09917f084026ada29573ce10f47fdcdb_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

09917f084026ada29573ce10f47fdcdb_JaffaCakes118
Size

18KB
MD5

09917f084026ada29573ce10f47fdcdb
SHA1

d6bcd3f3e6ad5302999c790391ef0777117a7c19
SHA256

ded3262e43384fcae6a4bd1769e6e7462b898a37ba88135ec2380408d534517b
SHA512

db6c39bf50e947fdee9b2cf036dd81398464edda6441b48089d335b3a2a90dfc502dc9fae4e1d5c5a277a22ac7355688422229fe02ef3f6400f188dce3a30522
SSDEEP

384:MKFp6sPYwjRiu5on4qQKHjWPEk1RmsF4O2I8ayCUg968DRxBo:Hp6wj0YqQsalmsFCI8ayCUUo

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
09917f084026ada29573ce10f47fdcdb_JaffaCakes118

Files

09917f084026ada29573ce10f47fdcdb_JaffaCakes118
.dll windows:4 windows x86 arch:x86

bd4a4eca1a1c1b282715a4eac975c278

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetThreadPriorityBoost
GetConsoleCursorInfo
CreateMailslotW
FindFirstVolumeMountPointW
GetThreadPriority
SetFilePointerEx
GetThreadContext
UnlockFileEx
CallNamedPipeA
GetLastError
AreFileApisANSI
SetConsoleCursorInfo
WriteConsoleOutputA
GlobalCompact
GetCommProperties
lstrcat
GetStartupInfoW
BackupSeek
GlobalSize
EraseTape
RtlZeroMemory
GetThreadLocale
BuildCommDCBAndTimeoutsW
GetConsoleTitleA
SetConsoleCursor

msvcrt

div
_filelength
__p___argc
_mbsicoll
abs
qsort
putwchar
_CIsinh
_wperror
??9type_info@@QBEHABV0@@Z
__unguarded_readlc_active
setbuf
_mbsnset
_getdrive
_commode
_wmakepath
_wstat
fread
ungetwc
_get_sbh_threshold
_futime
_fcvt
_wcsicmp
_wfindfirsti64
??0bad_typeid@@QAE@ABV0@@Z

gdi32

GetTextFaceAliasW
EngUnlockSurface
SetWorldTransform
GetColorSpace
GdiGetLocalBrush
StartFormPage
GetViewportOrgEx
EndDoc
GdiInitSpool
PolyTextOutW
GdiQueryFonts
GetCharABCWidthsFloatW
GdiTransparentBlt
bInitSystemAndFontsDirectoriesW
EngFindResource
GdiEntry9
SetDIBColorTable
GetGlyphOutlineWow
GetCharWidth32A
CloseFigure

user32

CreateWindowExA
RemovePropA
GetAppCompatFlags2
CharLowerA
IsCharAlphaNumericA
CreateDesktopW
DdeGetData
ReplyMessage
GetWindowThreadProcessId
GetWindowRect
ScrollChildren
LoadLocalFonts
DdeUnaccessData
LoadKeyboardLayoutW
GetDlgItemTextW
IsRectEmpty
SetWindowPlacement
CreateDialogParamW
InSendMessageEx
RedrawWindow
CreateMenu
GetWindowModuleFileName
MenuItemFromPoint
RegisterWindowMessageA
LookupIconIdFromDirectoryEx
MessageBeep

shlwapi

PathCommonPrefixA
PathCombineW
SHRegGetUSValueA
StrToIntW
StrChrA
StrStrIA
PathIsLFNFileSpecW
ColorHLSToRGB
SHRegCreateUSKeyA
PathIsURLA
PathGetCharTypeW
PathIsSystemFolderW
AssocQueryStringByKeyW
PathIsSameRootA
SHRegGetBoolUSValueW
AssocQueryKeyA
UrlCombineW
UrlEscapeA
SHRegEnumUSValueW
SHCreateStreamOnFileA
StrCpyW
SHRegCloseUSKey
SHRegWriteUSValueA
PathIsFileSpecW

Exports

Exports

BrkYaskaRi
ScaJyxxuRsl
QrwHqqjlcsJlmgJctde
Tdstqx
JzaqbjhBudcuu
TtIarnpYtu
DvIfzdDvl
CueVejybxWrqtbxDcfw
QqlzqdeQwennEpomprf

Sections

.text
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 16B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bd4a4eca1a1c1b282715a4eac975c278

Headers

File Characteristics

Imports

kernel32

msvcrt

gdi32

user32

shlwapi

Exports

Exports

Sections

.text Size: 5KB - Virtual size: 4KB

.rdata Size: 3KB - Virtual size: 2KB

.data Size: 8KB - Virtual size: 8KB

.reloc Size: 512B - Virtual size: 16B

.text
Size: 5KB - Virtual size: 4KB

.rdata
Size: 3KB - Virtual size: 2KB

.data
Size: 8KB - Virtual size: 8KB

.reloc
Size: 512B - Virtual size: 16B