2456fa976fd0c2c985f9376ee141e313_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2456fa976fd0c2c985f9376ee141e313_JaffaCakes118
Size

368KB
MD5

2456fa976fd0c2c985f9376ee141e313
SHA1

052e961ef3b01cb8edd4c5d5903539497bfedeb9
SHA256

77e132bb5576c185aa2e440a29a0bbdfe285a832d01c8976110447efb439141b
SHA512

1550da333e49b77e1d5615db4df1ce157621bb9ab03642ea6dcd6e2aadae7429d629e60e636c78287a2fd901990b7734b32854f914a99e8f12f2fd731e802b9c
SSDEEP

6144:pugp6/wzSkFWAWbjYnGTsvdOWXd6rKnoL7/Wg/rUgCcFm1gFUZ0/BQJFbTvwoAh4:puz/+1HGmFbjwNT+cV0SNBKiJ1V

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2456fa976fd0c2c985f9376ee141e313_JaffaCakes118

Files

2456fa976fd0c2c985f9376ee141e313_JaffaCakes118
.dll windows:4 windows x86 arch:x86

83950f0b697bac8b2e93952a99cfd366

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
LoadLibraryExA
LoadResource
LockResource
MulDiv
MultiByteToWideChar
QueryPerformanceCounter
RaiseException
SetLastError
SizeofResource
GetProcAddress
VirtualFree
VirtualProtect
WideCharToMultiByte
lstrcmpA
LeaveCriticalSection
lstrcpynA
lstrlenA
lstrlenW
GetModuleHandleA
GetModuleFileNameA
GetLocaleInfoA
GetLastError
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GetACP
FreeLibrary
FlushInstructionCache
FindResourceA
IsProcessorFeaturePresent
IsDBCSLeadByte
InterlockedIncrement
InterlockedExchange
InterlockedDecrement
InterlockedCompareExchange
InitializeCriticalSection
HeapFree
HeapAlloc
GlobalUnlock
GlobalLock
GlobalHandle
GlobalFree
GlobalAlloc
GetVersionExA
GetTickCount
GetThreadLocale
GetSystemTimeAsFileTime
GetProcessPriorityBoost
lstrcmpiA
DeleteCriticalSection
GetProcessHeap
ExitProcess
EnterCriticalSection
DisableThreadLibraryCalls
VirtualAlloc

advapi32

RegQueryValueExA
RegCreateKeyExA
RegDeleteKeyA
RegDeleteValueA
RegEnumKeyExA
RegSetValueExA
RegCloseKey
RegQueryInfoKeyA
RegOpenKeyExA

ole32

CoCreateInstance
CoGetClassObject
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc
CreateStreamOnHGlobal
OleInitialize
OleLockRunning
OleUninitialize
StringFromGUID2
CLSIDFromProgID
CLSIDFromString

shell32

ShellExecuteA

oleaut32

VariantInit
VariantClear
VarUI4FromStr
SysStringLen
SysFreeString
SysAllocStringLen
SysAllocString
OleCreateFontIndirect
LoadTypeLi
LoadRegTypeLi
SysStringByteLen

ddraw

DirectDrawEnumerateA
GetDDSurfaceLocal
DDGetAttachedSurfaceLcl

gdi32

BitBlt
CreateCompatibleDC
CreateFontIndirectA
CreateSolidBrush
DPtoLP
DeleteDC
DeleteObject
GetDeviceCaps
GetObjectA
GetStockObject
ModifyWorldTransform
RestoreDC
SaveDC
SelectObject
SetBkMode
SetGraphicsMode
SetTextColor
SetViewportOrgEx
SetWindowOrgEx
CreateCompatibleBitmap

user32

wsprintfA
UnregisterClassA
SetWindowTextA
SetWindowPos
SetWindowLongA
SetWindowContextHelpId
SetFocus
SetCursor
SetCapture
SendMessageA
ReleaseDC
BeginPaint
CallWindowProcA
CreateAcceleratorTableA
CreateWindowExA
DefWindowProcA
DestroyAcceleratorTable
DestroyWindow
DialogBoxIndirectParamA
EnableWindow
EndDialog
EndPaint
FillRect
GetActiveWindow
GetClassInfoExA
GetClassNameA
CharNextA
GetCursorPos
GetDC
GetDesktopWindow
GetDlgCtrlID
GetDlgItem
GetFocus
GetParent
GetSysColor
GetWindow
GetWindowLongA
GetWindowRect
GetWindowTextA
GetWindowTextLengthA
InvalidateRect
InvalidateRgn
IsChild
IsWindow
LoadCursorA
LoadStringA
MapDialogRect
MessageBoxA
PtInRect
RedrawWindow
RegisterClassExA
RegisterWindowMessageA
ReleaseCapture
GetClientRect

comctl32

ord17

Exports

Exports

CreateCubeTextureFromFileA
GetImageInfoFromFileInMemory
mpegInOpenTSStream

Sections

.text
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 185KB - Virtual size: 185KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 98KB - Virtual size: 97KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

83950f0b697bac8b2e93952a99cfd366

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

advapi32

ole32

shell32

oleaut32

ddraw

gdi32

user32

comctl32

Exports

Exports

Sections

.text Size: 51KB - Virtual size: 50KB

.rdata Size: 185KB - Virtual size: 185KB

.data Size: 29KB - Virtual size: 31KB

.rsrc Size: 98KB - Virtual size: 97KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 51KB - Virtual size: 50KB

.rdata
Size: 185KB - Virtual size: 185KB

.data
Size: 29KB - Virtual size: 31KB

.rsrc
Size: 98KB - Virtual size: 97KB

.reloc
Size: 3KB - Virtual size: 2KB