fea35677a18cad6032b19c3a20c2c405_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fea35677a18cad6032b19c3a20c2c405_JaffaCakes118
Size

108KB
MD5

fea35677a18cad6032b19c3a20c2c405
SHA1

fd5af28f4ecdecd2812048776e3272ded0e3c7f7
SHA256

f8feee72de4339664554d70deddbf7b62b1d4a8063e784a90a723020dbd9af83
SHA512

ce5701dc095530258996bf5f76bcdf8f221607dd776ca4da5f7e150de96dddc423bbb465959eca6555fa0bed16ea6580292f18ee0b1e06953758742507c67d63
SSDEEP

1536:k3+qAewSEnCIiCc/CfZCLTtm/tLKz7RU68FEt5XRLN:S+fCtCuCfZZFmpUXiXR5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fea35677a18cad6032b19c3a20c2c405_JaffaCakes118

Files

fea35677a18cad6032b19c3a20c2c405_JaffaCakes118
.dll windows:1 windows x86 arch:x86

212f3c39b58a59b9db6a6cc72b2b3ea0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

advapi32

RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
RegOpenKeyExA
RegSetValueExA
RegDeleteValueA
RegQueryValueExA

comctl32

ImageList_Destroy
ImageList_ReplaceIcon
InitCommonControlsEx
ImageList_Remove
ImageList_GetIcon
ImageList_LoadImageA

gdi32

BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreateFontIndirectA
CreateSolidBrush
DeleteDC
DeleteObject
GetDeviceCaps
GetStockObject
GetTextMetricsA
MoveToEx
SelectObject
SetBkColor
SetBkMode
SetTextAlign
SetTextColor

kernel32

CloseHandle
CreateFileA
DeleteFileA
EnumResourceNamesA
ExitProcess
FindClose
FindFirstFileA
FindNextFileA
GetCommandLineA
GetFileAttributesA
GetFileSize
GetFileType
GetLastError
GetModuleHandleA
GetProcAddress
GetStartupInfoA
GetStringTypeA
GetVersionExA
GetVolumeInformationA
GlobalAlloc
GlobalFree
GlobalReAlloc
LoadLibraryA
MultiByteToWideChar
ReadFile
SetEndOfFile
SetErrorMode
SetFilePointer
SetLastError
Sleep
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
WideCharToMultiByte
WriteFile
FreeLibrary
GetPrivateProfileStringA
RtlMoveMemory

ole32

CLSIDFromProgID
CoCreateInstance
CoInitialize
CoUninitialize
ProgIDFromCLSID

oleaut32

GetActiveObject
SafeArrayCreate
SysAllocStringByteLen
SysFreeString
SysStringByteLen
VariantClear
VariantCopy

user32

CallWindowProcA
CharLowerBuffA
CharNextA
CharUpperBuffA
CheckRadioButton
ClientToScreen
CreateDialogIndirectParamA
CreateDialogParamA
CreateWindowExA
DestroyIcon
DestroyWindow
DialogBoxIndirectParamA
DispatchMessageA
EnableWindow
FillRect
GetClientRect
GetCursorPos
GetDC
GetDlgItem
GetMenu
GetMenuItemInfoA
GetSysColor
GetSysColorBrush
GetWindowLongA
GetWindowRect
GetWindowTextA
GetWindowTextLengthA
IsDialogMessageA
IsWindow
LoadImageA
MapDialogRect
MessageBoxA
PeekMessageA
PostMessageA
RedrawWindow
ReleaseDC
ScreenToClient
SendMessageA
SetFocus
SetForegroundWindow
SetWindowLongA
SetWindowPos
SetWindowTextA
ShowWindow
SystemParametersInfoA
TranslateMessage
DialogBoxParamA
GetAsyncKeyState
GetWindow

Exports

Exports

CALDATETOJULIAN
DELREGKEY
LOADGUI

Sections

.text
Size: 89KB - Virtual size: 89KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.link
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

212f3c39b58a59b9db6a6cc72b2b3ea0

Headers

File Characteristics

Imports

advapi32

comctl32

gdi32

kernel32

ole32

oleaut32

user32

Exports

Exports

Sections

.text Size: 89KB - Virtual size: 89KB

.data Size: 8KB - Virtual size: 16KB

.link Size: 4KB - Virtual size: 3KB

.rloc Size: 5KB - Virtual size: 4KB

.text
Size: 89KB - Virtual size: 89KB

.data
Size: 8KB - Virtual size: 16KB

.link
Size: 4KB - Virtual size: 3KB

.rloc
Size: 5KB - Virtual size: 4KB