0d42de0925fb9beceaa6b6f40d5dcd30_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0d42de0925fb9beceaa6b6f40d5dcd30_JaffaCakes118
Size

407KB
MD5

0d42de0925fb9beceaa6b6f40d5dcd30
SHA1

2119189658a1ac7e6cf83b8880e2cf69b4733f01
SHA256

f0e83d896122c334892df6370657aa6c8b91439508d82f8de33e57112de2351d
SHA512

9bf96954ddecea5b75eb3b5209e3b1fd94c72de8298d6872e2225f715fb6545dcf79d64ec62d78aa562824c23db07f0c951183f56f00f9eca421178002b8511f
SSDEEP

3072:5sRe0JcJ7uvgsN/XemuJVYFIo1OcVOvd8vaMImy8ASNMUuka85yC7:5sACSIgslX5kzoI8MMIPSNhaLi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d42de0925fb9beceaa6b6f40d5dcd30_JaffaCakes118

Files

0d42de0925fb9beceaa6b6f40d5dcd30_JaffaCakes118
.dll windows:5 windows x86 arch:x86

e82062bdc945646eea4bdf847732ebf1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FreeLibrary
GetProcAddress
LoadLibraryA
DeleteCriticalSection
VirtualFree
LeaveCriticalSection
EnterCriticalSection
Sleep
VirtualAlloc
CloseHandle
WaitForSingleObject
GetLastError
ResetEvent
SetEvent
InterlockedExchange
CancelIo
DeleteFileA
CreateDirectoryA
GetFileAttributesA
lstrcpyA
lstrlenA
GetDriveTypeA
GetDiskFreeSpaceExA
GetVolumeInformationA
GetLogicalDriveStringsA
FindClose
LocalFree
FindNextFileA
LocalReAlloc
FindFirstFileA
LocalAlloc
GetFileSize
CreateFileA
ReadFile
SetFilePointer
MoveFileA
lstrcatA
CreateProcessA
CreateThread
TerminateThread
Process32Next
lstrcmpiA
Process32First
CreateToolhelp32Snapshot
GetLocalTime
MapViewOfFile
CreateFileMappingA
HeapFree
GetProcessHeap
HeapAlloc
GetTickCount
UnmapViewOfFile
GetModuleHandleA
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
GlobalSize
GetStartupInfoA
WaitForMultipleObjects
LocalSize
TerminateProcess
OpenProcess
GetCurrentThreadId
GlobalMemoryStatus
GetSystemInfo
GetComputerNameA
GetVersionExA
OpenEventA
SetErrorMode
GetCurrentProcess
GetWindowsDirectoryA
SetFileAttributesA
CopyFileA
CreateEventA
ExpandEnvironmentStringsA
GetModuleFileNameA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
SetStdHandle
FlushFileBuffers
GetLocaleInfoA
RaiseException
RtlUnwind
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
ExitThread
WideCharToMultiByte
GetCommandLineA
DebugBreak
MultiByteToWideChar
SetHandleCount
GetStdHandle
GetFileType
GetModuleHandleW
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
HeapCreate
HeapDestroy
HeapReAlloc
ExitProcess
WriteFile
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameW
VirtualQuery
GetConsoleCP
GetConsoleMode
InitializeCriticalSectionAndSpinCount
HeapSize
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW

ws2_32

getsockname
send
closesocket
select
recv
socket
gethostbyname
htons
setsockopt
WSAIoctl
WSACleanup
WSAStartup

Exports

Exports

MyWork

Sections

.text
Size: 181KB - Virtual size: 190KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 25KB - Virtual size: 25KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e82062bdc945646eea4bdf847732ebf1

Headers

File Characteristics

Imports

kernel32

ws2_32

Exports

Exports

Sections

.text Size: 181KB - Virtual size: 190KB

.rdata Size: 25KB - Virtual size: 25KB

.rsrc Size: 24KB - Virtual size: 24KB

.reloc Size: 12KB - Virtual size: 11KB

.text
Size: 181KB - Virtual size: 190KB

.rdata
Size: 25KB - Virtual size: 25KB

.rsrc
Size: 24KB - Virtual size: 24KB

.reloc
Size: 12KB - Virtual size: 11KB