13a1224caa7f431a62e0d5f13d7983cd_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

13a1224caa7f431a62e0d5f13d7983cd_JaffaCakes118
Size

438KB
MD5

13a1224caa7f431a62e0d5f13d7983cd
SHA1

70493badcb910e1cbee57d6975b4dbcce2455485
SHA256

ac9e05ee27e6dfe801de75b6a6b738ba879a8eab72a991b007033b3857c56506
SHA512

308ea93d01e79b73b1c3bc5ebce0fca16bee35eb41f40ca08c4a434f9948f642254c0229f25982b941517d323bb1e889ffe76af8d5859cdadb2145f6ab530fbf
SSDEEP

6144:23Yw2kCICaE0NKsSYs+wYuBpGWDddADxo9Bs/sr8kzdb4JrYiDfSGc/Rzx+S:FwgLaE0NpGBpGsq2skrHzBZC3Izx+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
13a1224caa7f431a62e0d5f13d7983cd_JaffaCakes118

Files

13a1224caa7f431a62e0d5f13d7983cd_JaffaCakes118
.dll windows:4 windows x86 arch:x86

dca032ed76c055d978b5dde7b16b36bf

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetTickCount
GetVersion
GlobalFix
InitializeCriticalSection
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsBadHugeWritePtr
IsProcessorFeaturePresent
LeaveCriticalSection
LoadLibraryA
LoadResource
LockResource
MultiByteToWideChar
OutputDebugStringA
QueryPerformanceCounter
GetSystemTimeAsFileTime
ReadFile
ReleaseMutex
RtlUnwind
SetFileApisToOEM
SetSystemTime
SetUnhandledExceptionFilter
SetWaitableTimer
SetupComm
SizeofResource
TerminateProcess
UnhandledExceptionFilter
VirtualAlloc
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
WriteFile
GetProcessPriorityBoost
GetProcessAffinityMask
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
CloseHandle
GetLastError
GetFullPathNameW
GetFileType
GetFileSizeEx
GetFileSize
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
GetCurrentProcess
GetCommandLineA
FreeLibrary
FindResourceW
FindResourceA
ExitProcess
EnterCriticalSection
DisableThreadLibraryCalls
DeleteCriticalSection
DebugBreak
CreateThread
CreateMutexA
CreateFileA
CreateConsoleScreenBuffer
QueryPerformanceFrequency

gdi32

TranslateCharsetInfo
SetTextColor
SetBkMode
SetBkColor
SelectObject
MoveToEx
GetWinMetaFileBits
GetTextMetricsW
GetTextMetricsA
GetObjectW
GetObjectA
GetGlyphOutlineA
GetFontLanguageInfo
GetColorAdjustment
GetCharacterPlacementA
ExtTextOutW
ExtTextOutA
DeleteDC
CreateRectRgnIndirect
CreateFontIndirectA
CreateDIBSection
CreateCompatibleDC
DeleteObject

advapi32

SystemFunction001
RegOpenKeyExA
RegEnumKeyExA
RegCloseKey

ole32

CreateStreamOnHGlobal

msvcrt

_purecall
tolower
_CIacos
_CIatan
_CIatan2
_CIcos
_CIsin
_CIsqrt
_CxxThrowException
_XcptFilter
__CxxFrameHandler
__RTDynamicCast
__dllonexit
_amsg_exit
_controlfp
_finite
_fullpath
_initterm
_isnan
_lock
_mbscspn
_mbsrchr
_onexit
_stricmp
_unlock
_vsnprintf
_vsnwprintf
_wcmdln
_wcreat
_wexeclpe
calloc
floor
free
iswalpha
iswdigit
iswpunct
iswspace
malloc
mbtowc
memcpy
memmove
memset
qsort

Exports

Exports

Bufferi
CheckURLScheme
CreateCubeTexture
GatherFragmentsFromFileA
GetSockaddrType
PlaneTransformArray
QueryAllDataW
SourceUnqueueBuffers
TypeToLdapTypeCopyTime

Sections

.text
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 230KB - Virtual size: 230KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 58KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

dca032ed76c055d978b5dde7b16b36bf

Headers

File Characteristics

Imports

kernel32

gdi32

advapi32

ole32

msvcrt

Exports

Exports

Sections

.text Size: 74KB - Virtual size: 73KB

.rdata Size: 230KB - Virtual size: 230KB

.data Size: 70KB - Virtual size: 70KB

.rsrc Size: 58KB - Virtual size: 57KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 74KB - Virtual size: 73KB

.rdata
Size: 230KB - Virtual size: 230KB

.data
Size: 70KB - Virtual size: 70KB

.rsrc
Size: 58KB - Virtual size: 57KB

.reloc
Size: 4KB - Virtual size: 3KB