0f5db0aebac0347ce524c39b07cd0d8b_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0f5db0aebac0347ce524c39b07cd0d8b_JaffaCakes118
Size

589KB
MD5

0f5db0aebac0347ce524c39b07cd0d8b
SHA1

559831d892a32bb152738b55d17bd4f63cdc2504
SHA256

52533ac0dfcdffbb141f86465fbfdb6be47ecc260d2995c17db47393a6cbfb93
SHA512

7b0f9559c275d42e7fecec3629a297eb565ab83dc3b69b0d13417ffbed830b1046ce650297a8d954a279150922a0ca5e4125835441899eac71dad0938e0e7a42
SSDEEP

6144:1VYHw+CkjBeH2MNaFdTRLSO20Oc40jtO0IpCJM93d5ox1AictU49CW:vYHwfCa22E4l4xkyW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f5db0aebac0347ce524c39b07cd0d8b_JaffaCakes118

Files

0f5db0aebac0347ce524c39b07cd0d8b_JaffaCakes118
.dll regsvr32 windows:5 windows x86 arch:x86

fcc3a0f78f6e12000dc0d184359c26a3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

WMM2FXA.pdb

Imports

msvcrt

_except_handler3
?terminate@@YAXXZ
??1type_info@@UAE@XZ
wcslen
wcspbrk
_finite
_CxxThrowException
__CxxFrameHandler
??2@YAPAXI@Z
wcscmp
free
realloc
_onexit
__dllonexit
_adjust_fdiv
malloc
_initterm
floor
_HUGE
iswspace
wcschr
time
srand
rand
memmove
wcsstr
_ftol
_wcsicmp
_purecall
??3@YAXPAX@Z

kernel32

LoadLibraryA
lstrlenW
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
DeleteCriticalSection
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
CloseHandle
CreateEventW
GetShortPathNameW
GetModuleFileNameW
GetTickCount
MultiByteToWideChar
InterlockedDecrement
lstrcmpW
lstrcpyW
HeapDestroy
lstrcatW
FreeLibrary
GetProcAddress
LoadLibraryW
DisableThreadLibraryCalls
QueryPerformanceFrequency
QueryPerformanceCounter
lstrcmpiW
GlobalFree
GetLastError
GlobalAlloc
GetFileAttributesW
SetErrorMode
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetWindowsDirectoryA
GetVersionExA
CreateFileA
GetFileSize
CreateFileMappingA
MapViewOfFile
DeleteFileA
UnmapViewOfFile
InterlockedIncrement

oleaut32

SysFreeString
SysAllocStringLen
SysAllocString
VariantClear
VariantCopy
VariantChangeType
VariantChangeTypeEx
LoadTypeLi
SysStringLen
LoadRegTypeLi
RegisterTypeLi

user32

LoadStringW
CharNextW
LoadImageW
SetRect
wsprintfA
ClientToScreen
LoadIconA
LoadCursorA
UnregisterClassA
GetClientRect
DrawTextA
DestroyWindow
RegisterClassA
CreateWindowExA
GetDC
ReleaseDC
DefWindowProcA
GetSysColor

ole32

CoTaskMemAlloc
CoCreateFreeThreadedMarshaler
CoCreateInstance

gdi32

GetObjectW
GetObjectA
CreateCompatibleDC
SelectObject
StretchBlt
DeleteDC
SetBkMode
SetTextColor
DeleteObject
GetPaletteEntries
GetStockObject

winmm

timeGetTime

gdiplus

GdipCreatePath
GdipDeletePath
GdipSetPathGradientCenterColor
GdipGetPathGradientPointCount
GdipSetPathGradientSurroundColorsWithCount
GdipGetPathWorldBounds
GdipCreateFontFamilyFromName
GdipGetGenericFontFamilySansSerif
GdipDeleteFontFamily
GdipDeleteFont
GdipGetImageWidth
GdipGetImageHeight
GdipSetImageAttributesColorMatrix
GdipSetImageAttributesWrapMode
GdipCreateMatrix
GdipTranslateMatrix
GdipSetLineBlend
GdipCreateSolidFill
GdipCreateTextureIA
GdipCreateLineBrush
GdipSetPenLineJoin
GdipSetStringFormatFlags
GdipSetStringFormatAlign
GdipSetStringFormatLineAlign
GdipSetStringFormatTrimming
GdipAddPathRectangle
GdipAddPathEllipse
GdipAddPathPolygonI
GdipDeleteStringFormat
GdipTransformPath
GdipWarpPath
GdipCreatePathGradientFromPath
GdipResetWorldTransform
GdipTranslateWorldTransform
GdipScaleWorldTransform
GdipRotateWorldTransform
GdipSetPageUnit
GdipDeletePen
GdipGraphicsClear
GdipFillRectangle
GdipFillPath
GdipDrawString
GdipMeasureString
GdipDrawImageRect
GdipDrawImageRectI
GdipGetFamilyName
GdipIsStyleAvailable
GdipCreateFontFromDC
GdipCreateFontFromLogfontA
GdipCreateFont
GdipGetFamily
GdipGetFontSize
GdipCloneBrush
GdipCreateMatrix2
GdipSetWorldTransform
GdipDrawImageI
GdipCloneStringFormat
GdipAddPathString
GdipCreateStringFormat
GdipSetLineColors
GdipTranslateTextureTransform
GdipDeleteBrush
GdipDeleteMatrix
GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipCloneImage
GdipFree
GdipCreateBitmapFromScan0
GdipCreateBitmapFromFileICM
GdipCreateBitmapFromFile
GdipDisposeImage
GdipAlloc
GdipDrawImageRectRect
GdipSetPixelOffsetMode
GdipSetSmoothingMode
GdipSetInterpolationMode
GdipSetTextRenderingHint
GdipDeleteGraphics
GdipDrawPath
GdipCreatePen2
GdipScaleMatrix
GdipGetImageGraphicsContext

dxtrans

?DXOverArrayMMX@@YGXPAVDXPMSAMPLE@@PBV1@K@Z
?DXDitherArray@@YGXPBUDXDITHERDESC@@@Z

ddraw

DirectDrawCreateEx

msimg32

TransparentBlt
AlphaBlend

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 198KB - Virtual size: 198KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 6KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 363KB - Virtual size: 362KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fcc3a0f78f6e12000dc0d184359c26a3

Headers

File Characteristics

PDB Paths

Imports

msvcrt

kernel32

oleaut32

user32

ole32

gdi32

winmm

gdiplus

dxtrans

ddraw

msimg32

Exports

Exports

Sections

.text Size: 198KB - Virtual size: 198KB

.data Size: 6KB - Virtual size: 7KB

.rsrc Size: 363KB - Virtual size: 362KB

.reloc Size: 21KB - Virtual size: 20KB

.text
Size: 198KB - Virtual size: 198KB

.data
Size: 6KB - Virtual size: 7KB

.rsrc
Size: 363KB - Virtual size: 362KB

.reloc
Size: 21KB - Virtual size: 20KB