7a8526de6fc42c853ff5d39df16995b2_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

7a8526de6fc42c853ff5d39df16995b2_JaffaCakes118
Size

500KB
MD5

7a8526de6fc42c853ff5d39df16995b2
SHA1

685d67e41810b70de350cf4c8bc913b656607fc5
SHA256

9ed8eed3972af2b36d24b8ef141e70bd06683aab7bdf269e5def578ddb252a22
SHA512

11ab2041d1196b2a058553726445a1f8e5af0e8c033d55cbfa9522eb1d83fbf87c292de7b6d0e5843864db2b98828bcf6d93db7d8bb5650c63b54a3da47bde27
SSDEEP

6144:V2N8aCbpt5e3JVAfqX+2Rr+nxQDBO03fHEe:w87z5mvAfLfaE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
7a8526de6fc42c853ff5d39df16995b2_JaffaCakes118

Files

7a8526de6fc42c853ff5d39df16995b2_JaffaCakes118
.dll windows:4 windows x86 arch:x86

79104f3cccf87ce5b357c629421e05f5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
VirtualAlloc
VirtualProtect
GetProcAddress
GetUserDefaultUILanguage

ole32

OleInitialize
OleUninitialize
IsValidIid
CreateOleAdviseHolder
CoGetTreatAsClass
StgOpenStorage
OleCreateLink
StgIsStorageFile

version

GetFileVersionInfoW
VerInstallFileA
GetFileVersionInfoA
GetFileVersionInfoSizeW
VerFindFileW
VerInstallFileW

user32

VRipOutput
SwitchToThisWindow
wsprintfW
DdeNameService
FlashWindow
OpenWindowStationA
DialogBoxParamW

shell32

SHEnumerateUnreadMailAccountsW
ExtractAssociatedIconW
SHParseDisplayName
DragQueryFileAorW
SHLoadNonloadedIconOverlayIdentifiers
SHSetUnreadMailCountW

winspool.drv

StartDocDlgW
EnumPrintProcessorsW
SetPrinterA
DeletePrinterConnectionA
DocumentPropertiesA
FindClosePrinterChangeNotification
DevicePropertySheets
SetPrinterDataExA
SetJobA

comctl32

ImageList_BeginDrag
DSA_Create
FlatSB_SetScrollRange
CreateStatusWindowW
ImageList_Merge
ImageList_GetIcon
ImageList_GetImageCount
CreatePropertySheetPageA
ImageList_SetFilter
FlatSB_GetScrollRange
ImageList_GetBkColor

msimg32

DllInitialize
GradientFill
vSetDdrawflag
TransparentBlt
AlphaBlend

shlwapi

IntlStrEqWorkerW
PathFindNextComponentW
SHOpenRegStreamA
UrlHashA
PathStripPathW
SHAutoComplete
SHSetThreadRef
PathAppendW

winmm

joyGetNumDevs
waveOutUnprepareHeader
mciGetDeviceIDFromElementIDW
midiOutSetVolume
mciDriverNotify
mciGetErrorStringA
joyGetPos
mixerClose
mciGetDriverData
waveInGetID
mmioRenameA
midiStreamPause
aux32Message

gdiplus

GdipGetGenericFontFamilyMonospace
GdipDisposeImage
GdipGetPathWorldBounds
GdipDrawPath
GdipSetImageAttributesOutputChannel
GdipClosePathFigure

comdlg32

PrintDlgA
FindTextW
ReplaceTextW
FindTextA
LoadAlterBitmap
PrintDlgExW
GetFileTitleA
ChooseFontW

Exports

Exports

CreatePaint

Sections

.text
Size: 188KB - Virtual size: 187KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xbsl
Size: 296KB - Virtual size: 296KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vgic
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

79104f3cccf87ce5b357c629421e05f5

Headers

File Characteristics

Imports

kernel32

ole32

version

user32

shell32

winspool.drv

comctl32

msimg32

shlwapi

winmm

gdiplus

comdlg32

Exports

Exports

Sections

.text Size: 188KB - Virtual size: 187KB

.data Size: 512B - Virtual size: 112B

.data Size: 2KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 3KB

.xbsl Size: 296KB - Virtual size: 296KB

.vgic Size: 8KB - Virtual size: 8KB

.text
Size: 188KB - Virtual size: 187KB

.data
Size: 512B - Virtual size: 112B

.data
Size: 2KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 3KB

.xbsl
Size: 296KB - Virtual size: 296KB

.vgic
Size: 8KB - Virtual size: 8KB