326bf21995e2efdfd381bdc1e58a7b1a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

326bf21995e2efdfd381bdc1e58a7b1a_JaffaCakes118
Size

248KB
MD5

326bf21995e2efdfd381bdc1e58a7b1a
SHA1

b200a00d0135567058353cd5524bc15baba42f79
SHA256

18ab59160901b66249613c447ae1be0a8d411b2b959e5c2350c17bd5b0e8f4ad
SHA512

0ebcbabbe7d9c990692bdb518cc247be748b46165d3a80da7f38fc567bdf4318e832fa0f4da230aec09d35547cdd92a83d793567b55715c9fef1c0190640344c
SSDEEP

6144:9Q0Jlh9Iw5DGDRoWK689Str7/pAD9qXEzV0x4:9/n9I4aRoPc7OYXY0W

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
326bf21995e2efdfd381bdc1e58a7b1a_JaffaCakes118

Files

326bf21995e2efdfd381bdc1e58a7b1a_JaffaCakes118
.dll windows:4 windows x86 arch:x86

72997927cca328b6e5f8bd8f8e9cd8ab

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shell32

DragQueryFileW
SHGetSpecialFolderPathW
ShellAboutW
ShellExecuteExW
SHGetSettings
DragFinish

comdlg32

GetOpenFileNameW
GetSaveFileNameW
ChooseFontW
CommDlgExtendedError

gdi32

TextOutW
SetTextColor
BitBlt
CreateCompatibleDC
CreateDCW
CreateFontIndirectW
CreateICW
CreatePen
CreateSolidBrush
DPtoLP
DeleteObject
Escape
ExtTextOutW
GetBkColor
GetDeviceCaps
GetObjectW
GetPaletteEntries
GetStockObject
GetTextColor
GetTextExtentPoint32W
GetTextMetricsW
PtVisible
RectVisible
Rectangle
ScaleWindowExtEx
SelectObject
SetBkMode
SetDCBrushColor
SetPixel

msvcrt

__CxxFrameHandler
__dllonexit
__p__commode
__p__fmode
__set_app_type
__setusermatherr
__wgetmainargs
_adjust_fdiv
_XcptFilter
_cexit
_controlfp
_initterm
_onexit
_wcsdup
exit
memmove
setlocale
wcscmp
wcscoll
wcslen
wcstod
_c_exit

advapi32

RegQueryValueExW
RegSetValueExW
RegQueryValueExA
RegOpenKeyExW
RegOpenKeyExA
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey

kernel32

TerminateProcess
lstrcmpW
lstrlenA
SetUnhandledExceptionFilter
SetThreadPriority
MultiByteToWideChar
MulDiv
LoadLibraryW
LoadLibraryExW
LoadLibraryExA
InterlockedIncrement
HeapCreate
HeapAlloc
GlobalGetAtomNameW
GlobalFree
GlobalAlloc
GlobalAddAtomW
GetVersionExA
GetUserDefaultLCID
GetSystemTimeAsFileTime
GetShortPathNameW
GetModuleHandleA
GetLastError
GetDateFormatW
GetCurrentThreadId
GetCommandLineA
lstrlenW
DeleteAtom
CreateFileW
CreateEventW
AddAtomW
ExitProcess

shlwapi

PathFindFileNameW

user32

UpdateWindow
SetRect
SetFocus
SetCursor
SendMessageW
SendMessageTimeoutW
SendDlgItemMessageW
PeekMessageW
OffsetRect
WinHelpW
LoadIconW
GetNextDlgTabItem
GetMonitorInfoW
GetDC
GetAsyncKeyState
GetActiveWindow
FindWindowW
EnableWindow
DefWindowProcW
CallNextHookEx
LoadMenuW
CharToOemBuffA

ole32

CLSIDFromString
CoTaskMemFree
CreateILockBytesOnHGlobal
OleInitialize
OleRegGetUserType
OleUninitialize
ReleaseStgMedium
StgCreateDocfileOnILockBytes
StringFromCLSID

Exports

Exports

EnumExposureCompReset
FreeArray
Memcpy2DFromArray
ThreadSynchronize

Sections

.text
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

72997927cca328b6e5f8bd8f8e9cd8ab

Headers

File Characteristics

Imports

shell32

comdlg32

gdi32

msvcrt

advapi32

kernel32

shlwapi

user32

ole32

Exports

Exports

Sections

.text Size: 164KB - Virtual size: 164KB

.data Size: 72KB - Virtual size: 112KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 164KB - Virtual size: 164KB

.data
Size: 72KB - Virtual size: 112KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 4KB