18360dd8713ea49210fb0d2c47975e50_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

18360dd8713ea49210fb0d2c47975e50_JaffaCakes118
Size

372KB
MD5

18360dd8713ea49210fb0d2c47975e50
SHA1

7e8899fb95d70a7ea270554b863a659785dbcf82
SHA256

69c53b0b3dd16be0c1100ee1ea9d374bc02f1ca5b8ad691d828f7f98edec0489
SHA512

639932b02b147b4fe763cdb0fead51148722dee9bc2bd5637eb668fe7e5f9ea8b5a42cf6226318557c17cfac83e8787baa0acc6f2c46e5d51f79ef080fbeb8b2
SSDEEP

6144:fSidD4CV4CQMc9qL2xICR7akO0gvluKvo:f/4CV4Crc9qSxICR7dsvcK

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
18360dd8713ea49210fb0d2c47975e50_JaffaCakes118

Files

18360dd8713ea49210fb0d2c47975e50_JaffaCakes118
.dll windows:4 windows x86 arch:x86

6648be260f190ec7664f79533ea4ccbb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ltkrn14n

ord116
ord133
ord120
ord145
ord124
ord125
ord117
ord134
ord169
ord212
ord218
ord308
ord285
ord283
ord171
ord139

ltdis14n

ord118
ord119
ord132
ord138
ord122
ord184
ord164

ltimg14n

ord134
ord133
ord132

kernel32

GetModuleHandleA
ExitProcess
TerminateProcess
GetCurrentProcess
GetModuleFileNameA
GetEnvironmentVariableA
GetVersionExA
LoadLibraryA
GetProcAddress
RtlUnwind
FreeLibrary
GlobalAlloc
GlobalLock
GlobalHandle
GlobalUnlock
GlobalFree
QueryPerformanceFrequency
QueryPerformanceCounter
HeapDestroy
HeapCreate
VirtualFree
HeapFree
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
WideCharToMultiByte
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
HeapAlloc
VirtualAlloc
HeapReAlloc
GetCPInfo
GetACP
GetOEMCP
MultiByteToWideChar
GetStringTypeA
GetStringTypeW
LCMapStringA
LCMapStringW
RaiseException
GetVersion
GetCommandLineA

user32

IsRectEmpty
OffsetRect
DrawTextA
SetRect
ScrollDC
IntersectRect
InflateRect

gdi32

SetBkMode
GetClipBox
SetStretchBltMode
CreateDCA
CreateEllipticRgn
CombineRgn
StretchBlt
GetBitmapBits
RealizePalette
SetPixel
RoundRect
Rectangle
OffsetRgn
PaintRgn
FrameRgn
Pie
CreatePatternBrush
GetNearestColor
CreateBrushIndirect
SetPolyFillMode
UnrealizeObject
SetBrushOrgEx
CreatePalette
SelectPalette
BeginPath
CloseFigure
EndPath
SelectClipPath
GetCurrentObject
GetTextExtentPoint32A
ExtTextOutA
CreateFontIndirectA
SetTextAlign
GetTextColor
CreateBitmap
SetTextColor
CreateHatchBrush
SetBkColor
SaveDC
CreateRectRgn
GetStockObject
Ellipse
RestoreDC
PatBlt
GetObjectA
GetPixel
Polygon
GetDIBits
BitBlt
SetBitmapBits
LineTo
MoveToEx
SelectObject
CreatePen
DeleteObject
FillRgn
CreateSolidBrush
CreatePolygonRgn
SelectClipRgn
DeleteDC
CreateCompatibleBitmap
CreateCompatibleDC
SetDIBits
CreateDIBSection

Exports

Exports

DllMain
L_EfxDraw3dShape
L_EfxDraw3dText
L_EfxDrawFrame
L_EfxDrawRotated3dText
L_EfxEffectBlt
L_EfxGradientFillRect
L_EfxPaintBitmap
L_EfxPaintTransition
L_EfxPatternFillRect
L_PaintDCEffect
L_PaintRgnDCEffect

Sections

.text
Size: 236KB - Virtual size: 233KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 100KB - Virtual size: 99KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6648be260f190ec7664f79533ea4ccbb

Headers

File Characteristics

Imports

ltkrn14n

ltdis14n

ltimg14n

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 236KB - Virtual size: 233KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 12KB - Virtual size: 12KB

.rsrc Size: 100KB - Virtual size: 99KB

.reloc Size: 12KB - Virtual size: 8KB

.text
Size: 236KB - Virtual size: 233KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 12KB - Virtual size: 12KB

.rsrc
Size: 100KB - Virtual size: 99KB

.reloc
Size: 12KB - Virtual size: 8KB