ec4b87a3f71906c7e5f40cf9e7e108b5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ec4b87a3f71906c7e5f40cf9e7e108b5_JaffaCakes118
Size

244KB
MD5

ec4b87a3f71906c7e5f40cf9e7e108b5
SHA1

ecc7412a99e9c82bba9c2e64ad7109644f570061
SHA256

09899da193e4e1cb9135a48bb81419f65134a656598bb89ddefe47d41124cd21
SHA512

e9f6ab438a231d1d3d621e185f0fa97c2a4df8641be14a123926cf77848466f45979731c5d12e9dd0132f3a101a3c44ed17a05305408a7a23bce3e958e3ff77e
SSDEEP

6144:YZbT8RkxjLYAz/d0Ch/pZGPFF8yMSpzZLIe:sf8s2ChxyX5Ie

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ec4b87a3f71906c7e5f40cf9e7e108b5_JaffaCakes118

Files

ec4b87a3f71906c7e5f40cf9e7e108b5_JaffaCakes118
.dll windows:4 windows x86 arch:x86

a4b8f54af257ccccc4e0ac9edf8f4286

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_adjust_fdiv
__wgetmainargs
_XcptFilter
__setusermatherr
__set_app_type
__p__fmode
__p__commode
__dllonexit
__CxxFrameHandler
_c_exit
wcstod
wcscoll
wcscmp
setlocale
memmove
exit
_wcsdup
_onexit
_initterm
_controlfp
_cexit

user32

GetMonitorInfoW
CharToOemBuffA
DefWindowProcW
EnableWindow
FindWindowW
GetActiveWindow
GetDC
GetNextDlgTabItem
LoadIconW
LoadMenuW
OffsetRect
PeekMessageW
SendDlgItemMessageW
SendMessageTimeoutW
SendMessageW
WinHelpW
UpdateWindow
SetRect
SetFocus
SetCursor
CallNextHookEx

kernel32

lstrlenW
lstrcmpW
TerminateProcess
SetUnhandledExceptionFilter
SetThreadPriority
MultiByteToWideChar
AddAtomW
CreateEventW
CreateFileW
DeleteAtom
ExitProcess
GetCommandLineA
GetCurrentThreadId
GetDateFormatW
GetLastError
GetModuleHandleA
GetSystemTimeAsFileTime
GetUserDefaultLCID
GetVersionExA
GlobalAddAtomW
GlobalAlloc
GlobalFree
GlobalGetAtomNameW
HeapAlloc
HeapCreate
InterlockedIncrement
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
MulDiv

ole32

CLSIDFromString
CreateILockBytesOnHGlobal
StringFromCLSID
StgCreateDocfileOnILockBytes
ReleaseStgMedium
OleUninitialize
OleRegGetUserType
OleInitialize
IsEqualGUID

comdlg32

GetSaveFileNameW
GetOpenFileNameW
CommDlgExtendedError
ChooseFontW

advapi32

RegSetValueExW
RegCreateKeyExW
RegDeleteKeyW
RegOpenKeyExA
RegOpenKeyExW
RegQueryValueExA
RegQueryValueExW
RegCloseKey

gdi32

TextOutW
SetTextColor
SetDCBrushColor
SetBkMode
SelectObject
ScaleWindowExtEx
Rectangle
RectVisible
PtVisible
GetTextMetricsW
GetTextExtentPoint32W
GetTextColor
GetStockObject
GetPaletteEntries
GetObjectW
GetDeviceCaps
GetBkColor
ExtTextOutW
Escape
DeleteObject
DPtoLP
CreateSolidBrush
CreatePen
CreateICW
CreateFontIndirectW
CreateDCW
CreateCompatibleDC

shell32

SHGetSettings
ShellExecuteExW
ShellAboutW
SHGetSpecialFolderPathW
DragQueryFileW
DragFinish

shlwapi

PathFindFileNameW

Exports

Exports

AddDataToImageItem
ConvertToCIFFJPEG
GetIIMInfoCount
GetMCCustomSetNumberCount
ImportDataTrackFromMediumDriver

Sections

.text
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a4b8f54af257ccccc4e0ac9edf8f4286

Headers

File Characteristics

Imports

msvcrt

user32

kernel32

ole32

comdlg32

advapi32

gdi32

shell32

shlwapi

Exports

Exports

Sections

.text Size: 160KB - Virtual size: 160KB

.data Size: 72KB - Virtual size: 116KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 160KB - Virtual size: 160KB

.data
Size: 72KB - Virtual size: 116KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 4KB