1477af955c07de0d25ab95baf72f7a1a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1477af955c07de0d25ab95baf72f7a1a_JaffaCakes118
Size

204KB
MD5

1477af955c07de0d25ab95baf72f7a1a
SHA1

3a30c2cdbfbc06f7fd1c5f5bfb729b661ebee069
SHA256

9282edede12e6849b0367fe184d9d32bbba58361e8050f94bf2bc60e2792444a
SHA512

dfcf95f17bdfd9fabebc40a023b35d29dbedb2231530f9b3aac355c783c64042160564bf23bf74aa3d9f9cc7c5d21a583078a571b986fb818305700eef2f58a7
SSDEEP

3072:1StMCGFlTjpX0ze2ucosPvSNDxc4p9JFi4NZceahgXYc+XV4CogN:1StmXwM/nN6NRjXVN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1477af955c07de0d25ab95baf72f7a1a_JaffaCakes118

Files

1477af955c07de0d25ab95baf72f7a1a_JaffaCakes118
.dll windows:4 windows x86 arch:x86

f3b6b84be8c745ef815044057df0a3c0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentDirectoryW
GetDiskFreeSpaceExW
GetCurrentProcessId
SetFilePointer
FreeLibrary
SetFileTime
CompareFileTime
LoadLibraryW
DisableThreadLibraryCalls
GetVolumePathNameW
DeleteFileW
VirtualFree
CreateThread
EnterCriticalSection
ReadFile
CreateFileW
MoveFileW
CreateDirectoryW
GetLocalTime
GetTickCount
QueryPerformanceCounter
CloseHandle
InterlockedDecrement
GetVolumeNameForVolumeMountPointW
FlushFileBuffers
SetUnhandledExceptionFilter
InterlockedIncrement
DeviceIoControl
LeaveCriticalSection
FindFirstFileW
FindClose
CreateFileMappingW
CreateEventW
GetOverlappedResult
DuplicateHandle
SetFileAttributesW
Sleep
TerminateProcess
VirtualAlloc
WriteFile
GetFileAttributesW
CopyFileExW
SetEndOfFile
GetCurrentProcess
GetLastError
UnmapViewOfFile
GetSystemDirectoryW
GetProcAddress
FindNextFileW
GetSystemTimeAsFileTime
CreateFileA
WriteConsoleW
GetConsoleOutputCP
WriteConsoleA
VirtualQuery
GetSystemInfo
HeapAlloc
HeapFree
GetCommandLineA
GetVersionExA
UnhandledExceptionFilter
DeleteCriticalSection
HeapReAlloc
HeapDestroy
HeapCreate
GetModuleHandleA
ExitProcess
GetStdHandle
GetModuleFileNameA
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
SetLastError
GetCurrentThreadId
OutputDebugStringA
GetCPInfo
GetACP
GetOEMCP
LCMapStringA
WideCharToMultiByte
MultiByteToWideChar
LCMapStringW
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
InitializeCriticalSection
GetModuleHandleW
RtlUnwind
LoadLibraryA
SetStdHandle
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
VirtualProtect

ole32

CoTaskMemFree
CoUninitialize
CoInitialize
CoCreateGuid
CoCreateInstance
StgOpenStorageEx
ReadClassStm
CreateStreamOnHGlobal
StringFromGUID2

Exports

Exports

PhotohavePorn
PoAlthough

Sections

.text
Size: 63KB - Virtual size: 63KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 89KB - Virtual size: 270KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 35KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f3b6b84be8c745ef815044057df0a3c0

Headers

File Characteristics

Imports

kernel32

ole32

Exports

Exports

Sections

.text Size: 63KB - Virtual size: 63KB

.rdata Size: 10KB - Virtual size: 9KB

.data Size: 89KB - Virtual size: 270KB

.rsrc Size: 35KB - Virtual size: 35KB

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 63KB - Virtual size: 63KB

.rdata
Size: 10KB - Virtual size: 9KB

.data
Size: 89KB - Virtual size: 270KB

.rsrc
Size: 35KB - Virtual size: 35KB

.reloc
Size: 5KB - Virtual size: 4KB