5577795bba8d588e3197b0c4bb541b2d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5577795bba8d588e3197b0c4bb541b2d_JaffaCakes118
Size

124KB
MD5

5577795bba8d588e3197b0c4bb541b2d
SHA1

ac894f1d395fe97be044179bda76e1a84f9324e5
SHA256

02f3f9eb95fb3900cc967ef5d9d7c1af7381410350b19296d0a93b84359b02c3
SHA512

b3910ef80e9d98c39c4c517a201073e70b0dbb158e7b971393bca026b9f2eef26c61e769d412de147a69198400540eb79a27b4962cfb254ed44723b00b29bef9
SSDEEP

1536:xmTpbVzCYDIlUR93UTf3oSNbH9aNOyj1emcVNZ8+qMeb4Jex/MFV6MbPo6DX:ETpbIWy0Bm3dpdEFB5ENKNrx0FQ+oK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5577795bba8d588e3197b0c4bb541b2d_JaffaCakes118

Files

5577795bba8d588e3197b0c4bb541b2d_JaffaCakes118
.dll windows:4 windows x86 arch:x86

1edfd82de39dd7ae41ba42f1de1abe98

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

EnterCriticalSection
GetProcessHeap
CreateProcessA
UnmapViewOfFile
HeapFree
LeaveCriticalSection
CopyFileA
CreateFileMappingA
lstrlenA
InterlockedIncrement
CreateDirectoryA
ReleaseMutex
OpenEventA
CloseHandle
GetModuleFileNameA
GetModuleHandleA
LoadLibraryA
GetProcAddress
GetCurrentProcessId
InterlockedDecrement
Sleep
ExitProcess
lstrlenW
GetCommandLineA
WaitForSingleObject
WriteFile
CreateFileA
GetVolumeInformationA
MapViewOfFile
InterlockedCompareExchange
HeapAlloc
LocalFree
GetLastError
CreateMutexA
GetComputerNameA
SetLastError
GetTickCount
CreateEventA

ole32

CoInitialize
CoTaskMemAlloc
CreateBindCtx
OleCreate
OleSetContainedObject
CoUninitialize
CoCreateGuid

user32

GetWindowThreadProcessId
FindWindowA
SetWindowLongA
UnhookWindowsHookEx
SendMessageA
GetClassNameA
GetParent
CreateWindowExA
GetMessageA
TranslateMessage
PostMessageA
SetWindowsHookExA
GetSystemMetrics
SetTimer
DispatchMessageA
RegisterWindowMessageA
DestroyWindow
DefWindowProcA
KillTimer
GetWindowLongA
PostQuitMessage

oleaut32

SysAllocString
SysFreeString
SysAllocStringLen

shlwapi

UrlUnescapeW
StrStrIW

advapi32

RegSetValueExA
RegCreateKeyExA
RegOpenKeyExA
RegDeleteValueA
RegQueryValueExA
RegCloseKey
GetUserNameA

shell32

SHGetFolderPathA

Exports

Exports

QuickMapCtrl

Sections

.text
Size: 104KB - Virtual size: 102KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1edfd82de39dd7ae41ba42f1de1abe98

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

shlwapi

advapi32

shell32

Exports

Exports

Sections

.text Size: 104KB - Virtual size: 102KB

.rdata Size: 4KB - Virtual size: 2KB

.data Size: 8KB - Virtual size: 7KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 104KB - Virtual size: 102KB

.rdata
Size: 4KB - Virtual size: 2KB

.data
Size: 8KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 2KB