25afcac2e6b037712e9381e7eca99192_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

25afcac2e6b037712e9381e7eca99192_JaffaCakes118
Size

80KB
MD5

25afcac2e6b037712e9381e7eca99192
SHA1

2bfd02dd9aad5727d0acfd41c6d3139f38b97fd4
SHA256

5aba45dcc22d47c25fa0eb3e95d83ef614e17e68e7311865b72d37abe343da55
SHA512

2ba10955b2afce63040f723168a72455d71b6a8e3bf2e25d126d0e2e93c68ded0df5107cf82948cb9955441e872e0f635a1027d95b27a05f19d99c94435e944e
SSDEEP

1536:jRxrR2XqqNmuhpey2/tYtQ8xCNdH65oNkpT498FJ7AmjBaC0mNm3a:lhR2XqqYuhpey2/enCNda5T49830mjBR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
25afcac2e6b037712e9381e7eca99192_JaffaCakes118

Files

25afcac2e6b037712e9381e7eca99192_JaffaCakes118
.dll windows:4 windows x86 arch:x86

0314443dd64d4b266680bff3248feb7e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCommTimeouts
GetFullPathNameA
GlobalAlloc
LCMapStringA
GlobalReAlloc
RtlMoveMemory
TransmitCommChar
GetFileType
ActivateActCtx
MultiByteToWideChar
IsProcessorFeaturePresent
SearchPathA
OpenThread
OpenSemaphoreA
FillConsoleOutputAttribute
GetUserDefaultUILanguage
ExitProcess
GetStdHandle
GetCommProperties
GetEnvironmentVariableW
ReadDirectoryChangesW
CancelWaitableTimer
GetLogicalDrives
ExpandEnvironmentStringsW
IsWow64Process
ConvertDefaultLocale
GetShortPathNameW
GetUserDefaultLCID
GetLogicalDriveStringsW
OpenProcess
LockFileEx
SetEvent
SetEnvironmentVariableA
FindActCtxSectionGuid
GetCurrentProcess
SetFileApisToOEM
ClearCommBreak
GetTickCount
VirtualQuery
InitializeCriticalSectionAndSpinCount
ReleaseMutex
CreateFileMappingA
EnterCriticalSection
SetLastError
GetProcAddress
CreateMutexA
GetSystemDirectoryA
UnlockFile
LoadLibraryA

shlwapi

SHCreateShellPalette
PathUnquoteSpacesW
SHSetValueW
PathAppendW
PathIsFileSpecW
PathIsRootW
StrStrIA
SHDeleteKeyW

shell32

SHGetFileInfoA
ExtractIconExW
ShellExecuteExA
ShellExecuteExW

gdi32

SetBkColor
AddFontResourceA
SetDCBrushColor
GetBrushOrgEx
GetBkColor
EqualRgn
UnrealizeObject
GetViewportOrgEx
SetDIBColorTable
GetTextColor
ExtEscape
GetTextFaceW
SetTextCharacterExtra
DeleteEnhMetaFile
SetTextJustification
SetPaletteEntries
SetAbortProc
EndPath
CreateEnhMetaFileA
GetGlyphOutlineA
SetROP2
FlattenPath
EnumMetaFile
StrokeAndFillPath
PolyPolygon

Exports

Exports

SystemHelpnet

Sections

.text
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0314443dd64d4b266680bff3248feb7e

Headers

File Characteristics

Imports

kernel32

shlwapi

shell32

gdi32

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 57KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 8KB - Virtual size: 7KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 60KB - Virtual size: 57KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 8KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 2KB