547e03d0ac77e8e934f7c9c7d83d3dab_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

547e03d0ac77e8e934f7c9c7d83d3dab_JaffaCakes118
Size

184KB
MD5

547e03d0ac77e8e934f7c9c7d83d3dab
SHA1

58cd45a551eccadf945bf479ac38d2f1c56c5c99
SHA256

d1f9aa3bb792f9a42cb2a47bcbdf03a783fc58ce7693d3e1117f4dd4f763de22
SHA512

68d3217c9c430bf3086aa86a2a5c0ee63ef12a78ab9bc5de6675b83d846f22910832d8245511d849639633db1c88b15eef63730218a4d44fc273e476246cd031
SSDEEP

3072:u7j5yDBrElBKSD1lDcMZxldc15MO1oJzzRf9cluJ99mGzn8Kbj6oKL/v10:+wruB1D1lc0i15MOmFRVcSlznJ8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
547e03d0ac77e8e934f7c9c7d83d3dab_JaffaCakes118

Files

547e03d0ac77e8e934f7c9c7d83d3dab_JaffaCakes118
.dll windows:4 windows x86 arch:x86

2cb3809a809e93ba4219b9da95a6bf59

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentProcess
HeapFree
ReleaseMutex
CloseHandle
CreateThread
UnhandledExceptionFilter
SetUnhandledExceptionFilter
InterlockedExchange
FreeResource
InterlockedCompareExchange
GetSystemInfo
CreateTimerQueueTimer
InterlockedDecrement
DeleteTimerQueueTimer
GlobalMemoryStatus
FreeLibraryAndExitThread
WriteFile
HeapAlloc
LocalReAlloc
LocalFree
InterlockedIncrement
OutputDebugStringA
EnterCriticalSection
LeaveCriticalSection
DisableThreadLibraryCalls
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
GetSystemTimeAsFileTime
QueryPerformanceCounter
RegisterWaitForSingleObject
UnregisterWaitEx
GetModuleFileNameW
HeapDestroy
HeapCreate
GetProcessHeap
GetLastError
FreeLibrary
GetProcAddress
LoadLibraryW
WaitForSingleObject
TerminateProcess
GetCurrentThreadId
IsWow64Process
CreateProcessW
ExpandEnvironmentStringsW
SetLastError
CreateEventW
SetErrorMode
GetCurrentProcessId
FormatMessageW
MulDiv
HeapSize
GetLocaleInfoW
lstrlenW
GetTickCount
Sleep
lstrcmpW
SetEvent
GetPriorityClass
OpenProcess
GlobalFree
VirtualProtect
GlobalAlloc
LocalAlloc
GetCommandLineA

user32

GetKeyState
GetFocus
GetClassNameW
SetFocus
GetParent
LoadImageW
SetForegroundWindow
DestroyWindow
PostMessageW
GetShellWindow
ShowWindow
BeginDeferWindowPos
GetWindowRect
DeferWindowPos
EndDeferWindowPos
SetWindowPos
SetMenu
GetDlgItem
MapWindowPoints
SendMessageW
GetMenu
CheckMenuRadioItem
CheckMenuItem
LoadStringW
SetWindowTextW
GetDC
ReleaseDC
GetSysColorBrush
GetClientRect
FillRect
GetWindowLongW
SetWindowLongW
GetNextDlgTabItem
wsprintfA
DestroyMenu
GetSubMenu
LoadMenuW
SendMessageTimeoutW
AllowSetForegroundWindow
GetWindowThreadProcessId
PostQuitMessage
PostThreadMessageW
GetForegroundWindow
SetTimer
LoadIconW
GetThreadDesktop
DestroyIcon
KillTimer
MessageBeep
RedrawWindow
MoveWindow
LoadCursorW
SetCursor
GetProcessWindowStation
EnumDesktopsW
GetDesktopWindow
TileWindows
GetLastActivePopup
IsWindow
SwitchToThisWindow
OpenDesktopW
EnumDesktopWindows
CloseDesktop
IsZoomed
GetClassLongW
IsHungAppWindow
SetThreadDesktop
IsWindowVisible
ShowWindowAsync
EnableWindow
TrackPopupMenuEx
GetSystemMetrics
DeleteMenu
EnableMenuItem
AppendMenuW
GetDlgCtrlID
GetSysColor
InvalidateRect
UpdateWindow
DrawTextW
MessageBoxW
CreateDialogParamW
TranslateMessage
DispatchMessageW
IsIconic
GetMenuItemID

advapi32

AdjustTokenPrivileges
OpenProcessToken
ImpersonateLoggedOnUser
RegCloseKey
RegQueryValueExW
IsValidSid
GetTokenInformation
CloseServiceHandle
CryptReleaseContext
RegOpenKeyExW
TraceEvent
GetTraceLoggerHandle
GetTraceEnableLevel
GetTraceEnableFlags
RegNotifyChangeKeyValue
DuplicateTokenEx

gdi32

SetBkColor
Rectangle
SetBkMode
GetStockObject
CreatePen
DeleteObject
LineTo
MoveToEx
SelectObject
BitBlt
DeleteDC
CreateCompatibleDC
SetTextColor

msvcr71

_initterm
_cexit
memset
_adjust_fdiv
free
_onexit
_CxxThrowException
wcsrchr
__CxxFrameHandler
memcpy
strncmp
memmove
_vsnprintf
strrchr
strncpy
malloc
wcslen
__CppXcptFilter
__dllonexit
_except_handler3

Sections

.text
Size: 156KB - Virtual size: 155KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2cb3809a809e93ba4219b9da95a6bf59

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

msvcr71

Sections

.text Size: 156KB - Virtual size: 155KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 4KB - Virtual size: 35KB

.rsrc Size: 4KB - Virtual size: 2KB

.reloc Size: 8KB - Virtual size: 4KB

.text
Size: 156KB - Virtual size: 155KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 4KB - Virtual size: 35KB

.rsrc
Size: 4KB - Virtual size: 2KB

.reloc
Size: 8KB - Virtual size: 4KB