18440f14f748fb687338387dae4a2c55_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

18440f14f748fb687338387dae4a2c55_JaffaCakes118
Size

144KB
MD5

18440f14f748fb687338387dae4a2c55
SHA1

eed99f46312774dcee4dc9ef6700c9ee86405692
SHA256

d59ab58d203c3366a0a16cd77c1fb1f00918aabc599689202dd4c290b852c06d
SHA512

b804cede14fdbdb5cd438a60745e90159954ef6809984c109bc3827107ea647f33214bfb6eecc67aad3f61b09d9a2488e23f552eca78b741fd4c39ffdd443665
SSDEEP

3072:2GM8cmrYaCCTcoi8E8Yat7PsPA96YIC6vJ4wrrl/FOcB:2GM8J0ic9d8Yk7koEBC6vJxFFZB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
18440f14f748fb687338387dae4a2c55_JaffaCakes118

Files

18440f14f748fb687338387dae4a2c55_JaffaCakes118
.dll windows:4 windows x86 arch:x86

8d6299e903b308057808be855961c4cd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

ConvertStringSecurityDescriptorToSecurityDescriptorW
FindFirstFreeAce
GetManagedApplications
RegCloseKey
RegDeleteKeyA
RegDeleteKeyW
RegDeleteValueA
RegDeleteValueW
RegEnumKeyExA
RegEnumKeyExW
RegQueryInfoKeyA
RegQueryInfoKeyW
RegSetValueExA
StartTraceW

gdi32

DrawEscape
SetTextAlign
UpdateColors
CombineRgn

kernel32

VirtualAlloc
GetCommandLineW
DisableThreadLibraryCalls
GetShortPathNameA
_lopen
DeleteCriticalSection
EnterCriticalSection
FindResourceA
FindResourceW
FreeLibrary
GetLastError
GetModuleFileNameA
GetModuleFileNameW
GetSystemDefaultLangID
GetTickCount
GetTimeFormatA
GetVersionExA
GlobalAlloc
GlobalFree
GlobalLock
GlobalReAlloc
GlobalSize
GlobalUnlock
InitializeCriticalSection
InterlockedDecrement
IsBadWritePtr
LeaveCriticalSection
LoadLibraryExA
LoadLibraryExW
LoadResource
MultiByteToWideChar
SetLastError
SetThreadLocale
SizeofResource
WideCharToMultiByte
lstrcmpA
lstrcmpW
lstrcmpiA
lstrcmpiW
lstrlenA
CompareStringW
CompareStringA
GetLocaleInfoW
GetSystemInfo
VirtualProtect
GetTimeZoneInformation
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
LCMapStringW
LCMapStringA
GetStringTypeW
SetEnvironmentVariableA
GetStringTypeA
IsValidCodePage
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetDateFormatA
HeapSize
LoadLibraryA
VirtualQuery
InterlockedExchange
RtlUnwind
HeapReAlloc
GetCPInfo
GetOEMCP
GetCurrentThreadId
GetCommandLineA
ExitProcess
GetProcAddress
GetModuleHandleA
TerminateProcess
GetCurrentProcess
TlsAlloc
GetCurrentThread
TlsFree
TlsSetValue
TlsGetValue
HeapFree
HeapAlloc
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
UnhandledExceptionFilter
WriteFile
FatalAppExitA
GetACP

ole32

OleCreateEmbeddingHelper
GetHGlobalFromStream
CreateStreamOnHGlobal
CoTaskMemFree
CoCreateObjectInContext
CoCreateInstance
StringFromCLSID

oleaut32

VarDecFromUI2
VarUI4FromDisp
VectorFromBstr

rpcrt4

RpcBindingInqAuthInfoExA
NdrDllUnregisterProxy
RpcBindingInqAuthClientExA
RpcIfIdVectorFree
UuidHash

user32

CallMsgFilter
CharNextW
DlgDirSelectComboBoxExA
GetWindowLongA
GetWindowPlacement
IsCharAlphaNumericA
LoadStringA
LoadStringW
PeekMessageW

Exports

Exports

CXZPNOSN

Sections

.text
Size: 88KB - Virtual size: 86KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8d6299e903b308057808be855961c4cd

Headers

File Characteristics

Imports

advapi32

gdi32

kernel32

ole32

oleaut32

rpcrt4

user32

Exports

Exports

Sections

.text Size: 88KB - Virtual size: 86KB

.rdata Size: 36KB - Virtual size: 34KB

.data Size: 8KB - Virtual size: 6KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 88KB - Virtual size: 86KB

.rdata
Size: 36KB - Virtual size: 34KB

.data
Size: 8KB - Virtual size: 6KB

.reloc
Size: 8KB - Virtual size: 4KB