32d2fd35cbc14b8d80acf7a185ee5f56_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

32d2fd35cbc14b8d80acf7a185ee5f56_JaffaCakes118
Size

248KB
MD5

32d2fd35cbc14b8d80acf7a185ee5f56
SHA1

c083b04ec5722250c34f1b29c908c6a71c73da2f
SHA256

db1363d0d2fc145cd0ccd25c77da85670417bc242f1cf142813593bdbd7bf337
SHA512

acddb67ad0123a7a95b15384e44990dfa55d9fc2bff1f01d3151454fd9aabdcf43bb8c3aa5f5057eac712bc279ba6d21daa94c1cb32e942900a9471814df664b
SSDEEP

6144:BsuSEylbUEjEtBvProeFcSxyE3/lOuTx:BxHyNyBvPceeS13/lOuTx

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
32d2fd35cbc14b8d80acf7a185ee5f56_JaffaCakes118

Files

32d2fd35cbc14b8d80acf7a185ee5f56_JaffaCakes118
.dll windows:4 windows x86 arch:x86

5c2572aabd2fbc1b434859e653e2f1d4

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

TranslateMessage
SetWindowPos
SetTimer
SetForegroundWindow
SetDlgItemTextW
SendMessageW
SendDlgItemMessageW
RegisterClassW
PostQuitMessage
PostMessageW
MessageBoxW
LoadStringW
LoadImageW
LoadIconW
KillTimer
IsDlgButtonChecked
GetWindowRect
GetWindowLongW
GetSystemMetrics
GetParent
GetMessageW
GetDlgItem
GetDesktopWindow
GetClientRect
EndDialog
DispatchMessageW
DialogBoxParamW
DefWindowProcW
CreateWindowExW
CheckDlgButton

shell32

Shell_NotifyIconW

comctl32

ord17

kernel32

lstrcpyW
lstrcmpiW
WriteFile
WideCharToMultiByte
WaitForSingleObject
WaitForMultipleObjects
VirtualQuery
lstrlenW
VirtualFree
VirtualAlloc
UnhandledExceptionFilter
TerminateProcess
Sleep
SetUnhandledExceptionFilter
SetThreadPriority
SetStdHandle
SetProcessShutdownParameters
SetLastError
SetHandleCount
SetFilePointer
SetEvent
RtlUnwind
ResumeThread
VirtualProtect
CloseHandle
CompareStringW
CreateEventW
CreateThread
EnterCriticalSection
ExitProcess
ExitThread
ExpandEnvironmentStringsW
FindClose
FindCloseChangeNotification
FindFirstChangeNotificationW
FindFirstFileW
FindNextChangeNotification
FindNextFileW
FlushFileBuffers
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetACP
GetCPInfo
GetCommandLineA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentStringsA
GetEnvironmentStringsW
GetEnvironmentVariableW
GetFileType
GetLastError
GetLocaleInfoA
GetModuleFileNameA
GetModuleHandleA
GetOEMCP
GetProcAddress
GetStartupInfoA
GetStdHandle
GetStringTypeA
GetStringTypeW
GetSystemInfo
GetSystemTimeAsFileTime
GetTickCount
GetVersionExA
HeapAlloc
HeapCreate
HeapDestroy
HeapFree
HeapReAlloc
InitializeCriticalSection
InterlockedExchange
LCMapStringA
LCMapStringW
LeaveCriticalSection
LoadLibraryA
LocalAlloc
LocalFree
LocalReAlloc
MultiByteToWideChar
OpenEventW
QueryPerformanceCounter

advapi32

SetSecurityInfo
RegQueryValueExW
RegOpenKeyExW
RegNotifyChangeKeyValue
RegCloseKey
GetSecurityInfo
GetAce

Exports

Exports

BAOOpenFile
D3D9RegisterVertexBuffer
GetMCCustomSetNumberCount
GetPreviousDeviceInfo
SetupArgument

Sections

.text
Size: 140KB - Virtual size: 140KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 140KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5c2572aabd2fbc1b434859e653e2f1d4

Headers

File Characteristics

Imports

user32

shell32

comctl32

kernel32

advapi32

Exports

Exports

Sections

.text Size: 140KB - Virtual size: 140KB

.data Size: 96KB - Virtual size: 140KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 140KB - Virtual size: 140KB

.data
Size: 96KB - Virtual size: 140KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 4KB