JaffaCakes118_e2669774d45c6fd1321560f53ae01ec1

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_e2669774d45c6fd1321560f53ae01ec1
Size

128KB
MD5

e2669774d45c6fd1321560f53ae01ec1
SHA1

6b0868f93cc3ad609c726b3041bceddfe9766376
SHA256

a028db2d131211a374ba9cec976205eea9043cdad862c5deb87210ef16f055ed
SHA512

8e41315c609d4af1a7e5826f42f287aad860ab58d104f091cba59312a0c1d3db4bfc6d6b7792a7821429b73715fc1d9104007cd2b9c226efe7a382fdd52dc32d
SSDEEP

3072:Z3Yy5hqishvGyeE8/TE9WfgFK8b1Y/xS3:V5hqiyOEGEWQBA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_e2669774d45c6fd1321560f53ae01ec1

Files

JaffaCakes118_e2669774d45c6fd1321560f53ae01ec1
.dll windows:4 windows x86 arch:x86

5bc61840795a3f452fd2b1261b087254

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
CreateFileW
GetACP
SetEnvironmentVariableW
FillConsoleOutputAttribute
SetConsoleCursorPosition
WideCharToMultiByte
WriteConsoleOutputW
ReadConsoleOutputW
GetConsoleCP
GetEnvironmentVariableA
MultiByteToWideChar
SetConsoleActiveScreenBuffer
SetEvent
WriteFile
GetLargestConsoleWindowSize
ScrollConsoleScreenBufferW
WriteConsoleOutputCharacterW
IsDBCSLeadByte
ReadConsoleInputA
ReadConsoleInputW
SetConsoleMode
CreateEventW
SetConsoleCtrlHandler
ExitProcess
CreateThread
GetCurrentProcess
TerminateProcess
LocalAlloc
SetConsoleTitleW
LocalFree
WriteConsoleW
ResetEvent
WaitForSingleObject
UnhandledExceptionFilter
InterlockedIncrement
InterlockedDecrement
Sleep
VirtualAlloc
GetSystemInfo
VirtualFree
InterlockedCompareExchange
GetSystemDirectoryA
CreateFileA
lstrcmpiA
lstrcpynA
lstrlenW
HeapDestroy
ReadFile
GetTickCount
DisableThreadLibraryCalls
GetProcAddress
GetModuleHandleA
QueryPerformanceCounter
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetEnvironmentVariableW
GetConsoleScreenBufferInfo
SetConsoleScreenBufferSize
SetConsoleWindowInfo
GetCommandLineA
SetUnhandledExceptionFilter
VirtualProtect

user32

CreateWindowExW
PostMessageW
IsCharAlphaW
IsCharAlphaNumericW
LoadStringW
TranslateMessage
CharNextA
GetMessageW
DispatchMessageW
RegisterClassW
GetWindowLongW
GetKeyboardType
DestroyWindow
SetRectEmpty

advapi32

LookupAccountSidW
GetUserNameW
RegEnumKeyExA
RegDeleteValueA
RegDeleteKeyA
RegCloseKey

ole32

CoCreateInstanceEx
CoUninitialize
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoCreateFreeThreadedMarshaler
CoInitializeEx

rpcrt4

I_RpcMapWin32Status
NdrClientCall2
RpcStringFreeW
RpcBindingFromStringBindingW
RpcStringBindingComposeW
RpcBindingFree

msvcrt

_adjust_fdiv
realloc
memmove
_stricmp
_wtoi64
memset
wcsncmp
toupper
_wcsicmp
iswctype
_wcsnicmp
_wtoi
malloc
free
calloc
memchr
strncmp
_initterm
_strnicmp
atoi
_except_handler3
memcpy
exit

Sections

.text
Size: 108KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5bc61840795a3f452fd2b1261b087254

Headers

File Characteristics

Imports

kernel32

user32

advapi32

ole32

rpcrt4

msvcrt

Sections

.text Size: 108KB - Virtual size: 107KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 4KB - Virtual size: 36KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 108KB - Virtual size: 107KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 4KB - Virtual size: 36KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 3KB