e914efff19fd3c2754bb928bd60107dd_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e914efff19fd3c2754bb928bd60107dd_JaffaCakes118
Size

364KB
MD5

e914efff19fd3c2754bb928bd60107dd
SHA1

830c7247ca6650a8cd6fc0beb1067d1832263c24
SHA256

f4aa7ceba6b6aa54d1ec98c7b8d9d1eb512b2e4e5ba059eff161f71b5a5d2ef5
SHA512

a84ae9944b5d050b6c31fde5e53418f81a03029240438688849efa37f19a62e2fc04ba81ee39e948098feb0f2da5b93153bb1ed9c7137c5e2f4b930e08a75993
SSDEEP

6144:3fAffdnndIcxScfFUe92J/Jvr611dvVxfAuOGYnFeyB1e4p9vx9:PUdht39QJD6rVf7tbyB1e4vx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e914efff19fd3c2754bb928bd60107dd_JaffaCakes118

Files

e914efff19fd3c2754bb928bd60107dd_JaffaCakes118
.dll windows:4 windows x86 arch:x86

6f803fbc33012b07147fce71e2a52dd9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

UrlCanonicalizeA

kernel32

lstrlenW
LocalAlloc
LocalFree
GetLocaleInfoW
GlobalFree
GetStartupInfoA
LoadLibraryA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentThreadId
MapViewOfFile
CreateFileMappingW
GetFileInformationByHandle
GlobalUnlock
GlobalLock
LocalUnlock
GetDateFormatW
GetUserDefaultLCID
GetLocalTime
QueryPerformanceCounter
GetTickCount
Beep
GetHandleInformation
HeapAlloc
GetProcessHeap
HeapFree
CompareStringW
LocalLock
FoldStringW
CloseHandle
lstrcpyW
ReadFile
CreateFileW
lstrcmpiW
GetCurrentProcessId
GetProcAddress
GetCommandLineW
lstrcatW
FindClose
FindFirstFileW
GetFileAttributesW
lstrcmpW
MulDiv
lstrcpynW
LocalSize
GetLastError
WriteFile
SetLastError
WideCharToMultiByte
LocalReAlloc
FormatMessageW
GetUserDefaultUILanguage
GetCurrentProcess
MultiByteToWideChar
UnmapViewOfFile
GetACP
DeleteFileW
SetEndOfFile
GetTimeFormatW

user32

EnableWindow
PeekMessageW
CharLowerW
SetScrollPos
UpdateWindow
RegisterWindowMessageW
PostQuitMessage
SetWindowTextW
LoadIconW
GetFocus
GetDesktopWindow
CreateWindowExW
SetWindowPlacement
LoadCursorW
LoadImageW
RegisterClassExW
GetSystemMenu
LoadAcceleratorsW
LoadStringW
CharUpperW
GetWindowPlacement
IsIconic
GetForegroundWindow
ShowWindow
MessageBeep
DestroyWindow
DefWindowProcW
GetKeyboardLayout
SetActiveWindow
DialogBoxParamW
GetDC
ReleaseDC
SetCursor
GetClientRect
DrawTextExW
CreateDialogParamW
GetWindowTextW
GetSystemMetrics
MoveWindow
WinHelpW
GetDlgCtrlID
ChildWindowFromPoint
SetWinEventHook
GetMessageW
ScreenToClient
GetCursorPos
SendDlgItemMessageW
SendMessageW
CharNextW
PostMessageW
IsDialogMessageW
TranslateAcceleratorW
TranslateMessage
DispatchMessageW
UnhookWinEvent
CheckMenuItem
CloseClipboard
GetParent
EndDialog
GetDlgItemTextW
wsprintfW
SetDlgItemTextW
SetFocus
GetDlgItem
GetWindowLongW
SetWindowLongW
MessageBoxW
IsClipboardFormatAvailable
OpenClipboard
GetMenuState
EnableMenuItem
GetSubMenu
GetMenu
InvalidateRect

advapi32

RegSetValueExW
RegOpenKeyExA
RegQueryValueExA
IsTextUnicode
RegCreateKeyW
RegCloseKey
RegQueryValueExW

msvcrt

wcsncpy

shell32

DragAcceptFiles
DragQueryFileW
DragFinish
ShellAboutW

winmm

mmioOpenA

winspool.drv

OpenPrinterW
GetPrinterDriverW
ClosePrinter

comctl32

CreateStatusWindowW

comdlg32

GetOpenFileNameW
GetSaveFileNameW
GetFileTitleW
ChooseFontW
FindTextW
ReplaceTextW
PrintDlgExW
PageSetupDlgW
CommDlgExtendedError

gdi32

SelectObject
SetMapMode
SetViewportExtEx
SetWindowExtEx
LPtoDP
SetBkMode
GetTextMetricsW
DeleteObject
CreateFontIndirectW
GetDeviceCaps
GetObjectW
GetStockObject
EnumFontsW
StartDocW
TextOutW
GetTextFaceW
SetAbortProc
CreateDCW
GetTextExtentPoint32W
StartPage
DeleteDC
EndDoc
AbortDoc
EndPage

Exports

Exports

idcfg

Sections

.code
Size: 32KB - Virtual size: 30KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 300KB - Virtual size: 299KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6f803fbc33012b07147fce71e2a52dd9

Headers

File Characteristics

Imports

shlwapi

kernel32

user32

advapi32

msvcrt

shell32

winmm

winspool.drv

comctl32

comdlg32

gdi32

Exports

Exports

Sections

.code Size: 32KB - Virtual size: 30KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 300KB - Virtual size: 299KB

.reloc Size: 4KB - Virtual size: 1B

.rdata Size: 4KB - Virtual size: 1B

.reloc Size: 4KB - Virtual size: 1B

.data Size: 4KB - Virtual size: 1B

.reloc Size: 4KB - Virtual size: 1KB

.code
Size: 32KB - Virtual size: 30KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 300KB - Virtual size: 299KB

.reloc
Size: 4KB - Virtual size: 1B

.rdata
Size: 4KB - Virtual size: 1B

.reloc
Size: 4KB - Virtual size: 1B

.data
Size: 4KB - Virtual size: 1B

.reloc
Size: 4KB - Virtual size: 1KB