13beee2ee4bc46f3daa3d39f84293148_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

13beee2ee4bc46f3daa3d39f84293148_JaffaCakes118
Size

367KB
MD5

13beee2ee4bc46f3daa3d39f84293148
SHA1

38be05717e93ff19c76d9cbd8ad7ae734cced511
SHA256

2d7cb1cdd7e6666d7312f7782ccc2c42faa5388af8a0ef8ca2a6a3b413dcb611
SHA512

0a0fd70bf971840155009cadafde90d2842caf5c78ca9aec7f3aaf93c87f6d0107aa673cbbeeb1232693da7e23cac681fb46a251579c1769018bf01f62809923
SSDEEP

6144:GJXjIe87hdWthYfGlV2sLQ5EAHPEoW8dQ4gVthiYpu1WaHZcS2f2rV4+xp5dkUyP:IM/2eklZHRpu7SNf2q+rQXVL9jP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
13beee2ee4bc46f3daa3d39f84293148_JaffaCakes118

Files

13beee2ee4bc46f3daa3d39f84293148_JaffaCakes118
.dll windows:4 windows x86 arch:x86

1d6ce629f1dc54535970d2ca992d07f9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DisableThreadLibraryCalls
GetShortPathNameA
GetModuleHandleA
GetModuleFileNameA
DeleteCriticalSection
FreeLibrary
SizeofResource
LoadResource
FindResourceA
GetLastError
LoadLibraryExA
lstrcmpiA
InterlockedDecrement
InitializeCriticalSection
HeapDestroy
GetProcAddress
LoadLibraryA
lstrcatA
SetEnvironmentVariableA
ResumeThread
CreateThread
WaitForSingleObject
InterlockedIncrement
lstrcpyA
lstrlenA
CloseHandle
lstrlenW
WideCharToMultiByte
MultiByteToWideChar
EnterCriticalSection
IsDBCSLeadByte
lstrcpynA
HeapSize
GetStringTypeW
GetStringTypeA
LCMapStringW
LCMapStringA
GetOEMCP
WriteFile
GetEnvironmentStringsW
ExitProcess
TerminateProcess
SetLastError
TlsFree
TlsGetValue
GetVersion
GetCommandLineA
TlsAlloc
GetCurrentProcess
GetEnvironmentStrings
GetSystemTime
GetTimeZoneInformation
GetLocalTime
HeapAlloc
HeapReAlloc
RaiseException
ExitThread
TlsSetValue
HeapFree
RtlUnwind
InterlockedExchange
GetCurrentThreadId
UnhandledExceptionFilter
GetEnvironmentVariableA
Sleep
HeapCreate
VirtualFree
LeaveCriticalSection
GetVersionExA
FreeEnvironmentStringsW
GetACP
CompareStringW
CompareStringA
GetCPInfo
IsBadCodePtr
IsBadReadPtr
GetFileType
GetStdHandle
SetUnhandledExceptionFilter
FreeEnvironmentStringsA
GetStartupInfoA
IsBadWritePtr
VirtualAlloc
SetHandleCount

user32

LoadStringA
CharNextA

advapi32

RegQueryValueExA
RegEnumValueA
RegQueryInfoKeyA
RegSetValueExA
RegEnumKeyExA
RegOpenKeyExA
RegCloseKey
RegDeleteValueA
RegCreateKeyExA
RegDeleteKeyA

ole32

CoUninitialize
ProgIDFromCLSID
CoTaskMemFree
CoInitializeEx
CoTaskMemAlloc
CoCreateInstance
CoTaskMemRealloc
StringFromGUID2

oleaut32

VARIANT_UserFree
SystemTimeToVariantTime
VarDateFromUdate
SafeArrayGetDim
VariantChangeType
SafeArrayDestroy
SafeArrayCreate
SafeArrayGetLBound
SafeArrayGetUBound
VariantInit
SafeArrayAccessData
SafeArrayUnaccessData
VarUI4FromStr
RegisterTypeLi
LoadTypeLi
BSTR_UserUnmarshal
BSTR_UserSize
BSTR_UserMarshal
VARIANT_UserUnmarshal
BSTR_UserFree
VARIANT_UserSize
CreateErrorInfo
SysStringLen
LoadRegTypeLi
VariantCopy
SetErrorInfo
SysAllocStringLen
VariantClear
SysAllocString
SysFreeString
VARIANT_UserMarshal
VarUdateFromDate

rpcrt4

CStdStubBuffer_Disconnect
IUnknown_AddRef_Proxy
IUnknown_Release_Proxy
IUnknown_QueryInterface_Proxy
NdrDllUnregisterProxy
NdrDllRegisterProxy
NdrCStdStubBuffer_Release
NdrDllCanUnloadNow
NdrDllGetClassObject
NdrOleAllocate
NdrOleFree
CStdStubBuffer_DebugServerQueryInterface
CStdStubBuffer_Connect
CStdStubBuffer_QueryInterface
CStdStubBuffer_AddRef
CStdStubBuffer_IsIIDSupported
CStdStubBuffer_DebugServerRelease
CStdStubBuffer_Invoke
CStdStubBuffer_CountRefs

version

GetFileVersionInfoSizeA
VerQueryValueA
GetFileVersionInfoA

Exports

Exports

GetFlashSetting

Sections

.text
Size: 70KB - Virtual size: 72KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 130KB - Virtual size: 132KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1d6ce629f1dc54535970d2ca992d07f9

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

oleaut32

rpcrt4

version

Exports

Exports

Sections

.text Size: 70KB - Virtual size: 72KB

.rdata Size: 130KB - Virtual size: 132KB

.data Size: 164KB - Virtual size: 164KB

.rsrc Size: 1024B - Virtual size: 4KB

.reloc Size: 1024B - Virtual size: 4KB

.text
Size: 70KB - Virtual size: 72KB

.rdata
Size: 130KB - Virtual size: 132KB

.data
Size: 164KB - Virtual size: 164KB

.rsrc
Size: 1024B - Virtual size: 4KB

.reloc
Size: 1024B - Virtual size: 4KB