4512086d547f0ccd6248d024d531b2cb_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

4512086d547f0ccd6248d024d531b2cb_JaffaCakes118
Size

108KB
MD5

4512086d547f0ccd6248d024d531b2cb
SHA1

08b8ee270ca80694f71d86e340540cd2e75edb0e
SHA256

ddb79744da161a6acf4643265622167d14b3a417074023792b33fda08ac15441
SHA512

9b1b59cfc0b40856f0330cb501bb579610e8b55db18a90c7f7cf2457ea09e6c0315f9eed80ea95b103d75f1e30d7b4cd0fd7d7bdab49baa3da5934a34369706d
SSDEEP

1536:OSPmc0klfzBf6Abv2Vo3QODT/f2h0F38ivMo9NxOPcSvoZ38GCJ8oTczwnv:uFk3/ilO28MWDRpCJ8oTc8nv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4512086d547f0ccd6248d024d531b2cb_JaffaCakes118

Files

4512086d547f0ccd6248d024d531b2cb_JaffaCakes118
.dll windows:4 windows x86 arch:x86

ef7d905409567b5e811e23ee84074d7c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLocalTime
ExitProcess
EnterCriticalSection
SetFilePointer
LeaveCriticalSection
SetEnvironmentVariableA
ReadFile
CompareStringA
DeleteFileA
WritePrivateProfileStringA
GetPrivateProfileStringA
GetVersionExA
FindFirstFileA
FindClose
GetShortPathNameA
WinExec
GetTempPathA
GetCurrentProcessId
GetModuleFileNameA
WaitForSingleObject
ReleaseMutex
CreateProcessA
CloseHandle
FreeLibrary
LoadLibraryA
GetProcAddress
SearchPathA
GetLastError
RaiseException
LCMapStringW
LCMapStringA
CreateMutexA
GetOEMCP
GetACP
GetCPInfo
SetEndOfFile
FlushFileBuffers
SetStdHandle
CreateFileA
HeapAlloc
HeapFree
RtlUnwind
HeapReAlloc
GetTimeZoneInformation
GetSystemTime
IsBadCodePtr
GetCommandLineA
GetVersion
InitializeCriticalSection
DeleteCriticalSection
IsBadReadPtr
CompareStringW
SetUnhandledExceptionFilter
GetModuleHandleA
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
SetLastError
TlsGetValue
GetFileType
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
TerminateProcess
GetCurrentProcess
HeapSize
SetHandleCount
GetStdHandle
GetEnvironmentStringsW
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
WriteFile
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
InterlockedDecrement
InterlockedIncrement

user32

BeginPaint
SetTimer
CallWindowProcA
RemovePropA
FillRect
EndPaint
IntersectRect
InvalidateRect
SetCursor
UpdateWindow
GetPropA
ReleaseDC
GetDC
GetCursorPos
SetWindowLongA
SetPropA
PostMessageA
LoadCursorA
GetWindowLongA
KillTimer

gdi32

SetPixel
CreateCompatibleBitmap
CreateSolidBrush
GetStockObject
CreatePalette
DeleteObject
GetClipBox
SetSystemPaletteUse
GetDeviceCaps
GetSystemPaletteUse
SelectPalette
RealizePalette
CreateCompatibleDC
SelectObject
BitBlt
DeleteDC

advapi32

RegDeleteValueA
RegSetValueExA
RegQueryValueExA
RegCreateKeyExA
RegCloseKey

shell32

ShellExecuteA

ipcclient

IPCFreeMediaActionResponse
IPCFreeSendData
IPCCancelMessage
IPCInitGetMediaData
IPCGetMedia
IPCFreeGetMediaResponse
IPCConnect
IPCInitSendData
IPCInitMediaActionData
IPCMediaAction
IPCSend
IPCDisconnect

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

Exports

Exports

Initialize
SetNetworkState
SetOffline
SetProxy
SetThrottle
Spuck
StartMessaging
std_Initialize
std_SetNetworkState
std_SetOffline
std_SetProxy
std_SetThrottle
std_Spuck
std_StartMessaging

Sections

.text
Size: 72KB - Virtual size: 68KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ef7d905409567b5e811e23ee84074d7c

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ipcclient

version

Exports

Exports

Sections

.text Size: 72KB - Virtual size: 68KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 8KB - Virtual size: 12KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 72KB - Virtual size: 68KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 8KB - Virtual size: 12KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 8KB - Virtual size: 6KB