1b3af208cae4f92307ffe25e0751b1af_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1b3af208cae4f92307ffe25e0751b1af_JaffaCakes118
Size

34KB
MD5

1b3af208cae4f92307ffe25e0751b1af
SHA1

6f7c656a9c415a2fe700bfb77efce15713a57277
SHA256

7cfdb243bd63d51d2df7163a1380df6f1093ffd84f573b8db10690440c489326
SHA512

0ae5a323a836a78b4d1fcca6fb7d1282bb31b99eff645e459fa747e60c043c0c688b6643df26d1afdc93dc8a53ab7554b7fa2328ee763fa3a2edececd3ebf1ae
SSDEEP

384:mFWYWr8bB98/ZNkS/GvQxBY1vbhcMdBNADzHIa1r/y0AgI3ThmnTTEtEq0Ph:mpWrO2r/Gvjc2NADN1ZwCTEtv0p

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1b3af208cae4f92307ffe25e0751b1af_JaffaCakes118

Files

1b3af208cae4f92307ffe25e0751b1af_JaffaCakes118
.dll windows:6 windows x86 arch:x86

98767b179fc6ff6eb2a1c60a2ae30488

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

atmlib.pdb

Imports

msvcrt

_except_handler4_common
_adjust_fdiv
_amsg_exit
_initterm
_XcptFilter
_ftol2_sse
_stricmp
wcsrchr
_wcsicmp
realloc
calloc
wcsncmp
memmove
memset
iswctype
free
atoi
malloc
wcschr
_vsnwprintf
_vsnprintf

kernel32

SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
InterlockedCompareExchange
Sleep
InterlockedExchange
WaitForMultipleObjects
ReleaseMutex
ResetEvent
ReleaseSemaphore
WaitForSingleObject
SetEvent
MultiByteToWideChar
ReadFile
SetFilePointer
CloseHandle
WriteFile
GetFileSize
CreateFileW
WideCharToMultiByte
GetSystemDefaultLangID
lstrlenW
_lwrite
GetLastError
GetTempPathW
CreateSemaphoreW
CreateEventW
CreateMutexW
GetWindowsDirectoryW
DisableThreadLibraryCalls
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
GetFileInformationByHandle

gdi32

GetGlyphOutlineW
RemoveFontResourceExW
AddFontResourceExW
GetFontResourceInfoW
EnumFontFamiliesExW
GetFontData
NamedEscape

user32

ReleaseDC
PostMessageW
GetDC

advapi32

RegDeleteValueW
RegQueryValueExW
RegOpenKeyExW
RegSetValueExW
RegCloseKey

Exports

Exports

ATMAddFont
ATMAddFontA
ATMAddFontEx
ATMAddFontExA
ATMAddFontExW
ATMAddFontW
ATMBBoxBaseXYShowText
ATMBBoxBaseXYShowTextA
ATMBBoxBaseXYShowTextW
ATMBeginFontChange
ATMClient
ATMEndFontChange
ATMEnumFonts
ATMEnumFontsA
ATMEnumFontsW
ATMEnumMMFonts
ATMEnumMMFontsA
ATMEnumMMFontsW
ATMFinish
ATMFontAvailable
ATMFontAvailableA
ATMFontAvailableW
ATMFontSelected
ATMFontStatus
ATMFontStatusA
ATMFontStatusW
ATMForceFontChange
ATMGetBuildStr
ATMGetBuildStrA
ATMGetBuildStrW
ATMGetFontBBox
ATMGetFontInfo
ATMGetFontInfoA
ATMGetFontInfoW
ATMGetFontPaths
ATMGetFontPathsA
ATMGetFontPathsW
ATMGetGlyphList
ATMGetGlyphListA
ATMGetGlyphListW
ATMGetMenuName
ATMGetMenuNameA
ATMGetMenuNameW
ATMGetNtmFields
ATMGetNtmFieldsA
ATMGetNtmFieldsW
ATMGetOutline
ATMGetOutlineA
ATMGetOutlineW
ATMGetPostScriptName
ATMGetPostScriptNameA
ATMGetPostScriptNameW
ATMGetVersion
ATMGetVersionEx
ATMGetVersionExA
ATMGetVersionExW
ATMInstallSubstFontA
ATMInstallSubstFontW
ATMMakePFM
ATMMakePFMA
ATMMakePFMW
ATMMakePSS
ATMMakePSSA
ATMMakePSSW
ATMProperlyLoaded
ATMRemoveFont
ATMRemoveFontA
ATMRemoveFontW
ATMRemoveSubstFontA
ATMRemoveSubstFontW
ATMSelectEncoding
ATMSelectObject
ATMSetFlags
ATMXYShowText
ATMXYShowTextA
ATMXYShowTextW

Sections

.text
Size: 29KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

98767b179fc6ff6eb2a1c60a2ae30488

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

msvcrt

kernel32

gdi32

user32

advapi32

Exports

Exports

Sections

.text Size: 29KB - Virtual size: 28KB

.data Size: 512B - Virtual size: 1KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 1KB - Virtual size: 1KB

.text
Size: 29KB - Virtual size: 28KB

.data
Size: 512B - Virtual size: 1KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 1KB - Virtual size: 1KB