f9099ad46c16a20b52f173f5806426bf_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f9099ad46c16a20b52f173f5806426bf_JaffaCakes118
Size

38KB
MD5

f9099ad46c16a20b52f173f5806426bf
SHA1

b7543e7af6930e16520f41bc0c3e5fdd5f1ce45d
SHA256

e80f972bce5004dfe27ca8a8063f354be8b0b618119db1e706242d28217e02ca
SHA512

6d6c2aec061cdc3e34b7774e1a16971f246b79da659bc8140d0965130a54bf81f57ad50d56314b5b5f551eb1d24e15d2d6131e041665dc3ecb921af3a426cdc1
SSDEEP

768:JbqF9FSKFaJ7arlVhknrYOyW5XX+Jv+1:kLF5Hk3O41

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f9099ad46c16a20b52f173f5806426bf_JaffaCakes118

Files

f9099ad46c16a20b52f173f5806426bf_JaffaCakes118
.dll windows:6 windows x86 arch:x86

4617aa22f66f57b5b7b30e92be1b9bcd

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

mscms

AssociateColorProfileWithDeviceW
CreateColorTransformW
CreateProfileFromLogColorSpaceA
GetStandardColorSpaceProfileW
TranslateBitmapBits
UninstallColorProfileW
UnregisterCMMW

oleaut32

BstrFromVector
OleCreatePictureIndirect
OleLoadPictureFile
VarCyCmpR8
VarCyFromDec
VarMul
VarR4FromI4
VarUI1FromR8

mapi32

ord125
ord74
ord59
ord23
ord43
ord164

wininet

CreateUrlCacheContainerA
FindNextUrlCacheContainerA
FtpCreateDirectoryA
InternetCreateUrlW
InternetWriteFile
LoadUrlCacheContent
RetrieveUrlCacheEntryStreamW

avifil32

AVIFileCreateStream
AVISaveV
AVIStreamInfoA
EditStreamSetName

msvfw32

ICSendMessage
ICSeqCompressFrame

wsnmp32

ord600
ord301
ord104
ord906
ord205
ord320
ord400

rtutils

MprSetupProtocolFree
RouterLogDeregisterA
RouterLogEventDataW
TracePutsExA
TraceRegisterExA
TraceRegisterExW

kernel32

GetProcessHeap
GlobalAlloc
GlobalFree
GlobalHandle
GlobalLock
GlobalUnlock
HeapAlloc
LocalAlloc
LocalFree
VirtualProtect

user32

LoadStringW
MessageBoxW

msvcrt

_adjust_fdiv
_initterm
free
malloc
memcpy
memset

Exports

Exports

jpqqdrrkb

Sections

.text
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 424B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4617aa22f66f57b5b7b30e92be1b9bcd

Headers

File Characteristics

Imports

mscms

oleaut32

mapi32

wininet

avifil32

msvfw32

wsnmp32

rtutils

kernel32

user32

msvcrt

Exports

Exports

Sections

.text Size: 28KB - Virtual size: 27KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 5KB - Virtual size: 4KB

.rsrc Size: 512B - Virtual size: 424B

.text
Size: 28KB - Virtual size: 27KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 424B