2cc8957657457449cae7e4955a2d9cb3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2cc8957657457449cae7e4955a2d9cb3_JaffaCakes118
Size

313KB
MD5

2cc8957657457449cae7e4955a2d9cb3
SHA1

3041ea305849582e0c1690a89d95f5190712faa8
SHA256

0d7d34322a7c7111969fc65ef15f79e8105eae3eafbb6aa92054c47ebc280eaf
SHA512

e81f7318990fefd4f760cb42da8778ba1fefc9b2c6565865ec6b7cd80e6c80e9b5aba46e2ef9eb32ce2807b86015d5262c7b53c87e1ef957538be11942295bc6
SSDEEP

6144:DC3I1Oh+uVmQzktEtvWpDI+CY+p0CyMSOhQ2uYHRUOZjOdwbO2+DAGhZ/VmbVkew:91OSq7PDusOhZhVVxew

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2cc8957657457449cae7e4955a2d9cb3_JaffaCakes118

Files

2cc8957657457449cae7e4955a2d9cb3_JaffaCakes118
.dll windows:4 windows x86 arch:x86

677f17fe22f4e060a0049b9bc8e45f56

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

gdi32

SetBkMode
SetGraphicsMode
SetTextColor
ModifyWorldTransform
SelectObject
GetStockObject
GetObjectA
SaveDC
RestoreDC
SetWindowOrgEx
GetDeviceCaps
DeleteObject
DeleteDC
DPtoLP
CreateSolidBrush
CreateFontIndirectA
CreateCompatibleDC
BitBlt
CreateCompatibleBitmap
SetViewportOrgEx

shell32

ShellExecuteA

ddraw

DirectDrawCreateEx
DDGetAttachedSurfaceLcl

oleaut32

SysFreeString
LoadRegTypeLi
LoadTypeLi
OleCreateFontIndirect
SysAllocString
SysAllocStringLen
SysStringByteLen
SysStringLen
VarUI4FromStr
VariantClear
VariantInit

comctl32

ord17

user32

RedrawWindow
PtInRect
MessageBoxA
MapDialogRect
LoadStringA
LoadCursorA
IsWindow
IsChild
InvalidateRgn
InvalidateRect
GetWindowTextLengthA
GetWindowTextA
GetWindowRect
GetWindowLongA
GetWindow
GetSysColor
GetParent
GetFocus
GetDlgItem
RegisterClassExA
GetDesktopWindow
GetDC
GetCursorPos
GetClientRect
GetClassNameA
GetClassInfoExA
GetActiveWindow
FillRect
EndPaint
EndDialog
EnableWindow
DialogBoxIndirectParamA
DestroyWindow
DestroyAcceleratorTable
DefWindowProcA
CreateWindowExA
CreateAcceleratorTableA
CharNextA
CallWindowProcA
BeginPaint
ReleaseCapture
ReleaseDC
SendMessageA
SetCapture
SetCursor
SetFocus
SetWindowContextHelpId
SetWindowLongA
SetWindowPos
SetWindowTextA
UnregisterClassA
GetDlgCtrlID
wsprintfA
RegisterWindowMessageA

advapi32

RegCloseKey
RegDeleteKeyA
RegSetValueExA
RegQueryValueExA
RegQueryInfoKeyA
RegOpenKeyExA
RegEnumKeyExA
RegDeleteValueA
RegCreateKeyExA

kernel32

QueryPerformanceCounter
MultiByteToWideChar
RaiseException
SetLastError
MulDiv
LockResource
LoadResource
LoadLibraryExA
LoadLibraryA
LeaveCriticalSection
SizeofResource
IsDBCSLeadByte
InterlockedIncrement
InterlockedExchange
InterlockedDecrement
InterlockedCompareExchange
InitializeCriticalSection
HeapFree
HeapAlloc
GlobalUnlock
GlobalLock
GlobalHandle
GlobalFree
GlobalAlloc
GetVersionExA
GetTickCount
GetThreadLocale
GetSystemTimeAsFileTime
GetProcessPriorityBoost
GetProcessHeap
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetLocaleInfoA
GetLastError
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GetACP
FreeLibrary
FlushInstructionCache
FindResourceA
ExitProcess
EnterCriticalSection
DisableThreadLibraryCalls
DeleteCriticalSection
VirtualAlloc
VirtualFree
VirtualProtect
WideCharToMultiByte
lstrcmpA
lstrcmpiA
lstrcpynA
lstrlenA
lstrlenW
IsProcessorFeaturePresent

ole32

CLSIDFromProgID
CLSIDFromString
CoCreateInstance
CoGetClassObject
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc
CreateStreamOnHGlobal
OleInitialize
OleLockRunning
OleUninitialize
StringFromGUID2

Exports

Exports

ComputeTangentFrameEx
CreateCubeTextureFromResourceExW
GatherFragmentsFromFileA
LoadMemoryTile
LoadMeshHierarchyFromXA
StartDecompressBuffer
StopSaveData
Vec2TransformCoordArray
mpegInSeekFrame

Sections

.text
Size: 41KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 154KB - Virtual size: 154KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 30KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

677f17fe22f4e060a0049b9bc8e45f56

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

shell32

ddraw

oleaut32

comctl32

user32

advapi32

kernel32

ole32

Exports

Exports

Sections

.text Size: 41KB - Virtual size: 40KB

.rdata Size: 154KB - Virtual size: 154KB

.data Size: 30KB - Virtual size: 31KB

.rsrc Size: 85KB - Virtual size: 84KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 41KB - Virtual size: 40KB

.rdata
Size: 154KB - Virtual size: 154KB

.data
Size: 30KB - Virtual size: 31KB

.rsrc
Size: 85KB - Virtual size: 84KB

.reloc
Size: 2KB - Virtual size: 1KB