f7d0f941ddd37ab8de03ce378857ce59_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f7d0f941ddd37ab8de03ce378857ce59_JaffaCakes118
Size

263KB
MD5

f7d0f941ddd37ab8de03ce378857ce59
SHA1

668385d5d4d49502e3232c0e5ebba36c6703e4e0
SHA256

630eb62832d0a333454d6ef18128d3fe408612336f369e1ed686e044c1ab48b7
SHA512

c5e8d0b446e6f68d37bc1db528dd956c4253fd03f9ee2ec050eda16e9a379a3044845a4519c1c6ebf841c2e0446f3fb09a05dc1323c167d17331d1bce52d2541
SSDEEP

6144:6jm3/XlsWcppnXETAQ7leR1x759EPVXxTVj9pD2yYq:JVv4pa7lI1xd+PVXxTVjPD27q

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f7d0f941ddd37ab8de03ce378857ce59_JaffaCakes118

Files

f7d0f941ddd37ab8de03ce378857ce59_JaffaCakes118
.dll windows:5 windows x86 arch:x86

5e28e86763a698830a3fd639cb7797a4

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

mf3216.pdb

Imports

ntdll

RtlInitUnicodeString
NtOpenKey
NtQueryValueKey
NtClose
DbgPrint
RtlUnicodeToMultiByteN
_ftol
memmove

kernel32

SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
WideCharToMultiByte
IsDBCSLeadByteEx
MulDiv
LocalReAlloc
SetLastError
LocalAlloc
LocalFree

gdi32

SetPaletteEntries
IsValidEnhMetaRecordOffExt
CreateICA
IsValidEnhMetaRecord
ModifyWorldTransform
SetWindowOrgEx
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
ScaleWindowExtEx
SetMapMode
SetVirtualResolution
SetTextAlign
ExtTextOutA
ExtTextOutW
GetTextAlign
GetTextCharsetInfo
TranslateCharsetInfo
OffsetClipRgn
SetMetaRgn
GetRegionData
ExtCreateRegion
GetRgnBox
CombineRgn
GetRandomRgn
IntersectClipRect
ExcludeClipRect
PolyPolygon
GetPath
StrokePath
RestoreDC
EndPath
Arc
Chord
Pie
PolyDraw
RoundRect
PolyBezier
PolyBezierTo
AngleArc
Ellipse
Rectangle
BeginPath
SaveDC
DeleteDC
SetWorldTransform
SetGraphicsMode
CreateCompatibleDC
GetDIBits
DeleteObject
StretchBlt
OffsetViewportOrgEx
SelectObject
CreateDIBitmap
SetDIBits
BitBlt
StretchDIBits
PatBlt
CreateBitmap
DPtoLP
PlgBlt
SelectPalette
GetPaletteEntries
GetObjectA
GetStockObject
ResizePalette
CreatePalette
SetArcDirection
MoveToEx
ArcTo
GetCurrentPositionEx
CreateFontIndirectW
SetMapperFlags
LineTo
Polygon
Polyline
PolylineTo
SetBkMode
DeleteEnhMetaFile
GetWinMetaFileBits
CloseEnhMetaFile
PlayEnhMetaFile
CreateEnhMetaFileA
CombineTransform
GetDeviceCaps
GetTransform
SetEnhMetaFileBits
GetObjectW
CreateBrushIndirect
CreatePatternBrush
CreateDIBPatternBrushPt
CreatePen
WidenPath
SelectClipPath
ExtSelectClipRgn
CreateRectRgn
FlattenPath
AbortPath
CloseFigure
FillPath
StrokeAndFillPath
ord1002
GetTextMetricsW

msvcr100

_isctype

mfc42u

ord6582

ole32

OleFlushClipboard

shlwapi

ord8

rpcrt4

TowerExplode

Exports

Exports

ConvertEmfToWmf
Mf3216DllInitialize

Sections

.text
Size: 35KB - Virtual size: 34KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 764B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 187KB - Virtual size: 186KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.l1
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.l1
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.l1
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.l1
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.l1
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.l1
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.l1
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5e28e86763a698830a3fd639cb7797a4

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ntdll

kernel32

gdi32

msvcr100

mfc42u

ole32

shlwapi

rpcrt4

Exports

Exports

Sections

.text Size: 35KB - Virtual size: 34KB

.data Size: 1024B - Virtual size: 764B

.rsrc Size: 187KB - Virtual size: 186KB

.reloc Size: 1KB - Virtual size: 1KB

.l1 Size: 5KB - Virtual size: 5KB

.l1 Size: 5KB - Virtual size: 5KB

.l1 Size: 5KB - Virtual size: 5KB

.l1 Size: 5KB - Virtual size: 5KB

.l1 Size: 5KB - Virtual size: 5KB

.l1 Size: 5KB - Virtual size: 5KB

.l1 Size: 5KB - Virtual size: 5KB

.text
Size: 35KB - Virtual size: 34KB

.data
Size: 1024B - Virtual size: 764B

.rsrc
Size: 187KB - Virtual size: 186KB

.reloc
Size: 1KB - Virtual size: 1KB

.l1
Size: 5KB - Virtual size: 5KB

.l1
Size: 5KB - Virtual size: 5KB

.l1
Size: 5KB - Virtual size: 5KB

.l1
Size: 5KB - Virtual size: 5KB

.l1
Size: 5KB - Virtual size: 5KB

.l1
Size: 5KB - Virtual size: 5KB

.l1
Size: 5KB - Virtual size: 5KB