JaffaCakes118_82782f6ac4ef55ee9521b3b0ac2591f698bc37390aaf96a97775d067e300af42

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_82782f6ac4ef55ee9521b3b0ac2591f698bc37390aaf96a97775d067e300af42
Size

507KB
MD5

eabff1707a780b5a5b2ffaa6a4d28222
SHA1

bf17d986680983405bdfb500ea39269a438f8821
SHA256

82782f6ac4ef55ee9521b3b0ac2591f698bc37390aaf96a97775d067e300af42
SHA512

705a3d892948c2edc7399df8caf775769d7a9cda1d932b0d79191a2b86e4a0940526e0cafe4bb74d1fd513ed738b8f664a6c3c2cf9ce29529b6ee86a75733983
SSDEEP

12288:213jxeTWKBZejxO/hdSH03bdwctET1nDNE40zX4FQ:AteTJBc43bdx+xR0w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_82782f6ac4ef55ee9521b3b0ac2591f698bc37390aaf96a97775d067e300af42

Files

JaffaCakes118_82782f6ac4ef55ee9521b3b0ac2591f698bc37390aaf96a97775d067e300af42
.dll windows:6 windows x86 arch:x86

6c7ddebee366100ff210b741260ef1fa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\to\string\363\712\don\Share\Engine.pdb

Imports

kernel32

CreateFileW
OutputDebugStringW
CloseHandle
DecodePointer
ReadConsoleW
ReadFile
GetConsoleMode
GetConsoleCP
WriteFile
FlushFileBuffers
HeapSize
GetFileTime
GetStringTypeW
SetFilePointerEx
GetFileSizeEx
SetConsoleCtrlHandler
GetProcessHeap
EnumSystemLocalesW
GetUserDefaultLCID
IsValidLocale
GetLocaleInfoW
LCMapStringW
CompareStringW
GetTimeFormatW
GetDateFormatW
FindFirstChangeNotificationA
GetCurrentProcessId
GetDiskFreeSpaceA
MoveFileExA
GetTempPathA
GetCurrentDirectoryA
GetEnvironmentVariableA
VirtualProtect
SetStdHandle
GetModuleFileNameA
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
EncodePointer
RaiseException
InterlockedPushEntrySList
InterlockedFlushSList
GetLastError
SetLastError
RtlUnwind
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
FreeLibrary
GetProcAddress
LoadLibraryExW
ExitProcess
GetModuleHandleExW
GetModuleFileNameW
HeapFree
HeapAlloc
HeapReAlloc
GetCurrentThread
GetStdHandle
GetFileType
FindClose
FindFirstFileExW
FindNextFileW
IsValidCodePage
GetACP
GetOEMCP
GetCPInfo
GetCommandLineA
GetCommandLineW
MultiByteToWideChar
WideCharToMultiByte
GetEnvironmentStringsW
FreeEnvironmentStringsW
SetEnvironmentVariableW
WriteConsoleW

user32

ReleaseDC
SetForegroundWindow
CreateMenu
SetClipboardData
SendMessageA
DeferWindowPos
UnregisterHotKey
DestroyWindow
CheckRadioButton
CallNextHookEx
GetClassInfoExA
BeginDeferWindowPos
RegisterWindowMessageA
GetWindowLongA
EnumWindows
DefWindowProcA
TranslateMessage
SendDlgItemMessageA

ole32

OleCreate
CoUninitialize
CoSuspendClassObjects
StgCreateDocfile
CoInitialize

comdlg32

FindTextA
GetOpenFileNameA
GetSaveFileNameA

comctl32

ImageList_GetBkColor
ImageList_Create
ImageList_GetImageCount
ImageList_GetDragImage
ImageList_EndDrag

Exports

Exports

Momentelse
Stoodour
Togetherfree

Sections

.text
Size: 484KB - Virtual size: 484KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gfids
Size: 1024B - Virtual size: 552B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6c7ddebee366100ff210b741260ef1fa

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

ole32

comdlg32

comctl32

Exports

Exports

Sections

.text Size: 484KB - Virtual size: 484KB

.data Size: 3KB - Virtual size: 70KB

.idata Size: 3KB - Virtual size: 3KB

.gfids Size: 1024B - Virtual size: 552B

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 10KB - Virtual size: 10KB

.text
Size: 484KB - Virtual size: 484KB

.data
Size: 3KB - Virtual size: 70KB

.idata
Size: 3KB - Virtual size: 3KB

.gfids
Size: 1024B - Virtual size: 552B

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 10KB - Virtual size: 10KB