91e19107d30df183146aaeb71683c5b4_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

91e19107d30df183146aaeb71683c5b4_JaffaCakes118
Size

144KB
MD5

91e19107d30df183146aaeb71683c5b4
SHA1

0bbb9e51c59c0f749386150cfecc0efdb9deffe9
SHA256

ce429d13892d3fd9964ceac96e76706322240ac7751028a3adf90dc34a23401e
SHA512

c84629a5add6e88310a48f3dd6da0eaeff1258d8a8fe0567f73ae4030095d5768d44bcc3d10cffb750393bdb046f04ca0318d3be58128530520e4e7d2569710a
SSDEEP

3072:pl3CeqdZeyH/g6YmeREmG08FaJVTcjDtoVJgxbmghuXnlDi5/L:z3AeW/gwSEmGLFOcntgJgxP8nY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
91e19107d30df183146aaeb71683c5b4_JaffaCakes118

Files

91e19107d30df183146aaeb71683c5b4_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a5bc8ae61774e3a76a89d89dec983616

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetCapture
SetWindowsHookExW
EnumPropsExW
IsCharUpperW
GetCaretBlinkTime
LoadLocalFonts
SetDlgItemTextA
CreateDialogIndirectParamAorW
GetMenuItemInfoA
UserRegisterWowHandlers
GetWindowLongW
LookupIconIdFromDirectoryEx
IsIconic
SendDlgItemMessageA
DdeGetLastError
OpenDesktopA
DdeCreateStringHandleW
LockSetForegroundWindow
UserLpkPSMTextOut
DefWindowProcA
SetLastErrorEx
TranslateMessage
SetPropW

kernel32

GetProcAddress
VirtualProtect
ExitProcess
GetModuleHandleA
LoadLibraryA
VirtualAlloc
GetLastError
GetConsoleCP
SetLastError
lstrlenA
lstrcatA
GetProcessId
GetACP
GetVersion
GetTickCount
GetCurrentProcess
VerLanguageNameA
AddVectoredExceptionHandler
WTSGetActiveConsoleSessionId
VerLanguageNameW
SetVolumeLabelA
DnsHostnameToComputerNameW
GetCurrentDirectoryW
FindResourceExW
OpenThread
RegisterWaitForInputIdle
DisableThreadLibraryCalls
WaitNamedPipeW
RemoveDirectoryW
SetCurrentDirectoryA
OpenMutexA
GetProfileSectionW
GetConsoleTitleA
GetSystemWow64DirectoryA
SwitchToFiber
FindActCtxSectionStringA

comctl32

ImageList_DragLeave
ImageList_BeginDrag
InitCommonControls
ImageList_DragEnter
ImageList_EndDrag
ImageList_DragMove
ImageList_Read
FlatSB_GetScrollRange
DllGetVersion
DPA_DeleteAllPtrs
ImageList_Write
DSA_DestroyCallback
ImageList_Remove
MenuHelp
ImageList_GetIconSize
MakeDragList
ShowHideMenuCtl
FlatSB_GetScrollPos
FlatSB_EnableScrollBar
CreatePropertySheetPage
PropertySheetW

ole32

OleInitialize
OleUninitialize
CoCreateGuid
StgGetIFillLockBytesOnFile
HMENU_UserUnmarshal
OleIsRunning
CoGetApartmentID
OleTranslateAccelerator
WriteStringStream
OleSetMenuDescriptor
OleCreateLink
GetErrorInfo
OleGetIconOfFile
FmtIdToPropStgName
CLSIDFromOle1Class
CoGetCallerTID
HICON_UserMarshal
StgOpenStorageOnILockBytes
CoGetProcessIdentifier
CoGetObject
CoResumeClassObjects
HACCEL_UserUnmarshal
CoInvalidateRemoteMachineBindings
CoReleaseServerProcess
CoRetireServer
SetDocumentBitStg
CreateDataCache
CoReactivateObject

version

GetFileVersionInfoSizeA
VerInstallFileA
VerInstallFileW
VerFindFileA
VerQueryValueA
VerQueryValueW
VerFindFileW

oleaut32

VarR8FromUI2
VarR4FromDec
VarI8FromDate
OleLoadPictureFile
VariantChangeTypeEx
VarBstrFromDate
VarR8Round
SafeArrayGetIID
VarUI8FromDate
BSTR_UserMarshal
DispCallFunc
VarI8FromR8
VarBstrFromR4
VariantChangeType
VarInt
SafeArrayGetElemsize
VarI4FromDisp
VarUI8FromI2

winspool.drv

AddPrinterDriverW
DeletePrintProvidorA
DeletePortA
FreePrinterNotifyInfo
EnumFormsA
DeletePrinterDataExW
EnumMonitorsA
GetDefaultPrinterW
AddPrintProvidorA
QueryColorProfile
DeletePrinterKeyA

comdlg32

ReplaceTextA
Ssync_ANSI_UNICODE_Struct_For_WOW
ChooseFontA
FindTextW
PrintDlgExW
ChooseFontW
ReplaceTextW
ChooseColorW
dwOKSubclass
WantArrows
GetOpenFileNameW

shell32

SHGetDataFromIDListW
PathResolve
SHCreateDirectory
SHGetSetSettings
Shell_NotifyIcon
SHGetAttributesFromDataObject
ExtractIconW
SHCLSIDFromString
SHCoCreateInstance
SHGetInstanceExplorer
PrintersGetCommand_RunDLLW
StrRChrW
SHCreateShellFolderView
SHAppBarMessage

gdiplus

GdipGetCompositingMode
GdipFillPolygon
GdipGetImageType
GdipEnumerateMetafileSrcRectDestRectI
GdipPathIterIsValid
GdipCreateFromHWNDICM
GdipRecordMetafileFileNameI
GdipSetStringFormatTabStops
GdipAddPathBeziersI
GdipCreatePath2
GdipImageRotateFlip
GdipGetPenLineJoin
GdipSetPathGradientCenterPoint
GdipCreateTexture2
GdipGetStringFormatAlign
GdipGetLineTransform
GdipMeasureDriverString
GdipWarpPath
GdipTransformRegion
GdipGetPathGradientBlendCount
GdipAddPathClosedCurve
GdipDrawBeziersI

oledlg

OleUIInsertObjectA
OleUIConvertA
OleUIObjectPropertiesW
OleUIObjectPropertiesA
OleUIEditLinksW
OleUIChangeIconA
OleUIPasteSpecialW
OleUIPromptUserA
OleUICanConvertOrActivateAs
OleUIChangeIconW
OleUIAddVerbMenuW
OleUIUpdateLinksW
OleUIConvertW

Sections

.text
Size: 134KB - Virtual size: 134KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 436B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a5bc8ae61774e3a76a89d89dec983616

Headers

DLL Characteristics

File Characteristics

Imports

user32

kernel32

comctl32

ole32

version

oleaut32

winspool.drv

comdlg32

shell32

gdiplus

oledlg

Sections

.text Size: 134KB - Virtual size: 134KB

.data Size: 8KB - Virtual size: 7KB

.rsrc Size: 512B - Virtual size: 436B

.text
Size: 134KB - Virtual size: 134KB

.data
Size: 8KB - Virtual size: 7KB

.rsrc
Size: 512B - Virtual size: 436B