267aa0f6d02c470db4951b3d9b80d8f7_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

267aa0f6d02c470db4951b3d9b80d8f7_JaffaCakes118
Size

475KB
MD5

267aa0f6d02c470db4951b3d9b80d8f7
SHA1

a9627760018699a0ce48499fd58b43e3d33c51c7
SHA256

da031faf0a918be7bf90705dac2ce63cfda65226360202ac1d53a6849592e9b3
SHA512

cf0ab54048b096bf05bc4f222473a962f2e18133e195165b582f041ee3b38536cc4e67a49dcc762c838aaeafcd164d63765ac42d58762db9f21217c12bc4eff6
SSDEEP

3072:rZnBbPe1aHYouWDfsppnwh2l4kdQXHq7pkOoAR:9JCeTfspV/l4kmXqqOoA

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
267aa0f6d02c470db4951b3d9b80d8f7_JaffaCakes118

Files

267aa0f6d02c470db4951b3d9b80d8f7_JaffaCakes118
.dll windows:4 windows x86 arch:x86

11f1a73b190c12f534eff8a5c7e4f9b9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProcAddress
LoadLibraryA
VirtualAlloc
VirtualProtect
GetCurrentThread
GetLastError
lstrlenA
GetProcessId
VerLanguageNameW
EnumDateFormatsW

user32

GetKeyboardType
GetWindowThreadProcessId
GetGUIThreadInfo
ReleaseCapture
ReleaseDC
GetWindowDC
ChangeDisplaySettingsA
GetRawInputDeviceInfoA
GetClipboardOwner
DlgDirSelectComboBoxExA

gdi32

GetHFONT
DdEntry54
Polygon

msimg32

TransparentBlt
AlphaBlend
DllInitialize

oledlg

OleUIInsertObjectA
OleUIAddVerbMenuA
OleUIPromptUserW
OleUIBusyA

advapi32

GetServiceKeyNameA
LogonUserW
ControlTraceA
LookupAccountNameA

gdiplus

GdipGetFontSize
GdipCloneBitmapArea
GdipDeleteMatrix
GdipCloneRegion
GdipCreateBitmapFromGdiDib

oleaut32

VarSub
ClearCustData
VarFormatDateTime
VarI1FromDate
VarCyInt
VarPow
VarUI4FromUI1

winspool.drv

AddPrinterW
AdvancedDocumentPropertiesA
DeviceCapabilitiesA

comctl32

InitializeFlatSB
ImageList_Draw

imagehlp

ReBaseImage
SymFindFileInPath

version

VerQueryValueA
GetFileVersionInfoSizeW
VerInstallFileW

winmm

waveOutGetPitch
waveInGetErrorTextW
mixerGetDevCapsA
midiInReset
midiOutOpen
joySetCapture
mciFreeCommandResource

comdlg32

ChooseColorA
FindTextA

oleacc

ObjectFromLresult
CreateStdAccessibleProxyW
DllCanUnloadNow

ole32

WriteClassStm
CoMarshalHresult
HMETAFILEPICT_UserMarshal

Exports

Exports

GetSound

Sections

.text
Size: 93KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.edata
Size: 512B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 19KB - Virtual size: 69.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdatat
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.gksm
Size: 276KB - Virtual size: 276KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

11f1a73b190c12f534eff8a5c7e4f9b9

Headers

File Characteristics

Imports

kernel32

user32

gdi32

msimg32

oledlg

advapi32

gdiplus

oleaut32

winspool.drv

comctl32

imagehlp

version

winmm

comdlg32

oleacc

ole32

Exports

Exports

Sections

.text Size: 93KB - Virtual size: 92KB

.edata Size: 512B - Virtual size: 112B

.data Size: 1KB - Virtual size: 4KB

.data Size: 19KB - Virtual size: 69.0MB

.rdatat Size: 3KB - Virtual size: 2KB

.rsrc Size: 68KB - Virtual size: 68KB

.gksm Size: 276KB - Virtual size: 276KB

.text
Size: 93KB - Virtual size: 92KB

.edata
Size: 512B - Virtual size: 112B

.data
Size: 1KB - Virtual size: 4KB

.data
Size: 19KB - Virtual size: 69.0MB

.rdatat
Size: 3KB - Virtual size: 2KB

.rsrc
Size: 68KB - Virtual size: 68KB

.gksm
Size: 276KB - Virtual size: 276KB