fa62ed5f72122a2810809736226c3bc2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fa62ed5f72122a2810809736226c3bc2_JaffaCakes118
Size

43KB
MD5

fa62ed5f72122a2810809736226c3bc2
SHA1

c29eea37c0473260edc4ce2df631eb407b2a66fd
SHA256

b5654e645833ac92cf3ab3cb4d2143ac0e7e97cc16a685a7af0bec72d541c3cd
SHA512

4156b0ef8e1de1268d075e46ced5c381888abb352ee956fa08c659d723d30128283ed3ba09f42727ce180c7902d3cab78716c207ebc2fc0d0818a6f7b1eb1f2c
SSDEEP

768:7KGowZlyCPewXi7NfNk7AD0ukAMmVpNXzpAyy4w1e0bHmMXRdOZz1T:7KGowZlyC2wS75h0uHa4w1e0bHzXmR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fa62ed5f72122a2810809736226c3bc2_JaffaCakes118

Files

fa62ed5f72122a2810809736226c3bc2_JaffaCakes118
.dll windows:6 windows x86 arch:x86

44acdb9da6379974ac92c634a8a80970

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

PathFindExtensionA
PathRelativePathToW
SHDeleteValueW
SHRegOpenUSKeyA
StrCSpnIW
StrStrIW
StrTrimA

kernel32

CloseHandle
CreateFileW
DisableThreadLibraryCalls
ExpandEnvironmentStringsA
ExpandEnvironmentStringsW
FreeLibrary
GetDriveTypeA
GetDriveTypeW
GetLastError
GetProcAddress
GetProcessHeap
GetStringTypeW
GetVersion
HeapAlloc
HeapFree
LoadLibraryW
MultiByteToWideChar
SetConsoleWindowInfo
SetLastError
VirtualProtect
VirtualQuery
WideCharToMultiByte
lstrcmpW
lstrcpyA
lstrcpyW
lstrlenA
lstrlenW

odbc32

ord210
ord31
ord232
ord44
ord262
ord139
ord170

winmm

WOW32DriverCallback
auxSetVolume
midiInOpen
midiInUnprepareHeader
midiStreamPause
midiStreamPosition
mixerOpen
waveInAddBuffer

msi

ord7
ord15
ord17
ord18
ord31
ord34
ord169
ord56
ord80
ord92
ord123
ord139
ord146

mpr

MultinetGetConnectionPerformanceW

oleaut32

SafeArrayLock
VarDateFromR8
VarDecDiv
VarDecFromCy
VarDecFromDisp
VarDecFromUI2
VarImp
VarR8FromUI4
VarUI1FromDisp
VariantCopy

mscms

AssociateColorProfileWithDeviceW
CloseColorProfile
CreateProfileFromLogColorSpaceW
GetPS2ColorSpaceArray
GetStandardColorSpaceProfileW
IsColorProfileTagPresent
SelectCMM
SetColorProfileHeader
TranslateColors

gdi32

AddFontResourceA
AddFontResourceExA
CreateDIBSection
CreateEnhMetaFileA
DPtoLP
ExtFloodFill
GdiGetPageCount
GetOutlineTextMetricsW
OffsetViewportOrgEx
SetLayout

advapi32

GetUserNameA
GetUserNameW
RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegEnumKeyExW
RegOpenCurrentUser
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW

user32

LoadStringW

msvcrt

_adjust_fdiv
_initterm
free
iswctype
malloc
memcpy
memset
strcpy
strlen
swprintf
wcschr

Exports

Exports

jaovu

Sections

.text
Size: 32KB - Virtual size: 31KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 424B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

44acdb9da6379974ac92c634a8a80970

Headers

File Characteristics

Imports

shlwapi

kernel32

odbc32

winmm

msi

mpr

oleaut32

mscms

gdi32

advapi32

user32

msvcrt

Exports

Exports

Sections

.text Size: 32KB - Virtual size: 31KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 5KB - Virtual size: 4KB

.rsrc Size: 512B - Virtual size: 424B

.text
Size: 32KB - Virtual size: 31KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 5KB - Virtual size: 4KB

.rsrc
Size: 512B - Virtual size: 424B