f1aaf198ec5b4a3ae170f05637fd7a41_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f1aaf198ec5b4a3ae170f05637fd7a41_JaffaCakes118
Size

517KB
MD5

f1aaf198ec5b4a3ae170f05637fd7a41
SHA1

3a4baa1c597abbb61ae31d276085066838a625c1
SHA256

befcaa2ca85a9295f83aac1900d865b94f41cfb636f1bacef2eca174b4202d7c
SHA512

15b8a18e8e236de4c12a4946f2981110dc41cb23e7644631b828f079566d8b88809ae2d5eb4667d1b9d9e0a92cabb503de601e7c687b32febfec9a54ff3783de
SSDEEP

12288:PWQ8L1HPvuJTg2Pa7NPRlQC5P6BSYbXqSGbUV4ThYb5Nr:PcxPsPkxzQuPlYbXxaT2b5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f1aaf198ec5b4a3ae170f05637fd7a41_JaffaCakes118

Files

f1aaf198ec5b4a3ae170f05637fd7a41_JaffaCakes118
.dll windows:6 windows x86 arch:x86

60283fce196f17ef5d777fd2a07ff2f1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

joyGetNumDevs
midiOutGetErrorTextW
joyGetPosEx
mmioInstallIOProcW
midiOutGetNumDevs
midiOutGetID

oledlg

OleUIChangeSourceW
ord7
OleUIAddVerbMenuW
ord5

rpcrt4

MesBufferHandleReset
MesDecodeIncrementalHandleCreate
MesEncodeFixedBufferHandleCreate
MesHandleFree
MesEncodeIncrementalHandleCreate

kernel32

SetEndOfFile
HeapReAlloc
HeapSize
WriteConsoleW
CreateFileW
SetStdHandle
GetProcessHeap
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetCommandLineW
GetCommandLineA
FindFirstFileA
FindClose
GetVolumeInformationA
Sleep
GetLastError
LoadLibraryA
DeleteFileA
CloseHandle
GetProcAddress
GetFileSize
FreeLibrary
CreateDirectoryA
GetCPInfo
GetOEMCP
IsValidCodePage
FindNextFileA
RaiseException
FindFirstFileExA
GetStringTypeW
GetConsoleCP
WriteFile
FlushFileBuffers
HeapFree
GetACP
HeapAlloc
GetFileType
GetStdHandle
ReadConsoleW
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
IsProcessorFeaturePresent
QueryPerformanceCounter
GetCurrentProcessId
GetCurrentThreadId
GetSystemTimeAsFileTime
InitializeSListHead
IsDebuggerPresent
GetStartupInfoW
GetModuleHandleW
RtlUnwind
DecodePointer
InterlockedFlushSList
SetLastError
EncodePointer
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSectionAndSpinCount
TlsAlloc
TlsGetValue
TlsSetValue
TlsFree
LoadLibraryExW
ExitProcess
GetModuleHandleExW
ReadFile
GetModuleFileNameA
MultiByteToWideChar
WideCharToMultiByte
LCMapStringW
SetFilePointerEx
GetConsoleMode

user32

DestroyIcon

comdlg32

GetFileTitleW
FindTextA
FindTextW
GetFileTitleA

shell32

ord18
ExtractIconA
ord47
ord155
SHGetFolderPathAndSubDirA

ole32

CoInitialize
CoRevokeClassObject
CoGetMalloc
CoRegisterClassObject
CoUninitialize
CoCreateGuid
OleNoteObjectVisible

Exports

Exports

BroadcastRecv
GetDllVersion
Main_OnClose
Messenger_Proc
MsgSend
ServiceMain
Setting_Proc
Shadow_Activate
Shadow_Paint
ShowCurrentIP
ShowTrayMsg
TypingStatus
TypingWatch
WordCount
csa_inverse_lf

Sections

.text
Size: 196KB - Virtual size: 196KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 299KB - Virtual size: 298KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 133KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

60283fce196f17ef5d777fd2a07ff2f1

Headers

DLL Characteristics

File Characteristics

Imports

winmm

oledlg

rpcrt4

kernel32

user32

comdlg32

shell32

ole32

Exports

Exports

Sections

.text Size: 196KB - Virtual size: 196KB

.rdata Size: 299KB - Virtual size: 298KB

.data Size: 2KB - Virtual size: 133KB

.idata Size: 6KB - Virtual size: 6KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 10KB - Virtual size: 9KB

.text
Size: 196KB - Virtual size: 196KB

.rdata
Size: 299KB - Virtual size: 298KB

.data
Size: 2KB - Virtual size: 133KB

.idata
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 10KB - Virtual size: 9KB