13e9dc36fd196fef3b2135c6ca375387_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

13e9dc36fd196fef3b2135c6ca375387_JaffaCakes118
Size

58KB
MD5

13e9dc36fd196fef3b2135c6ca375387
SHA1

7bf31823ab220833b138df20d79f27ff31f57622
SHA256

cc7be237993af00d7f34ef3abb4e2c78481c5fb38fb3c6c808bb354ddb35a64d
SHA512

c2bc934ad149c489c0e63e972f423349eca1343ae90cb32b5022ecce12bf11e42fecea93c0e52cb817a5ce101c8ea67981b4be56aa70d25a87857d0ac7a13573
SSDEEP

1536:HD2V5b9oFrtautYiy23UetnIDJX9oTnh/hamE:HDub9ctaYkeniJcphD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
13e9dc36fd196fef3b2135c6ca375387_JaffaCakes118

Files

13e9dc36fd196fef3b2135c6ca375387_JaffaCakes118
.dll windows:5 windows x86 arch:x86

b3f07ce92ae2dea11c0518f30f52aad9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

iprtqcap

_LDscale
_Exp
_Tolower
_Inf
_FDscale
_LExp
_Hugeval
_Getctype
_LRteps
_LEps
_Strcoll
_LSnan
_FDnorm
_LSinh
_Xbig
_Cosh

kernel32

ReadFile
WaitForMultipleObjects
IsBadReadPtr
VirtualAlloc
lstrlenA
VirtualLock
lstrcpyA
GetModuleHandleA
GetPriorityClass
CloseHandle
FindFirstFileA
UnmapViewOfFile
CreatePipe
GlobalLock
WriteFile
lstrlenW
SetPriorityClass
VirtualFree
GlobalAlloc
VirtualQuery
TerminateProcess
SetFileAttributesA
SetEndOfFile
DeleteFileA
FindNextFileA
GetCurrentThread
CreateFileA
OutputDebugStringA
VirtualProtectEx
GetVersion
FindClose
CopyFileA
Sleep
WritePrivateProfileStructA
GetPrivateProfileStringA
MapViewOfFile
IsProcessorFeaturePresent
VirtualUnlock
SetCurrentDirectoryA
WaitForSingleObject
GetFileSize
GetStartupInfoA
GetModuleFileNameA
VirtualQueryEx
CreateFileMappingA
SetFilePointer
GlobalUnlock

comctl32

ImageList_Destroy

user32

LoadCursorA
SendMessageA
IsZoomed
EndDialog
wvsprintfA
GetParent
DestroyIcon
GetClipboardData
SetFocus
DestroyCursor
SetWindowLongA
SetClipboardData
GetDlgItem
ShowWindow
EnableWindow
GetClassInfoA
GetActiveWindow
CheckMenuRadioItem
GetAsyncKeyState
MoveWindow
SetWindowPos
SetClassLongA
GetCursorPos
IsIconic
SendDlgItemMessageA
SetMenuItemInfoA
GetWindowDC
ScreenToClient
CharLowerA
CharUpperA
OpenClipboard
EmptyClipboard
MessageBeep

msvcrt

gmtime
malloc
toupper
_timezone
realloc
strstr
free

gdi32

DeleteObject
SetTextColor

advapi32

LookupPrivilegeValueA
RegSetValueExA
AdjustTokenPrivileges
OpenProcessToken
RegCreateKeyExA

shell32

DragQueryFileA
DragAcceptFiles

imagehlp

BindImageEx
CheckSumMappedFile
ImageRvaToSection

Exports

Exports

CreateProcessNotify
dfrgiles

Sections

.text
Size: 49KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b3f07ce92ae2dea11c0518f30f52aad9

Headers

File Characteristics

Imports

iprtqcap

kernel32

comctl32

user32

msvcrt

gdi32

advapi32

shell32

imagehlp

Exports

Exports

Sections

.text Size: 49KB - Virtual size: 52KB

.rdata Size: 3KB - Virtual size: 4KB

.data Size: 2KB - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 49KB - Virtual size: 52KB

.rdata
Size: 3KB - Virtual size: 4KB

.data
Size: 2KB - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB