3b186ccba46fd8b38ab608c0af82e48f_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3b186ccba46fd8b38ab608c0af82e48f_JaffaCakes118
Size

186KB
MD5

3b186ccba46fd8b38ab608c0af82e48f
SHA1

f12047364dce3d15555110b06a76c00640a2a6fa
SHA256

6615f0afb122d8a88df0a422c945cd59b2ac1d3f2242d1ba0dade230c55329b2
SHA512

cda8659fcabce500031dcd6471498c03b9d2e536b7c8f630a2b95dbf5ec601f6d3de3b122230c44bf1b24ea0e35863ea4a1d58111898e97b2414dc72998d9377
SSDEEP

3072:wDbOQx1y/353WGwoEFQOWHJV8HZz3Eeo/t7DeRVJsvggtUxyZBHMLTGR:w3zm5DYzWHsZXI7Asvgw7ZMLo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b186ccba46fd8b38ab608c0af82e48f_JaffaCakes118

Files

3b186ccba46fd8b38ab608c0af82e48f_JaffaCakes118
.dll windows:5 windows x86 arch:x86

f38777c47fe4ebdba62e8cd3a376f0cd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrlenA
GetWindowsDirectoryA
ExitProcess
VirtualAlloc
BackupRead
ContinueDebugEvent
CreateDirectoryA
CreateEventW
CreateHardLinkW
CreateIoCompletionPort
CreateTapePartition
DefineDosDeviceA
DeleteFileA
EnumDateFormatsExA
EnumDateFormatsExW
EnumResourceNamesA
EnumSystemCodePagesA
EnumSystemLocalesW
EnumTimeFormatsA
EnumTimeFormatsW
FatalExit
FindClose
FindFirstChangeNotificationW
FindFirstVolumeW
FindVolumeClose
FreeUserPhysicalPages
GetBinaryTypeA
GetCommConfig
GetCommandLineA
GetComputerNameExW
GetComputerNameW
GetConsoleScreenBufferInfo
GetCurrencyFormatA
GetCurrencyFormatW
GetCurrentProcess
GetCurrentProcessId
GetDefaultCommConfigW
GetDevicePowerState
GetDiskFreeSpaceA
GetFileType
GetFullPathNameA
GetLocaleInfoW
GetModuleFileNameA
GetPrivateProfileSectionNamesW
GetPrivateProfileStructW
GetProcessIoCounters
GetProfileSectionA
GetStdHandle
lstrcpyA
GetSystemWindowsDirectoryW
GetTapeParameters
GetTempPathW
GetThreadLocale
GetThreadPriority
GetTickCount
GetVersion
GlobalHandle
Heap32ListNext
HeapDestroy
HeapUnlock
IsBadCodePtr
IsDBCSLeadByte
IsSystemResumeAutomatic
LockFileEx
Module32FirstW
MultiByteToWideChar
OpenProcess
OpenSemaphoreA
PeekConsoleInputA
Process32FirstW
Process32Next
ReadConsoleA
ReadConsoleInputW
ReadConsoleOutputCharacterA
ReplaceFileA
ResumeThread
SetCommMask
SetCommTimeouts
SetConsoleCursorInfo
SetConsoleTitleW
SetDefaultCommConfigW
SetFileAttributesA
SetHandleCount
SetProcessAffinityMask
SetVolumeLabelW
SetVolumeMountPointW
SwitchToFiber
UnhandledExceptionFilter
UpdateResourceW
VerifyVersionInfoW
WaitNamedPipeA
WriteProfileStringA
_lcreat
lstrcat
lstrcmpiA
lstrcmpiW
GetStringTypeA
CreateFileA

advapi32

RegOpenKeyExW

shell32

WOWShellExecute
Shell_NotifyIconA
ShellHookProc
ShellExecuteExA
ShellAboutW
ShellAboutA
SHQueryRecycleBinW
SHQueryRecycleBinA
SHPathPrepareForWriteA
SHLoadNonloadedIconOverlayIdentifiers
SHLoadInProc
SHIsFileAvailableOffline
SHInvokePrinterCommandA
SHGetSpecialFolderPathA
SHGetSettings
SHGetPathFromIDListW
SHGetPathFromIDListA
SHGetPathFromIDList
SHGetMalloc
SHGetInstanceExplorer
SHGetIconOverlayIndexW
SHGetFolderPathW
SHGetFileInfoW
SHGetFileInfoA
SHGetDiskFreeSpaceExW
SHGetDiskFreeSpaceExA
SHGetDesktopFolder
SHGetDataFromIDListW
SHFreeNameMappings
SHFormatDrive
SHFileOperationW
SHFileOperationA
SHFileOperation
SHEmptyRecycleBinA
SHBindToParent
SHAddToRecentDocs
ExtractIconExA
ExtractIconEx
ExtractIconA
ExtractAssociatedIconExW
ExtractAssociatedIconExA
DuplicateIcon
DragQueryFileW
DragQueryFile
DragFinish
DoEnvironmentSubstW
DoEnvironmentSubstA
CommandLineToArgvW

shlwapi

StrChrA
StrChrIA
StrChrIW
StrCmpNA
StrCmpNW
StrRChrIA
StrRStrIA
StrStrA
StrStrIA
StrStrIW
StrStrW

Sections

.text
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 166KB - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

f38777c47fe4ebdba62e8cd3a376f0cd

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

shell32

shlwapi

Sections

.text Size: 6KB - Virtual size: 5KB

.data Size: 166KB - Virtual size: 166KB

.rsrc Size: 10KB - Virtual size: 9KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 6KB - Virtual size: 5KB

.data
Size: 166KB - Virtual size: 166KB

.rsrc
Size: 10KB - Virtual size: 9KB

.reloc
Size: 1KB - Virtual size: 1KB