0e5406456e50946ea515b21e013a7cb0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0e5406456e50946ea515b21e013a7cb0_JaffaCakes118
Size

127KB
MD5

0e5406456e50946ea515b21e013a7cb0
SHA1

3d509b8f25ac0ddaaa4a3331041ddbf7d63b3eca
SHA256

dd87c3a19265382714bacc914299836f87897d302a941ba2b4cdef4841acf096
SHA512

cb0314b2b6352e285ae52c8b15671ac325756d01c1bc02344256de1ac493b72e9d53f55b1363abde6e4856ea9e7a29f3df5a9d7054000f13ba5dd60893dc2f90
SSDEEP

3072:GUbCFCr1Y0jhxBo1Lk/GqIwHun7/3TDVe++M7x4Hg:GgWChY0Fg1KGqIwY/3TDVeKxyg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0e5406456e50946ea515b21e013a7cb0_JaffaCakes118

Files

0e5406456e50946ea515b21e013a7cb0_JaffaCakes118
.dll windows:5 windows x86 arch:x86

bb1ad2cb25a0899a942278b85ce75c6c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

QueryPerformanceCounter
SetConsoleCtrlHandler
SetCurrentDirectoryA
SetEvent
SetUnhandledExceptionFilter
Sleep
OpenProcess
UnhandledExceptionFilter
WideCharToMultiByte
lstrcatA
lstrcpyA
lstrcpynA
lstrlenA
OpenEventA
MultiByteToWideChar
LoadLibraryExA
InterlockedIncrement
InterlockedDecrement
GetVersionExA
GetTickCount
GetSystemTimeAsFileTime
GetSystemDirectoryA
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetLastError
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GetComputerNameA
FreeLibrary
CreateProcessA
CreateEventA
CompareStringA
CloseHandle
AddAtomA
CreateFileA
VirtualAlloc
GetProcessHeap
GetStartupInfoW
TerminateProcess
GetOEMCP

user32

LoadIconW
LoadIconA

gdi32

SetRectRgn
SetPixel
SetBkColor
SelectObject
PatBlt
MoveToEx
LineTo
GetTextMetricsW
GetTextExtentPoint32W
GetPixel
GetDeviceCaps
DeleteObject
SetTextColor
CreateSolidBrush
CreateRectRgn
CreatePen
CreateICW
CreateFontIndirectW
CreateCompatibleDC
CreateCompatibleBitmap
CombineRgn
BitBlt
GetStockObject
TextOutW
DeleteDC
StretchBlt

advapi32

RegOpenKeyExA

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text2
Size: 512B - Virtual size: 100B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 117KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 1024B - Virtual size: 521B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bb1ad2cb25a0899a942278b85ce75c6c

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

Sections

.text Size: 4KB - Virtual size: 4KB

.text2 Size: 512B - Virtual size: 100B

.data Size: 117KB - Virtual size: 116KB

.text Size: 1024B - Virtual size: 521B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 4KB - Virtual size: 4KB

.text2
Size: 512B - Virtual size: 100B

.data
Size: 117KB - Virtual size: 116KB

.text
Size: 1024B - Virtual size: 521B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB