05eaaa075890cca3fdb3c6f5d9ae6e77_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

05eaaa075890cca3fdb3c6f5d9ae6e77_JaffaCakes118
Size

837KB
MD5

05eaaa075890cca3fdb3c6f5d9ae6e77
SHA1

26ea4ca17910c298d4f4eeacf2ba4569e5a33ff8
SHA256

24ac8f7d7939146b273e7b38cbcf95fe4a7b84b317c12a4ec29bd4542732fcfc
SHA512

afa54b722ec409c68be88eac0bbeec0a9909f325aaea617e1af4cfac2ce6dd1f69e8bf803f6f6d8ffc9232eed846f013d12bf86ff85b0763a48d31c903e7d0de
SSDEEP

24576:/57mmP1TAFfEnHeEH+ZxeYnC2U53ncyWiSBBuN9B:/BRP10FMpYxwcxBy

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
05eaaa075890cca3fdb3c6f5d9ae6e77_JaffaCakes118

Files

05eaaa075890cca3fdb3c6f5d9ae6e77_JaffaCakes118
.dll windows:5 windows x86 arch:x86

803a77cc61e748aa56ba201513c33752

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCurrentDirectoryA
VirtualProtect
GetConsoleOutputCP

user32

GetMessagePos
GrayStringW
GetNextDlgTabItem
InvalidateRgn
GetDlgItem
IsDialogMessageW
SendMessageW
GetCursorPos
GetMessageTime
SetWindowTextW
AppendMenuW
CreateWindowExW
GetWindowThreadProcessId
UnhookWindowsHookEx
InvalidateRect
AllowSetForegroundWindow
GetWindowInfo
PostThreadMessageW
SetActiveWindow
InflateRect
SetWindowPlacement
GetFocus
CharUpperW
GetClassNameW
UpdateWindow
GetForegroundWindow
BeginPaint
SetFocus
SetCursorPos
GetMessageW
RegisterClipboardFormatW
GetClassLongW
MessageBoxW
TrackPopupMenu
MapWindowPoints
DefWindowProcW
EndPaint
CheckMenuItem
RedrawWindow
GetSysColor
GetClassInfoW
GetSubMenu
IsChild
GetActiveWindow
GetNextDlgGroupItem
OffsetRect
EndDialog
GetClassInfoExW
MapDialogRect
PeekMessageW
KillTimer
GetMenu

gdi32

CreateFontIndirectW
GetTextColor
SaveDC
MoveToEx
GetTextExtentPoint32W
PtVisible
GetMapMode
SetMapMode
SetPixel
Escape
GetDeviceCaps
DeleteObject
CreatePen
CreateRectRgnIndirect
CreateSolidBrush
RestoreDC
ScaleViewportExtEx
SetViewportOrgEx
DPtoLP
GetBkColor
ExtSelectClipRgn
RectVisible
PatBlt
SetBkMode
CreateBitmap
Polyline
BitBlt
CreateBitmapIndirect
TextOutW
CreateCompatibleBitmap
ExcludeClipRect
GetRgnBox
GetClipBox
GetViewportExtEx
StretchDIBits
SelectPalette
GetWindowExtEx
SetBkColor
ScaleWindowExtEx
LineTo
SetStretchBltMode
SetWindowExtEx
SelectObject
GetPixel
OffsetViewportOrgEx
GetStockObject
ExtTextOutW
CreateCompatibleDC
SetViewportExtEx
StretchBlt
GetObjectW
SetTextColor
DeleteDC

comdlg32

GetFileTitleW

advapi32

RegDeleteValueW
RegQueryValueW
RegEnumKeyW
StartServiceW
RegQueryValueExW
RegCreateKeyExW
RegOpenKeyW
RegOpenKeyExW
RegCloseKey
RegSetValueExW
LookupPrivilegeValueW
RegEnumKeyExW
AdjustTokenPrivileges
OpenProcessToken
RegNotifyChangeKeyValue
CloseServiceHandle
OpenServiceW
RegCreateKeyW
OpenSCManagerW
RegDeleteKeyW

