24df6cc2f9ae66f1a1db30185268247c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

24df6cc2f9ae66f1a1db30185268247c_JaffaCakes118
Size

26KB
MD5

24df6cc2f9ae66f1a1db30185268247c
SHA1

937b413c9ce2470a2084ed2c83da43ff7bda7619
SHA256

e58cbeae75cd089ace69ee94c85ab8976200d420bb139b0c5a24d8464c01be0b
SHA512

d9da38d5b6b3544914e6948a51dc4c294307d57041c939bc1a81572d65b8d0d702459eac24e9db4af9df878e482c3a87b9cd2f394edd9814ee80b8a57d96358b
SSDEEP

384:Br6veDP/L/7RWrtgT7y5osoffRu3Lc6l2QtpqmvykysX:B9T/fRWpAFffRu3Fjvqfkv

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
24df6cc2f9ae66f1a1db30185268247c_JaffaCakes118

Files

24df6cc2f9ae66f1a1db30185268247c_JaffaCakes118
.dll windows:6 windows x86 arch:x86

147c62bf8fb13e9aea6bb89117ec3f8d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcessHeap
HeapFree
lstrcmpW
InitializeCriticalSection
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
CreateThread
lstrcatW
HeapAlloc
GetLastError
VirtualProtect
HeapReAlloc
lstrlenW

mscms

IsColorProfileValid
CreateColorTransformW
GetStandardColorSpaceProfileW
GetColorProfileFromHandle
SetColorProfileElementReference
SelectCMM

urlmon

CoInternetQueryInfo
WriteHitLogging
URLOpenStreamA
URLOpenPullStreamA
RevokeBindStatusCallback

mswsock

GetServiceA
inet_network
EnumProtocolsA

pdh

PdhGetDllVersion
PdhEnumObjectItemsW
PdhOpenLogA
PdhGetDataSourceTimeRangeW

comdlg32

ChooseColorA
ChooseFontA

msvfw32

ICCompressorFree
GetOpenFileNamePreviewW
DrawDibBegin

avifil32

AVIStreamInfoA
AVISaveV

gdi32

GdiFlush
ColorCorrectPalette
SetArcDirection
SetPolyFillMode

user32

wsprintfW

advapi32

RegOpenKeyExW
RegGetValueW
RegCloseKey
RegCreateKeyExW
RegEnumKeyExW
RegEnumValueW
RegNotifyChangeKeyValue
RegOpenKeyW
RegSetValueExW
RegQueryValueExW

ole32

CoTaskMemFree
CoCreateInstance
CLSIDFromString
StringFromGUID2
PropVariantClear
CoTaskMemAlloc

msvcrt

malloc
_adjust_fdiv
wcstol
_initterm
memcmp
memset
free

Exports

Exports

wienvjn

Sections

.text
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 480B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 900B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

147c62bf8fb13e9aea6bb89117ec3f8d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

mscms

urlmon

mswsock

pdh

comdlg32

msvfw32

avifil32

gdi32

user32

advapi32

ole32

msvcrt

Exports

Exports

Sections

.text Size: 12KB - Virtual size: 12KB

.rdata Size: 3KB - Virtual size: 3KB

.data Size: 8KB - Virtual size: 7KB

.rsrc Size: 512B - Virtual size: 480B

.reloc Size: 1024B - Virtual size: 900B

.text
Size: 12KB - Virtual size: 12KB

.rdata
Size: 3KB - Virtual size: 3KB

.data
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 512B - Virtual size: 480B

.reloc
Size: 1024B - Virtual size: 900B