173e7f0925f47ff3d9b4af6704a029f3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

173e7f0925f47ff3d9b4af6704a029f3_JaffaCakes118
Size

88KB
MD5

173e7f0925f47ff3d9b4af6704a029f3
SHA1

013f2f4e476324444cd57ba94de91075540252e0
SHA256

198a8254f484f3c09199f97942e7f1173c2d7b52cf88e3402cbf70ce27ad9606
SHA512

3e5683bf681d95da380a0c42c127101269a1b72dab0f381560c97339c0cd370e7aec814b9961a4f3e0c3e33b03fd0d43400be81b639ca09ce3379c2ff996be33
SSDEEP

1536:ZnqEYbEUTYMqo8kbexrjWFUbcVClBx4hwoatub2JhBPe1I:9ibEnMbqxrjcMhZuaR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
173e7f0925f47ff3d9b4af6704a029f3_JaffaCakes118

Files

173e7f0925f47ff3d9b4af6704a029f3_JaffaCakes118
.dll windows:4 windows x86 arch:x86

98da54356699826e45f9f51da2401d35

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WideCharToMultiByte
GetProfileIntW
IsProcessorFeaturePresent
RaiseException
SetSystemTime
MoveFileA
GetAtomNameW
GetModuleFileNameW
FindActCtxSectionGuid
TransmitCommChar
RemoveDirectoryW
TerminateJobObject
AddAtomA
SetFilePointer
GetFileType
DeleteCriticalSection
BackupWrite
QueueUserWorkItem
WaitCommEvent
FindResourceA
GetBinaryTypeA
lstrcmpW
OpenProcess
GetThreadContext
GetWindowsDirectoryW
CreateMailslotA
GetModuleHandleExW
BackupRead
VerSetConditionMask
HeapSetInformation
SetDefaultCommConfigW
GetSystemInfo
IsWow64Process
DeleteFileW
FindFirstVolumeW
GetFileAttributesExA
FindAtomA
CancelWaitableTimer
GetDriveTypeA
FormatMessageA
UnregisterWaitEx
HeapUnlock
GetUserDefaultLCID
GlobalFree
LocalUnlock
DuplicateHandle
ReleaseActCtx
ClearCommError
WaitNamedPipeW
InitializeCriticalSection
PurgeComm
WinExec
SetCommBreak
GetCommMask
TransactNamedPipe
SetHandleCount
GetVolumeInformationW
GetShortPathNameW
GetQueuedCompletionStatus
GetStringTypeA
SetStdHandle
GetStringTypeExA
GetStdHandle
SetCommTimeouts
GetCurrentActCtx
Beep
GetFileAttributesA
LocalLock
GetTapeParameters
MapViewOfFileEx
GetFileSizeEx
LeaveCriticalSection
GetSystemTimeAsFileTime
LoadLibraryA
UnmapViewOfFile
GetVolumeInformationA
InterlockedIncrement
lstrlenW
GetModuleHandleA
GetProcAddress
HeapAlloc
ReleaseMutex
InitializeCriticalSectionAndSpinCount
Sleep
CreateProcessA
GetProcessHeap
GetFullPathNameA
GetTickCount

ole32

SetConvertStg
OleCreateMenuDescriptor
OleDoAutoConvert
CoDisconnectObject
OleRegEnumVerbs
CoReleaseMarshalData
CreateDataCache
OleCreateLink
CoSwitchCallContext
CoGetInterfaceAndReleaseStream
OleCreateLinkFromData
StgCreateDocfile
StgIsStorageFile
CoCreateGuid
CoInitializeEx
OleCreate
IIDFromString
GetHGlobalFromILockBytes
CoFreeUnusedLibrariesEx
OleTranslateAccelerator
CoUninitialize
OleIsRunning

shlwapi

StrTrimW
PathMatchSpecW
PathCanonicalizeW
PathRemoveExtensionW
PathAppendA
StrCmpNW
SHDeleteKeyA
PathFindExtensionA
PathIsPrefixW
PathAddExtensionW
PathIsUNCW
StrCpyNW
StrCmpW
PathBuildRootW
StrFormatKBSizeW
StrStrIW

gdi32

CreateRectRgn
RemoveFontResourceW
SetWorldTransform
GetTextAlign
SwapBuffers
GetTextCharacterExtra
SetTextAlign
SetArcDirection
SelectObject
StretchBlt
SetDIBColorTable
EndPage
GetCharABCWidthsW
GetCharWidthA
GetKerningPairsA
GetRgnBox
GetWorldTransform
GetSystemPaletteUse
PlayEnhMetaFile
GetViewportOrgEx
DeleteMetaFile
TextOutW
AbortPath
GetTextExtentPoint32A
SetStretchBltMode
Ellipse
AddFontResourceA
SetBkColor
ScaleViewportExtEx
SetMiterLimit
LPtoDP
GetTextExtentPointA
CreatePen
EqualRgn
SetBitmapDimensionEx
Arc
CreateRoundRectRgn
PathToRegion
PolyDraw
SetICMMode
SetROP2

Exports

Exports

CRLEventServ

Sections

.text
Size: 64KB - Virtual size: 61KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

98da54356699826e45f9f51da2401d35

Headers

File Characteristics

Imports

kernel32

ole32

shlwapi

gdi32

Exports

Exports

Sections

.text Size: 64KB - Virtual size: 61KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 8KB - Virtual size: 7KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 64KB - Virtual size: 61KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 2KB