shell32

Shell_NotifyIconW
ShellExecuteW
SHGetFolderPathW

ole32

CoTaskMemAlloc
OleIsCurrentClipboard
CreateStreamOnHGlobal
CoRegisterMessageFilter
OleUninitialize
CoUninitialize
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromProgID
CoInitialize
OleInitialize
CoTaskMemFree
CoFreeUnusedLibraries
CLSIDFromString
CoRevokeClassObject
OleFlushClipboard
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
CoCreateInstance
PropVariantClear

shlwapi

PathFindFileNameW
PathIsUNCW
PathFindExtensionW
PathStripToRootW

winmm

PlaySoundW
waveInStart
waveInClose
waveInGetNumDevs
waveInStop
waveInReset
waveInAddBuffer
waveInUnprepareHeader
waveInPrepareHeader
waveInOpen
waveInGetDevCapsW

rpcrt4

UuidCreate

setupapi

SetupDiGetClassDevsW
SetupDiEnumDeviceInterfaces
SetupDiGetDeviceInterfaceDetailW
SetupDiDestroyDeviceInfoList

gdiplus

GdipDrawImageRectRect
GdipFlush
GdipMeasureString
GdipCloneBrush
GdipCreateFontFamilyFromName
GdipFillRectangleI
GdipDrawString
GdipCreateBitmapFromScan0
GdipDisposeImage
GdipAlloc
GdipDrawImagePointRectI
GdipDeleteFontFamily
GdipDeleteGraphics
GdipDrawImageI
GdipCreateBitmapFromStream
GdipCreateHBITMAPFromBitmap
GdipDrawImageRect
GdipDeleteFont
GdiplusStartup
GdipDeleteBrush
GdipCreateBitmapFromHBITMAP
GdipDrawImageRectI
GdipCreateSolidFill
GdipCreateFont
GdipCloneImage
GdipSetTextRenderingHint
GdipCreateBitmapFromGraphics
GdipCreateFromHDC
GdipFree
GdipImageRotateFlip
GdipGetImageHeight
GdipGetImageGraphicsContext
GdipGetGenericFontFamilySansSerif
GdipGetFontSize
GdipGetImageWidth
GdipGetImageBounds
GdipCreateBitmapFromResource
GdipFillRectangle

msvcrt

exit

oleacc

ObjectFromLresult

esent

JetMove
JetTerm

Sections

.text
Size: 148KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.55
Size: - Virtual size: 150KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 828B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.aa
Size: 302KB - Virtual size: 301KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bb
Size: 143KB - Virtual size: 142KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.cc
Size: 512B - Virtual size: 26B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.a46
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.asshole
Size: 228KB - Virtual size: 228KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 720B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

803a77cc61e748aa56ba201513c33752

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

shlwapi

winmm

rpcrt4

setupapi

gdiplus

msvcrt

oleacc

esent

Sections

.text Size: 148KB - Virtual size: 148KB

.55 Size: - Virtual size: 150KB

.rdata Size: 6KB - Virtual size: 6KB

.data Size: 512B - Virtual size: 828B

.aa Size: 302KB - Virtual size: 301KB

.bb Size: 143KB - Virtual size: 142KB

.cc Size: 512B - Virtual size: 26B

.a46 Size: 2KB - Virtual size: 1KB

.asshole Size: 228KB - Virtual size: 228KB

.rsrc Size: 1024B - Virtual size: 720B

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 148KB - Virtual size: 148KB

.55
Size: - Virtual size: 150KB

.rdata
Size: 6KB - Virtual size: 6KB

.data
Size: 512B - Virtual size: 828B

.aa
Size: 302KB - Virtual size: 301KB

.bb
Size: 143KB - Virtual size: 142KB

.cc
Size: 512B - Virtual size: 26B

.a46
Size: 2KB - Virtual size: 1KB

.asshole
Size: 228KB - Virtual size: 228KB

.rsrc
Size: 1024B - Virtual size: 720B

.reloc
Size: 4KB - Virtual size: 3KB