1c15148c6f2c7da95a11035aa834b302_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1c15148c6f2c7da95a11035aa834b302_JaffaCakes118
Size

145KB
MD5

1c15148c6f2c7da95a11035aa834b302
SHA1

74dacbbfd29e0a77106c42bced8814df4177c024
SHA256

3c3db8ba7c8dece9898bd77096137c8cf51b94758e845772cdbda232455684f3
SHA512

3ac31e14e2c5d113719dbad7324b1e471e46432b0b0b598c1d62793e001e9fe1179d5fdaa46ca49c423e7493578fdc3fd41c8f2e8acb315da05ab0b7b98fed95
SSDEEP

3072:7L7uETcUo25jn+3ywbUv4NMsFhxJ6tqVEOZFgeRPo4YvAFV16NCqFjmI:PyEIUBjvwbI6xo0V3QfAF+N3Fi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1c15148c6f2c7da95a11035aa834b302_JaffaCakes118

Files

1c15148c6f2c7da95a11035aa834b302_JaffaCakes118
.exe windows:5 windows x86 arch:x86

798e576d58389b4d29ee5a4236fbd3bb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

user32

GetDoubleClickTime
SetWindowPlacement
BeginPaint
GetUpdateRect
EndDeferWindowPos
AdjustWindowRectEx
CharUpperA
PackDDElParam
SetCapture
GetWindowDC
GetMenu
MapWindowPoints
GetScrollPos
DestroyIcon
OpenIcon
GetSysColor
GetQueueStatus
IsWindowVisible
CharUpperBuffA
DestroyMenu
GetCaretPos
MoveWindow
EnumChildWindows
GetMenuItemID
DrawIcon

msdxnage

ImmUnlockIMC
SdbQueryDataEx
SetPermLayers
Options_RunDLL
ILSaveToStream
DragQueryFileA
ILRemoveLastID
CtfImmGetGuidAtom
SdbQueryData
FindExecutableA
SdbFindNextMsiPackage
SdbGetTagDataSize
CtfImmSetAppCompatFlags
ImmActivateLayout
ImmLockClientImc
SdbReadStringTag
ImmRegisterClient
IsLFNDriveA
ImmProcessKey
RealDriveType
Options_RunDLLA
SdbFindFirstNamedTag
RestartDialogEx
ImmUnlockClientImc
ImmSendIMEMessageExA
RealShellExecuteA
PathIsExe
CtfAImmIsIME
PathCleanupSpec
IsUserAnAdmin
DAD_DragMove
SdbFindFirstMsiPackage_Str
DAD_DragEnterEx2
SdbReadDWORDTagRef
ImmGetIMCCSize
ILCloneFirst
SdbGetStringTagPtr
ImmUnlockIMCC
ILFindChild
CtfImmDispatchDefImeMessage
SdbUnregisterDatabase
SdbRegisterDatabaseEx
Control_RunDLL
SdbQueryFlagInfo
ImmGetIMEFileNameA
ImmLoadIME
IsLFNDrive
SdbTagIDToTagRef
Control_FillCache_RunDLL
ReadCabinetState
ImmIMPSetIMEA
PathResolve
ImmWINNLSGetIMEHotkey

msvcrt

_chdir
__p__fmode
_except_handler3
_ismbblead

gdi32

GetEnhMetaFileBits
Arc
GetNearestColor
GetObjectA
GetClipRgn
SetBkColor
CreatePen
GetClipBox
SetWinMetaFileBits
GetRgnBox
StartPage
SetMapMode
IntersectClipRect
GetTextColor
RestoreDC
OffsetRgn
CloseMetaFile
BitBlt
GetMetaFileBitsEx
RoundRect
GetWindowOrgEx
LineTo
GetDeviceCaps

kernel32

UnhandledExceptionFilter
SetErrorMode
FindNextFileA
WaitForMultipleObjects
LocalAlloc
FindClose
EnterCriticalSection
RaiseException
GetFileSize
VirtualQuery
FindFirstFileA
GetModuleHandleA
LocalFree
GetSystemTimeAsFileTime
CreateFileMappingA
MapViewOfFile
TerminateProcess
InitializeCriticalSection
IsBadWritePtr
GetDriveTypeA
WriteFile
GetCurrentProcessId
CloseHandle
SetUnhandledExceptionFilter
LeaveCriticalSection
CompareStringA
GetCurrentThreadId
UnmapViewOfFile
IsProcessorFeaturePresent

ole32

SetConvertStg
OleGetIconOfClass
OleTranslateAccelerator
StgOpenStorage
StringFromCLSID
OleRegGetUserType
OleLoadFromStream
OleConvertOLESTREAMToIStorage
WriteClassStg
CoLockObjectExternal
OleCreate
OleCreateLinkToFile
OleFlushClipboard
OleSaveToStream
CoFreeUnusedLibraries
CoGetClassObject
OleQueryLinkFromData

advapi32

RegOpenKeyExA
MakeSelfRelativeSD
OpenThreadToken
AllocateAndInitializeSid
SetSecurityDescriptorGroup

Sections

.text
Size: 130KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

798e576d58389b4d29ee5a4236fbd3bb

Headers

DLL Characteristics

File Characteristics

Imports

user32

msdxnage

msvcrt

gdi32

kernel32

ole32

advapi32

Sections

.text Size: 130KB - Virtual size: 132KB

.rdata Size: 4KB - Virtual size: 8KB

.data Size: 6KB - Virtual size: 8KB

.rsrc Size: 3KB - Virtual size: 4KB

.text
Size: 130KB - Virtual size: 132KB

.rdata
Size: 4KB - Virtual size: 8KB

.data
Size: 6KB - Virtual size: 8KB

.rsrc
Size: 3KB - Virtual size: 4KB