289825921e8cc3841c8d8d4a0eb5fb50_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

289825921e8cc3841c8d8d4a0eb5fb50_JaffaCakes118
Size

212KB
MD5

289825921e8cc3841c8d8d4a0eb5fb50
SHA1

b0aa4d4cce86e359c21cc12d95e77cf64a1a40d8
SHA256

84301f2817a89f7de2dc1db6f6185acfa436f440c10282fabf90fb5b16fb3cec
SHA512

5571e7d2f12d936a1aea403dab5932a40661f2d5f872af5d84b9cac96d65136ae2b7d1e8f11abbe2735989230708feb8d8f16dad690ea19c7565e1a1a20f3be4
SSDEEP

6144:66DYJP7+Dd9EK5pvxEsz4Clyl63zvTl/k5FNS:E9SRRNxEZy3zZ/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
289825921e8cc3841c8d8d4a0eb5fb50_JaffaCakes118

Files

289825921e8cc3841c8d8d4a0eb5fb50_JaffaCakes118
.dll windows:5 windows x86 arch:x86

0b383986b57e052ef2ec69b5edc2787d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

M:\lzCKviffxZrv\NuErQlkcQw\qbsGDojw.pdb

Imports

advapi32

LookupPrivilegeDisplayNameA

kernel32

lstrcatW
lstrcmpW
HeapUnlock
CallNamedPipeW
SetCurrentDirectoryA
RaiseException
GetSystemTimeAdjustment
GetComputerNameW
GetDateFormatW
AddAtomA
HeapCreate
GetCommandLineW
SetFileApisToOEM
HeapFree
GetModuleHandleA
GetAtomNameW
GetCommTimeouts

msvcrt

_controlfp
isxdigit
__set_app_type
wcscat
floor
mbstowcs
__p__fmode
tolower
clock
__p__commode
_amsg_exit
_initterm
_acmdln
strerror
exit
_ismbblead
remove
iswxdigit
_XcptFilter
malloc
_exit
_cexit
__setusermatherr
__getmainargs

gdi32

PolyBezier
SetROP2
LineDDA
CreateRectRgn
SetStretchBltMode
SetDIBitsToDevice
FillRgn
CreateRectRgnIndirect
WidenPath
GetTextColor
RemoveFontResourceW
Ellipse
GetDeviceCaps
GetBitmapBits

user32

LockWindowUpdate
DialogBoxIndirectParamW
GetFocus
GetDlgItemTextA
SetCursorPos
RegisterWindowMessageW
IsChild
ReplyMessage
InternalGetWindowText
CreateCursor
GetMenuItemID
DrawIcon
CreateIconFromResource
CreateWindowExW
DeleteMenu
LoadImageA
GetMenuItemInfoW
GetClientRect
PostQuitMessage
DialogBoxParamA
GetSysColor
DrawAnimatedRects
DialogBoxParamW
GetMessageTime
LoadStringW
IntersectRect
ActivateKeyboardLayout
GetUpdateRect
AttachThreadInput
IsCharAlphaW
DrawStateW
AppendMenuW
DefDlgProcA
GetUpdateRgn

Exports

Exports

?TryEnterCriticalSectionJKDJHLJHKDljfjhl@@YGKEPA_WG@Z

Sections

.text
Size: 174KB - Virtual size: 173KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.diag_y
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idat
Size: 512B - Virtual size: 380B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.diag_x
Size: 512B - Virtual size: 28B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.div
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.plus
Size: 1024B - Virtual size: 722B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.minus
Size: 512B - Virtual size: 140B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

0b383986b57e052ef2ec69b5edc2787d

Headers

File Characteristics

PDB Paths

Imports

advapi32

kernel32

msvcrt

gdi32

user32

Exports

Exports

Sections

.text Size: 174KB - Virtual size: 173KB

.diag_y Size: 512B - Virtual size: 64B

.idat Size: 512B - Virtual size: 380B

.diag_x Size: 512B - Virtual size: 28B

.div Size: 2KB - Virtual size: 1KB

.data Size: 2KB - Virtual size: 1KB

.plus Size: 1024B - Virtual size: 722B

.minus Size: 512B - Virtual size: 140B

.rsrc Size: 28KB - Virtual size: 28KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 174KB - Virtual size: 173KB

.diag_y
Size: 512B - Virtual size: 64B

.idat
Size: 512B - Virtual size: 380B

.diag_x
Size: 512B - Virtual size: 28B

.div
Size: 2KB - Virtual size: 1KB

.data
Size: 2KB - Virtual size: 1KB

.plus
Size: 1024B - Virtual size: 722B

.minus
Size: 512B - Virtual size: 140B

.rsrc
Size: 28KB - Virtual size: 28KB

.reloc
Size: 2KB - Virtual size: 1KB