JaffaCakes118_ff0e71e46c088a893c271fc1712c0456607472d569ad85dd45eac83ae91436bc

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_ff0e71e46c088a893c271fc1712c0456607472d569ad85dd45eac83ae91436bc
Size

496KB
MD5

7c9d6acb3aaf5153a0a8b08aaaa079c0
SHA1

a85b09c3423521632e4f3c904d57cef06fc0e129
SHA256

ff0e71e46c088a893c271fc1712c0456607472d569ad85dd45eac83ae91436bc
SHA512

9cf6bcbdd5133a52bc3b76572498f9e854194b868caacd88e462798e362e0ef47bc99ca19bcb2c194c248dc15fed020903e32ca9ce80f69e7d9facd5896ed392
SSDEEP

12288:fytPfASAuSvQnb3HorHDKGwC4ZTJxlGRS:fy9fASOvQjoTDw3XC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_ff0e71e46c088a893c271fc1712c0456607472d569ad85dd45eac83ae91436bc

Files

JaffaCakes118_ff0e71e46c088a893c271fc1712c0456607472d569ad85dd45eac83ae91436bc
.dll regsvr32 windows:5 windows x64 arch:x64

b71031ac72c27db547b44e7ae017554b

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryW
VirtualAlloc
SetStdHandle
WriteConsoleW
EncodePointer
DecodePointer
Sleep
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetCurrentThreadId
FlsSetValue
GetCommandLineA
RaiseException
RtlPcToFileHeader
RtlLookupFunctionEntry
RtlUnwindEx
GetLastError
HeapFree
WideCharToMultiByte
LCMapStringW
MultiByteToWideChar
GetCPInfo
HeapAlloc
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlCaptureContext
FlsGetValue
FlsFree
SetLastError
GetCurrentThread
FlsAlloc
GetProcAddress
GetModuleHandleW
ExitProcess
SetHandleCount
GetStdHandle
InitializeCriticalSectionAndSpinCount
GetFileType
GetStartupInfoW
GetModuleFileNameA
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapSetInformation
GetVersion
HeapCreate
HeapDestroy
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
WriteFile
GetModuleFileNameW
GetLocaleInfoW
HeapSize
FatalAppExitA
GetConsoleCP
GetConsoleMode
FlushFileBuffers
ReadFile
SetFilePointer
CloseHandle
GetACP
GetOEMCP
IsValidCodePage
GetStringTypeW
HeapReAlloc
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
SetConsoleCtrlHandler
FreeLibrary
CreateFileW

ole32

CoLoadLibrary

Exports

Exports

DllRegisterServer
StardxxsrtA
StarhhhcdtA
StartAuu
StatthbdesqrtA
e
sdxc
tttt
wwwqaji

Sections

.text
Size: 273KB - Virtual size: 273KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 39KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 162KB - Virtual size: 162KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b71031ac72c27db547b44e7ae017554b

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

ole32

Exports

Exports

Sections

.text Size: 273KB - Virtual size: 273KB

.rdata Size: 39KB - Virtual size: 39KB

.data Size: 8KB - Virtual size: 17KB

.pdata Size: 9KB - Virtual size: 9KB

.rsrc Size: 162KB - Virtual size: 162KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 273KB - Virtual size: 273KB

.rdata
Size: 39KB - Virtual size: 39KB

.data
Size: 8KB - Virtual size: 17KB

.pdata
Size: 9KB - Virtual size: 9KB

.rsrc
Size: 162KB - Virtual size: 162KB

.reloc
Size: 2KB - Virtual size: 2KB