0e0dde4655443c471644fdf4531d04bd_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0e0dde4655443c471644fdf4531d04bd_JaffaCakes118
Size

224KB
MD5

0e0dde4655443c471644fdf4531d04bd
SHA1

a7395cb1ac51a984d8e9a964675066092e906bab
SHA256

441ca92a744fb75046b8e077dd7801e5619a96446ec64690cff9f7e00bc772a8
SHA512

345480e127e66fac11256604ab65911978ef44f441860d8e3f58f9b97c8b916cf239efcf8362499f5d574055527241bda34c37ded9ab8fea8eebe8344fe8f499
SSDEEP

3072:/FrGb+Qm+ozhCUrMKzh0Uh2o8ELiYcnQrsIze+08Fx+z+uTei/2GRnMtn9Evv+:Iozh0Uoo8ELiznoe38c+Ni/2mnMkvG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e0dde4655443c471644fdf4531d04bd_JaffaCakes118

Files

0e0dde4655443c471644fdf4531d04bd_JaffaCakes118
.dll windows:4 windows x86 arch:x86

5a3bf4f3a78c102cfd1a40e4504f0773

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryExA
lstrcpynA
GetProcAddress
SizeofResource
GetCurrentProcessId
lstrlenW
FlushFileBuffers
CloseHandle
CreateFileA
WideCharToMultiByte
WriteConsoleA
SetStdHandle
VirtualQuery
GetSystemInfo
VirtualProtect
GetConsoleMode
GetConsoleCP
SetFilePointer
LoadLibraryW
RtlUnwind
LoadLibraryA
HeapDestroy
GetModuleHandleA
LeaveCriticalSection
TerminateProcess
GetConsoleOutputCP
WaitForSingleObject
OutputDebugStringW
WriteConsoleW
DebugBreak
WriteFile
GetModuleHandleW
InitializeCriticalSection
HeapValidate
GetCommandLineA
GetVersionExA
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
OutputDebugStringA
GetCPInfo
InterlockedIncrement
InterlockedDecrement
GetACP
GetOEMCP
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetLastError
GetCurrentThreadId
FatalAppExitA
DeleteCriticalSection
EnterCriticalSection
GetModuleFileNameA
GetModuleFileNameW
HeapCreate
VirtualFree
HeapFree
HeapAlloc
VirtualAlloc
HeapReAlloc
ExitProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
LCMapStringA
MultiByteToWideChar
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA

user32

CharNextA
DefWindowProcA
SetFocus
GetClassInfoExA
ReleaseDC
LoadCursorA
PeekMessageA
DispatchMessageA
UpdateWindow
TranslateMessage
PostMessageA
SetWindowPos
wsprintfA
OffsetRect
PtInRect
GetParent
SetWindowLongA
IntersectRect
RegisterClassExA
EqualRect

advapi32

RegDeleteKeyA
RegOpenKeyExA
RegQueryInfoKeyA
RegCloseKey
RegQueryValueExA

ws2_32

WSAStartup
closesocket
shutdown
recv
ioctlsocket
select
send
connect

Exports

Exports

Abfks932JdI

Sections

.text
Size: 125KB - Virtual size: 125KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 86KB - Virtual size: 413KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5a3bf4f3a78c102cfd1a40e4504f0773

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ws2_32

Exports

Exports

Sections

.text Size: 125KB - Virtual size: 125KB

.data Size: 86KB - Virtual size: 413KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 9KB - Virtual size: 8KB

.text
Size: 125KB - Virtual size: 125KB

.data
Size: 86KB - Virtual size: 413KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 9KB - Virtual size: 8KB