JaffaCakes118_2a3c3868004a1bb90f6aa1fe25e945ce

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_2a3c3868004a1bb90f6aa1fe25e945ce
Size

189KB
MD5

2a3c3868004a1bb90f6aa1fe25e945ce
SHA1

80bcd81ee5bf87b8108a8fd7fb7acccba6aa8dfd
SHA256

5011d2e67a41eebc4dc0303c1888e86b8637ad110a44745361fa0d38958652f4
SHA512

c1f326063589b8096a053279b2f8fc75a54efffaf1a4fd354bda8c6992df4d241b2c743bc5bc6ceb07e07629fc95f52a3f524001561e4612639ab1059069bf08
SSDEEP

3072:z8Ihqytign24lS5YllqiVrZ2ivXAoBUHJBpc2U5h/DbBIV1h8Toyf+3nwYVD+G08:z8Ihq1WCoq+ZZAwUHJBLU5hrijWTzWwu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_2a3c3868004a1bb90f6aa1fe25e945ce

Files

JaffaCakes118_2a3c3868004a1bb90f6aa1fe25e945ce
.dll windows:5 windows x86 arch:x86

ad9e33ab2ccda68e3537f5a92f051f91

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetPrivateProfileStringA
GetWindowsDirectoryA
Sleep
GetUserDefaultLangID
CreateProcessA
OpenMutexA
FreeLibrary
HeapFree
CloseHandle
OpenProcess
HeapAlloc
GetProcessHeap
GetProcAddress
LoadLibraryA
LocalFree
CreateFileA
GetEnvironmentVariableA
FindFirstFileA
GetFullPathNameA
GetLastError
CreateMutexA
SetLastError
FormatMessageA
DisableThreadLibraryCalls
GetModuleHandleA
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
SetUnhandledExceptionFilter
FindNextFileA
FindClose
GetFileAttributesA
SetFileAttributesA
DeleteFileA
GetPrivateProfileIntA
MoveFileExA

msvcrt

vsprintf
fflush
fopen
_strdate
sprintf
_strupr
_except_handler3
??2@YAPAXI@Z
??3@YAXPAX@Z
strstr
_strtime
fprintf
fclose

setupapi

SetupCloseInfFile
SetupDiGetSelectedDriverA
SetupDiGetDriverInfoDetailA
SetupDiGetDeviceRegistryPropertyA

advapi32

RegCloseKey
RegOpenKeyExA
RegDeleteKeyA
RegSetValueExA
RegCreateKeyExA
RegDeleteValueA
RegQueryValueExA

user32

FindWindowA

shlwapi

SHDeleteKeyA

Exports

Exports

PostProc

Sections

.text
Size: 19KB - Virtual size: 19KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 440B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 165KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

ad9e33ab2ccda68e3537f5a92f051f91

Headers

File Characteristics

Imports

kernel32

msvcrt

setupapi

advapi32

user32

shlwapi

Exports

Exports

Sections

.text Size: 19KB - Virtual size: 19KB

.data Size: 512B - Virtual size: 440B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text Size: 165KB - Virtual size: 168KB

.text
Size: 19KB - Virtual size: 19KB

.data
Size: 512B - Virtual size: 440B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB

.text
Size: 165KB - Virtual size: 168KB