101c5814529520f9845e5d4af9216e40_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

101c5814529520f9845e5d4af9216e40_JaffaCakes118
Size

852KB
MD5

101c5814529520f9845e5d4af9216e40
SHA1

b2938741e14f436b01e6dbf01536804bbd3616a5
SHA256

5524995ebf2d888b98245de6f8c70148a026ca2799009ca436b7f6862169ca52
SHA512

1747a0c63f0b39f4e3e89983758032235b2df2ce23f7e80828b491c316ac9febc4e6f69fc0f1ad9ba194c3a141c9958cd4b7639f457c7be2ef6e1ce22e67512f
SSDEEP

3072:+/0ADV3SCe9B/lLGBm4dop+UkbI+Q1Gg4T6aqnwH7NpVxjAB//rrMqqDOgxlMoQb:+suh9ud4dOOb2GgxwbRqB0qqDzIdt/p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
101c5814529520f9845e5d4af9216e40_JaffaCakes118

Files

101c5814529520f9845e5d4af9216e40_JaffaCakes118
.dll windows:4 windows x86 arch:x86

5c7fd6bd616e052da4a1884b4192e6e6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetTickCount
GetProcAddress
GetCurrentProcess
GetProcessAffinityMask
CloseHandle
Sleep
GetModuleHandleA
GetCurrentThread
GetModuleFileNameA
GetTempPathA
FindFirstFileA
DeleteFileA
FindNextFileA
FindClose
lstrlenA
LoadLibraryA
GetTempFileNameA
CopyFileA
FreeLibrary
SetThreadPriority
DeleteCriticalSection
InterlockedIncrement
EnterCriticalSection
LeaveCriticalSection
SetEvent
WaitForSingleObject
CreateEventA
IsBadReadPtr
IsBadWritePtr
TerminateProcess
VirtualQuery
CreateThread
SetStdHandle
LCMapStringW
InterlockedDecrement
InitializeCriticalSection
RaiseException
LCMapStringA
GetStringTypeW
GetStringTypeA
MultiByteToWideChar
GetOEMCP
GetACP
GetCPInfo
FlushFileBuffers
IsBadCodePtr
SetUnhandledExceptionFilter
SetFilePointer
WriteFile
GetEnvironmentStringsW
GetEnvironmentStrings
HeapFree
HeapAlloc
RtlUnwind
GetCommandLineA
GetVersion
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
HeapReAlloc
ExitProcess
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetLastError
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
HeapSize
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte

user32

LoadCursorA
ShowWindow
CreateWindowExA
RegisterClassExA
GetClassInfoA
DestroyWindow
UnregisterClassA
PostQuitMessage
DefWindowProcA
wsprintfA

advapi32

RegOpenKeyExA
RegQueryValueExA
RegCloseKey

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

Exports

Exports

CreateCNonrefdecInstance
CreateIFMTdec
CreateMSMTdec
CreateVideoDecoder
DecodeIFMT
DecodeMSMT
DecodeNonref
IsDllUsing
ReleaseCNonrefdecInstance
ReleaseIFMTdec
ReleaseMSMTdec
ResetCNonrefdecInstance
SetDeocderInstanceIndex

Sections

.text
Size: 672KB - Virtual size: 669KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text1
Size: 4KB - Virtual size: 528B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 40KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 4.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 72KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5c7fd6bd616e052da4a1884b4192e6e6

Headers

File Characteristics

Imports

kernel32

user32

advapi32

version

Exports

Exports

Sections

.text Size: 672KB - Virtual size: 669KB

.text1 Size: 4KB - Virtual size: 528B

.rdata Size: 40KB - Virtual size: 38KB

.data Size: 52KB - Virtual size: 4.5MB

.data1 Size: 4KB - Virtual size: 1KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 72KB - Virtual size: 69KB

.text
Size: 672KB - Virtual size: 669KB

.text1
Size: 4KB - Virtual size: 528B

.rdata
Size: 40KB - Virtual size: 38KB

.data
Size: 52KB - Virtual size: 4.5MB

.data1
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 72KB - Virtual size: 69KB