JaffaCakes118_6e301fac858129220351cb9b1996df2f

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_6e301fac858129220351cb9b1996df2f
Size

182KB
MD5

6e301fac858129220351cb9b1996df2f
SHA1

38a87bff9990b91db801ec71705eb1a814cdbde1
SHA256

c00b629cf4a5209abcbcdde01bddab815ac0750190467cea5616cf633c4b0530
SHA512

9fb136497c09100c64f3aeb6131886185d8bcf327720eddd89883125123e42cb04bc7935238e2b91a12c0a1e7fd3308bb973611832d2705b7886cc5deb74ff79
SSDEEP

1536:E3Srr6PLburoisC9TxSBVMxegH6/BK4BjzC0pvisNXPLvLPqphJZksgREvNXMWG:E3SrSu8iGiz0w4vVzmkscE18Coo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_6e301fac858129220351cb9b1996df2f

Files

JaffaCakes118_6e301fac858129220351cb9b1996df2f
.dll windows:4 windows x86 arch:x86

e84cc081a3dba0f2b4feb60282be402e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_initterm
_exit
calloc
abort
__getmainargs
malloc
__dllonexit
__p___initenv
free
_controlfp
__p__fmode
strrchr
__p__commode
_XcptFilter
strcpy
_except_handler3
__setusermatherr
fputc
realloc
_iob
_adjust_fdiv
sinh
__set_app_type
strlen

comdlg32

GetOpenFileNameA

kernel32

CompareFileTime
GetFullPathNameA
LCMapStringW
lstrcatA
GetCurrentThreadId
lstrcmpiA
GetUserDefaultLCID
GetNumberFormatA
GetTickCount
VirtualAlloc
VirtualProtectEx
GetACP
GetCurrentProcessId
InterlockedCompareExchange
FlushFileBuffers
GetSystemInfo

user32

DeleteMenu
SystemParametersInfoA
CheckMenuItem
FillRect
GetScrollRange
SetDlgItemTextA
PeekMessageA
GetWindowRect
UnregisterClassA
GetForegroundWindow
WaitMessage

comctl32

CreateStatusWindowA
ImageList_Read
ImageList_AddMasked
ImageList_GetImageCount
ImageList_Add
InitializeFlatSB
ImageList_Create
ImageList_GetIcon
CreateToolbarEx
PropertySheetA
ImageList_Destroy
ImageList_GetIconSize
ImageList_SetDragCursorImage

advapi32

RegSetValueExA
InitializeAcl
CheckTokenMembership
RegSetValueExW
DeregisterEventSource
CryptReleaseContext
InitializeSecurityDescriptor
OpenSCManagerA
QueryServiceStatus
CryptCreateHash
GetSecurityDescriptorDacl
AllocateAndInitializeSid
RegDeleteKeyA

gdi32

CreateEnhMetaFileA
GetBrushOrgEx
SetRectRgn
ExtCreatePen
RemoveFontResourceA
Chord
GetDIBits
GetViewportExtEx
GetWindowOrgEx
CopyEnhMetaFileA
GetObjectType
SetArcDirection
CreatePatternBrush
CreateICW
CloseMetaFile

ole32

CreateItemMoniker
StringFromGUID2
IsAccelerator
CoReleaseMarshalData
CLSIDFromString
CoTaskMemAlloc
CoTaskMemFree
CoCreateGuid
CoRevokeClassObject
OleUninitialize
CoRegisterClassObject
RevokeDragDrop
IIDFromString

Sections

.text
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 151KB - Virtual size: 151KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 380B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e84cc081a3dba0f2b4feb60282be402e

Headers

File Characteristics

Imports

msvcrt

comdlg32

kernel32

user32

comctl32

advapi32

gdi32

ole32

Sections

.text Size: 2KB - Virtual size: 2KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 23KB - Virtual size: 70KB

.rsrc Size: 151KB - Virtual size: 151KB

.reloc Size: 512B - Virtual size: 380B

.text
Size: 2KB - Virtual size: 2KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 23KB - Virtual size: 70KB

.rsrc
Size: 151KB - Virtual size: 151KB

.reloc
Size: 512B - Virtual size: 380B