ac550476e8afe603f1b34dc286382adc_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ac550476e8afe603f1b34dc286382adc_JaffaCakes118
Size

48KB
MD5

ac550476e8afe603f1b34dc286382adc
SHA1

20bd007ea6cdb29e907bd9cf95de8b50fcd12e26
SHA256

f039bc65d93fb249936d74cf94cf2c894b45d1ffd1cf0ddf2bae6e09821d4d69
SHA512

4dd6d00f794a867312e8d56deea280c323956418f250331ac78210258b0bf505a9b36a18d2209a6c812dca8b848c034037ef0c73af0c3448a0311f38fd5cf833
SSDEEP

768:ssbX8X8dvB6w3GqONjTP6zIG1e7ltgvZRLMPm22u6JFN5Vt17KlpGJ4mO:rbsMnB3GNh6sceJik6TVz6

Score

3^/10

Malware Config

Signatures

Unsigned PE 2 IoCs

Checks for missing Authenticode signature.

resource
unpack001/bin/nsisSlideshow.dll
unpack001/bin/nsisSlideshowW.dll

Files

ac550476e8afe603f1b34dc286382adc_JaffaCakes118
.zip
bin/nsisSlideshow.dll
.dll windows:4 windows x86 arch:x86

d48e421612bf2363143ccfd4ec11fae7

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalReAlloc
lstrcmpiA
lstrcpyA
GlobalAlloc
GetPrivateProfileSectionA
GlobalFree
lstrcpynA
MultiByteToWideChar
Sleep
lstrlenA

user32

CallWindowProcA
BeginPaint
FindWindowExA
SetWindowLongA
GetWindowLongA
IsWindowVisible
GetDlgItem
GetWindowRect
ScreenToClient
GetClientRect
GetDC
ReleaseDC
SendMessageA
InvalidateRect
SetTimer
KillTimer
IsWindow
EndPaint

shlwapi

PathCombineA
StrChrA
StrToIntExA
PathRemoveFileSpecA
StrToIntA

ole32

CoCreateInstance

gdi32

DeleteDC
TextOutA
SetTextAlign
SetBkMode
SetTextColor
CreateFontIndirectA
GetObjectA
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
BitBlt
DeleteObject

msimg32

AlphaBlend

Exports

Exports

show
stop

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 492B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 570B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
bin/nsisSlideshowW.dll
.dll windows:4 windows x86 arch:x86

8fc94f48a46bd006f33973e3914c7eb1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
lstrcmpiW
GetPrivateProfileSectionW
lstrcpyW
GlobalFree
GlobalReAlloc
lstrcpynW
Sleep
lstrlenW

user32

CallWindowProcW
FindWindowExW
EndPaint
SetWindowLongW
GetWindowLongW
IsWindowVisible
GetDlgItem
GetWindowRect
ScreenToClient
GetClientRect
GetDC
ReleaseDC
SendMessageW
InvalidateRect
SetTimer
KillTimer
IsWindow
BeginPaint

shlwapi

PathCombineW
StrChrW
StrToIntExW
PathRemoveFileSpecW
StrToIntW

ole32

CoCreateInstance

gdi32

BitBlt
DeleteDC
TextOutW
SetTextAlign
SetBkMode
SetTextColor
CreateFontIndirectW
GetObjectW
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
DeleteObject

msimg32

AlphaBlend

Exports

Exports

show
stop

Sections

.text
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 852B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 562B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
nsisSlideshow/License.txt
nsisSlideshow/Readme.txt
nsisSlideshow/Sample.nsi
nsisSlideshow/SampleManual.nsi
nsisSlideshow/Slides/Slide 01.jpg
.jpg
nsisSlideshow/Slides/Slide 02.jpg
.jpg
nsisSlideshow/Slides/Slide 03.jpg
.jpg
nsisSlideshow/Slides/Slide 04.jpg
.jpg
nsisSlideshow/Slides/Slides.dat
nsisSlideshow/exdll.h
nsisSlideshow/nsisSlideshow.cpp
nsisSlideshow/nsisSlideshow.dsp
nsisSlideshow/nsisSlideshow.dsw

Sharing

General

Malware Config

Signatures

Files

d48e421612bf2363143ccfd4ec11fae7

Headers

File Characteristics

Imports

kernel32

user32

shlwapi

ole32

gdi32

msimg32

Exports

Exports

Sections

.text Size: 3KB - Virtual size: 2KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 492B

.reloc Size: 1024B - Virtual size: 570B

8fc94f48a46bd006f33973e3914c7eb1

Headers

File Characteristics

Imports

kernel32

user32

shlwapi

ole32

gdi32

msimg32

Exports

Exports

Sections

.text Size: 3KB - Virtual size: 2KB

.rdata Size: 1KB - Virtual size: 1KB

.data Size: 512B - Virtual size: 852B

.reloc Size: 1024B - Virtual size: 562B

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 492B

.reloc
Size: 1024B - Virtual size: 570B

.text
Size: 3KB - Virtual size: 2KB

.rdata
Size: 1KB - Virtual size: 1KB

.data
Size: 512B - Virtual size: 852B

.reloc
Size: 1024B - Virtual size: 562B