270b8e2397d2e6870d77431975281b5a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

270b8e2397d2e6870d77431975281b5a_JaffaCakes118
Size

222KB
MD5

270b8e2397d2e6870d77431975281b5a
SHA1

90eb49840e15a001cab17548a41f35faf45150e4
SHA256

1a465917d4e54777ad733076746fab7cd56a5699c3235804c31a1d7e53609b24
SHA512

7c1e417f78ea819badc020ae0f90cbb45e7a22f81cf89e03ae739c5b356e57e6b2edd05bb5fe48d9e0a333d974d917897d4039538ee2320e17c97805aa73776c
SSDEEP

6144:2kf7DPTHOhA/sH9D5JSBZit3bOlpw9yU4Nx8tj:7bTZ/ENr3bOrMkE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
270b8e2397d2e6870d77431975281b5a_JaffaCakes118

Files

270b8e2397d2e6870d77431975281b5a_JaffaCakes118
.dll windows:4 windows x86 arch:x86

e33d8afd4f5583952c4183cc8444dabb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegQueryValueW
RegDeleteValueW
RegReplaceKeyA
RegFlushKey
RegEnumKeyW
RegEnumValueW
RegDeleteKeyW
RegGetKeySecurity
RegCreateKeyW
RegQueryValueA
RegCreateKeyExA
RegEnumKeyExA
RegOpenKeyExW
RegEnumValueA
RegQueryValueExW
RegOpenKeyW
RegOpenKeyA
RegQueryValueExA
RegQueryValueW
RegDeleteValueW
RegCreateKeyExW
RegOpenKeyExW
RegDeleteKeyA
RegDeleteValueA
RegCreateKeyW
RegEnumValueW
RegEnumKeyW
RegQueryValueA
RegLoadKeyA
RegOpenKeyW
RegEnumKeyExA
RegReplaceKeyW
RegDeleteValueW
RegEnumKeyA
RegCreateKeyW
RegLoadKeyW
RegEnumKeyExW
RegOpenKeyA
RegOpenKeyExA
RegEnumValueW
RegDeleteValueA
RegDeleteKeyA
RegQueryValueW
RegEnumKeyW
RegDeleteValueW
RegReplaceKeyA
RegOpenKeyW
RegDeleteKeyW
RegQueryValueW
RegOpenKeyExA
RegEnumKeyExA
RegDeleteKeyA
RegCreateKeyExW
RegCreateKeyExA
RegCreateKeyW
RegDeleteValueA
RegOpenKeyA
RegReplaceKeyW
RegOpenKeyExW
RegLoadKeyW
RegEnumValueW

kernel32

GetUserDefaultLangID
OpenFile
DeleteAtom
GetComputerNameA
GetUserDefaultLCID
GetLastError
GlobalFree
GetCurrentProcessId
GetCurrentProcess
DeleteFileW
FindAtomA
GetFileSize
FindFirstFileA
CreateProcessA
CreateDirectoryA
GetUserDefaultLangID
FindFirstFileA
DeleteFileW
GetCurrentProcess
GetStdHandle
GetCommandLineA
DeleteFileA
GetOEMCP
GetFileSize
GetComputerNameA
GetLastError
ExitThread
CreateDirectoryA
ExitProcess
GetConsoleMode
GetStdHandle
DeleteFileA
ExitProcess
DeleteAtom
OpenFile
GetComputerNameA
GetFileSize
GetCurrentProcessId
CreateProcessA
Sleep
CreateThread
GetCurrentThread
CopyFileW
DeleteFileW
CreateDirectoryA
GetCommandLineA
FindAtomA
CreateProcessA
GetFileTime
DeleteAtom
GetConsoleOutputCP
CreateDirectoryA
GetConsoleMode
GetLastError
GetCurrentThread
OpenFile
ExitProcess
ExitThread
GetCurrentProcess

user32

CopyImage
GetDlgItem
DrawIcon
GetFocus
DrawTextA
IsMenu
CopyRect
CopyIcon
CloseWindow
DrawIconEx
GetWindowTextLengthA
GetCursor
DialogBoxParamA
InsertMenuA
AlignRects
GetMenu
GetWindowTextLengthA
DialogBoxParamA
InsertMenuA
GetDlgItem
GetDC
CopyIcon
CreateIcon
GetCursor
DrawTextW
IsWindow
CopyImage
BlockInput
AlignRects
LoadCursorA

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: 172KB - Virtual size: 468KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 7KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

e33d8afd4f5583952c4183cc8444dabb

Headers

File Characteristics

Imports

advapi32

kernel32

user32

Sections

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 8KB - Virtual size: 7KB

.bss Size: 172KB - Virtual size: 468KB

.idata Size: 5KB - Virtual size: 5KB

.rsrc Size: 7KB - Virtual size: 6KB

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 8KB - Virtual size: 7KB

.bss
Size: 172KB - Virtual size: 468KB

.idata
Size: 5KB - Virtual size: 5KB

.rsrc
Size: 7KB - Virtual size: 6KB