21bf92b44421bc07d41cad0e139ce305_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

21bf92b44421bc07d41cad0e139ce305_JaffaCakes118
Size

232KB
MD5

21bf92b44421bc07d41cad0e139ce305
SHA1

949848aaa085ff0aa681a15bb8a8b3aaf90a9fbd
SHA256

e533c2eb3f1f1cabd111d98e1e28d8303553ea791cdb36dc9c43dcde6215c880
SHA512

bc459b66ce537d44a977bd695c228becabc8edbd0df39a97bb5d67f93a15f82abdd9e3e843cbd7a25d3e7e87b65018f19299054d33ca046c0e2bc5177d2e3fdb
SSDEEP

6144:NsB74dCBIYp+z7E02MyGc4awBCqRpimXeSQRWQEXn44:y4QBIY8rc+JRDeR4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
21bf92b44421bc07d41cad0e139ce305_JaffaCakes118

Files

21bf92b44421bc07d41cad0e139ce305_JaffaCakes118
.dll windows:4 windows x86 arch:x86

53a2f40859aa76e395921a6c8936cf00

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WideCharToMultiByte
UnhandledExceptionFilter
TerminateProcess
Sleep
SetUnhandledExceptionFilter
ReadFile
MultiByteToWideChar
MulDiv
LoadLibraryW
InterlockedIncrement
HeapCreate
HeapAlloc
GlobalLock
GlobalGetAtomNameW
GlobalAddAtomW
GetVersionExA
GetVersion
GetUserDefaultLCID
GetTimeFormatW
GetModuleHandleA
GetLocalTime
GetDateFormatW
GetCurrentProcessId
GetCommandLineA
CloseHandle
CreateEventW
DeleteAtom
ExitProcess
FindResourceW
FreeLibrary
AddAtomW

user32

GetDlgItem
GetParent
GetWindowLongW
IsChild
AppendMenuW
CharToOemA
DialogBoxParamW
DispatchMessageW
GetCapture
GetClassInfoW
GetDesktopWindow
TranslateMessage
SetTimer
SetRectEmpty
SendMessageTimeoutW
SendDlgItemMessageW
ReleaseCapture
PeekMessageW
OemToCharBuffA
MsgWaitForMultipleObjects
KillTimer
GetMonitorInfoW

ole32

CoTaskMemFree
CreateILockBytesOnHGlobal
OleInitialize
OleRegGetUserType
OleUninitialize
ReadClassStg
ReleaseStgMedium
StgCreateDocfileOnILockBytes
StringFromCLSID
CLSIDFromString

shell32

ShellAboutW
SHGetSpecialFolderPathW
SHGetSettings
DragQueryFileW
DragFinish
ShellExecuteExW

shlwapi

PathFindFileNameW

gdi32

EnumFontFamiliesExW
EnumFontFamiliesW
Escape
ExtTextOutW
GetBkColor
GetDeviceCaps
GetObjectW
GetPaletteEntries
GetStockObject
GetTextColor
GetTextExtentPoint32W
DeleteObject
PtVisible
RectVisible
Rectangle
ScaleWindowExtEx
SelectObject
SetBkMode
SetDCBrushColor
SetPixel
SetTextColor
TextOutW
DPtoLP
CreateSolidBrush
CreatePen
BitBlt
CreateCompatibleDC
CreateDCW
CreateFontIndirectW
GetTextMetricsW
CreateICW

msvcrt

__set_app_type
__p__commode
__wgetmainargs
_c_exit
_cexit
_controlfp
_except_handler3
_exit
_ftol
_onexit
_vsnwprintf
_wcmdln
_wcsicmp
exit
iswspace
memmove
setlocale
wcscmp
__dllonexit
_XcptFilter
__setusermatherr

advapi32

RegCloseKey
RegDeleteKeyW
RegOpenKeyExA
RegOpenKeyExW
RegQueryValueExA
RegQueryValueExW
RegSetValueExW
RegCreateKeyExW

comdlg32

GetOpenFileNameW
GetSaveFileNameW
CommDlgExtendedError
ChooseFontW

Exports

Exports

AddDataToImageItem
ConvertToCIFFJPEG
GetIIMInfoCount
GetMCCustomSetNumberCount
ImportDataTrackFromMediumDriver

Sections

.text
Size: 148KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

53a2f40859aa76e395921a6c8936cf00

Headers

File Characteristics

Imports

kernel32

user32

ole32

shell32

shlwapi

gdi32

msvcrt

advapi32

comdlg32

Exports

Exports

Sections

.text Size: 148KB - Virtual size: 148KB

.data Size: 72KB - Virtual size: 128KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 148KB - Virtual size: 148KB

.data
Size: 72KB - Virtual size: 128KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 4KB