03eccdbb79ccfb679bb9702a3158d058_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

03eccdbb79ccfb679bb9702a3158d058_JaffaCakes118
Size

364KB
MD5

03eccdbb79ccfb679bb9702a3158d058
SHA1

6dc40c968e65ba863b4ba36ae5331aefe980597e
SHA256

05ff0785f1252db3d60dfe87c672f849a790d89bf9ea6d64067cc407fe5f70eb
SHA512

f40806987c2d72bd5cbbf2cc05111b84b2c4c3cea65d1907f9a551265f5fd4f4aee2efb4cf871c781f0d8815caf5d99e6cb7872845d721df1936be80f7281b00
SSDEEP

6144:pK5krOSdJXOoY8DehRsxT4OijeRrrzkqiUYb3U/fotcFniXdWKYQBJ:VrPvY8DesxxTRzHiUYrufotEiX5Yu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
03eccdbb79ccfb679bb9702a3158d058_JaffaCakes118

Files

03eccdbb79ccfb679bb9702a3158d058_JaffaCakes118
.dll windows:4 windows x86 arch:x86

6f803fbc33012b07147fce71e2a52dd9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

UrlCanonicalizeA

kernel32

lstrlenW
LocalAlloc
LocalFree
GetLocaleInfoW
GlobalFree
GetStartupInfoA
LoadLibraryA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentThreadId
MapViewOfFile
CreateFileMappingW
GetFileInformationByHandle
GlobalUnlock
GlobalLock
LocalUnlock
GetDateFormatW
GetUserDefaultLCID
GetLocalTime
QueryPerformanceCounter
GetTickCount
Beep
GetHandleInformation
HeapAlloc
GetProcessHeap
HeapFree
CompareStringW
LocalLock
FoldStringW
CloseHandle
lstrcpyW
ReadFile
CreateFileW
lstrcmpiW
GetCurrentProcessId
GetProcAddress
GetCommandLineW
lstrcatW
FindClose
FindFirstFileW
GetFileAttributesW
lstrcmpW
MulDiv
lstrcpynW
LocalSize
GetLastError
WriteFile
SetLastError
WideCharToMultiByte
LocalReAlloc
FormatMessageW
GetUserDefaultUILanguage
GetCurrentProcess
MultiByteToWideChar
UnmapViewOfFile
GetACP
DeleteFileW
SetEndOfFile
GetTimeFormatW

user32

EnableWindow
PeekMessageW
CharLowerW
SetScrollPos
UpdateWindow
RegisterWindowMessageW
PostQuitMessage
SetWindowTextW
LoadIconW
GetFocus
GetDesktopWindow
CreateWindowExW
SetWindowPlacement
LoadCursorW
LoadImageW
RegisterClassExW
GetSystemMenu
LoadAcceleratorsW
LoadStringW
CharUpperW
GetWindowPlacement
IsIconic
GetForegroundWindow
ShowWindow
MessageBeep
DestroyWindow
DefWindowProcW
GetKeyboardLayout
SetActiveWindow
DialogBoxParamW
GetDC
ReleaseDC
SetCursor
GetClientRect
DrawTextExW
CreateDialogParamW
GetWindowTextW
GetSystemMetrics
MoveWindow
WinHelpW
GetDlgCtrlID
ChildWindowFromPoint
SetWinEventHook
GetMessageW
ScreenToClient
GetCursorPos
SendDlgItemMessageW
SendMessageW
CharNextW
PostMessageW
IsDialogMessageW
TranslateAcceleratorW
TranslateMessage
DispatchMessageW
UnhookWinEvent
CheckMenuItem
CloseClipboard
GetParent
EndDialog
GetDlgItemTextW
wsprintfW
SetDlgItemTextW
SetFocus
GetDlgItem
GetWindowLongW
SetWindowLongW
MessageBoxW
IsClipboardFormatAvailable
OpenClipboard
GetMenuState
EnableMenuItem
GetSubMenu
GetMenu
InvalidateRect

advapi32

RegSetValueExW
RegOpenKeyExA
RegQueryValueExA
IsTextUnicode
RegCreateKeyW
RegCloseKey
RegQueryValueExW

msvcrt

wcsncpy

shell32

DragAcceptFiles
DragQueryFileW
DragFinish
ShellAboutW

winmm

mmioOpenA

winspool.drv

OpenPrinterW
GetPrinterDriverW
ClosePrinter

comctl32

CreateStatusWindowW

comdlg32

GetOpenFileNameW
GetSaveFileNameW
GetFileTitleW
ChooseFontW
FindTextW
ReplaceTextW
PrintDlgExW
PageSetupDlgW
CommDlgExtendedError

gdi32

SelectObject
SetMapMode
SetViewportExtEx
SetWindowExtEx
LPtoDP
SetBkMode
GetTextMetricsW
DeleteObject
CreateFontIndirectW
GetDeviceCaps
GetObjectW
GetStockObject
EnumFontsW
StartDocW
TextOutW
GetTextFaceW
SetAbortProc
CreateDCW
GetTextExtentPoint32W
StartPage
DeleteDC
EndDoc
AbortDoc
EndPage

Exports

Exports

dolad

Sections

.code
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 300KB - Virtual size: 296KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 4KB - Virtual size: 1B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6f803fbc33012b07147fce71e2a52dd9

Headers

File Characteristics

Imports

shlwapi

kernel32

user32

advapi32

msvcrt

shell32

winmm

winspool.drv

comctl32

comdlg32

gdi32

Exports

Exports

Sections

.code Size: 32KB - Virtual size: 29KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 300KB - Virtual size: 296KB

.rsrc Size: 4KB - Virtual size: 1B

.rsrc Size: 4KB - Virtual size: 1B

.rdata Size: 4KB - Virtual size: 1B

.rdata Size: 4KB - Virtual size: 1B

.reloc Size: 4KB - Virtual size: 1KB

.code
Size: 32KB - Virtual size: 29KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 300KB - Virtual size: 296KB

.rsrc
Size: 4KB - Virtual size: 1B

.rsrc
Size: 4KB - Virtual size: 1B

.rdata
Size: 4KB - Virtual size: 1B

.rdata
Size: 4KB - Virtual size: 1B

.reloc
Size: 4KB - Virtual size: 1KB