVolumeLabelA
HeapSize
GetUserDefaultLCID
GetWindowsDirectoryW
GetFileAttributesExA
GetComputerNameW
SetCurrentDirectoryA
GetFileTime
SetLastError
GetQueuedCompletionStatus
FindNextFileW
LCMapStringA
SizeofResource
GetSystemTime
OpenFile
GetComputerNameExW
WaitNamedPipeW
ReadFileEx
SetFileAttributesA
FileTimeToDosDateTime
GetVersionExA
FileTimeToSystemTime
GetEnvironmentStrings
DeleteCriticalSection
TerminateProcess
InitializeCriticalSection
CreateFileMappingA
lstrcatW
lstrlenW
EnterCriticalSection
CopyFileA
UnmapViewOfFile
GetLastError
CloseHandle
LoadLibraryA
ReleaseMutex
CreateThread
GetProcessHeap
GetProcAddress
HeapFree
MoveFileExA
InterlockedExchange
CreateProcessA
CreateDirectoryA
MapViewOfFile
LeaveCriticalSection
FindFirstChangeNotificationA
VirtualProtect

shlwapi

PathAddExtensionW
PathIsDirectoryA
StrDupW
UrlGetPartW
SHCreateStreamOnFileW
UrlIsW
PathGetCharTypeW
PathRemoveFileSpecW
StrChrA
UrlEscapeW
StrRetToStrW
StrStrW
PathQuoteSpacesW
PathMakePrettyW
SHRegGetValueW
PathCommonPrefixW
AssocQueryStringW
PathFindFileNameA
PathUnquoteSpacesW
UrlUnescapeW
UrlCanonicalizeW
PathIsUNCServerW
StrCmpW
SHDeleteKeyW
PathFindExtensionA
UrlCombineW
StrStrIW
PathFileExistsW

shell32

SHPathPrepareForWriteW
SHGetSpecialFolderLocation
DragQueryFileW
SHBrowseForFolderW
ShellExecuteW
SHAddToRecentDocs
SHGetFileInfoA
ShellExecuteExW
ExtractIconExA
SHGetSpecialFolderPathA
SHFileOperationW
ExtractIconW
SHGetPathFromIDListA
SHSetLocalizedName
DragAcceptFiles
SHGetFolderPathA

gdi32

EnumFontFamiliesExA
GetPath
EnumEnhMetaFile
StretchDIBits
CreateMetaFileA
SetROP2
EndPath
DeleteObject
LPtoDP
CreateDCW
GetTextExtentPointW
GetBrushOrgEx
UpdateColors
PolyPolyline
RemoveFontResourceW
StartDocA
PlayEnhMetaFile
GetTextColor
GetTextCharset
CreateScalableFontResourceA
CopyMetaFileW
GetNearestColor
CreateDIBSection
SetColorAdjustment
OffsetViewportOrgEx
TranslateCharsetInfo
FillRgn
GetObjectA
ResetDCA
GetViewportExtEx
EndDoc
SetTextAlign
PolyDraw
TextOutA
CreateFontW
SetTextCharacterExtra
GetViewportOrgEx
GetTextExtentPointA
GetCharWidth32W
StrokePath
GetKerningPairsA
TextOutW
SetMetaFileBitsEx
CreateHalftonePalette
StartDocW
GetEnhMetaFileHeader
GetBitmapDimensionEx
PlayMetaFileRecord
RectVisible
Ellipse
GetEnhMetaFileA
SetPixel
FlattenPath
StrokeAndFillPath
GetEnhMetaFileBits
SetDCBrushColor
GetROP2
DeleteEnhMetaFile
PlayMetaFile
EndPage
EnumFontFamiliesW
CreateICA
BeginPath
SetBitmapDimensionEx
OffsetRgn
CreateCompatibleDC
ExtTextOutW
CreateBitmapIndirect
GetCharacterPlacementA
DeleteDC
UnrealizeObject
SetSystemPaletteUse
GetSystemPaletteEntries
SetMetaRgn
GetStockObject
GetMapMode
ExtTextOutA
SetBkColor

Exports

Exports

DllInit
DllInstall

Sections

.text
Size: 60KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d671a79943c8ee12c02c3c231c06f734

Headers

File Characteristics

Imports

kernel32

shlwapi

shell32

gdi32

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 56KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 60KB - Virtual size: 56KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 2KB