3538f9801385421aebfd9d89e002ef19_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3538f9801385421aebfd9d89e002ef19_JaffaCakes118
Size

11KB
MD5

3538f9801385421aebfd9d89e002ef19
SHA1

2c5a35053efbbcde5aea35a46e405a1392d7b0cc
SHA256

43afbcb3ed2fecde199f71807c9378d8ad5c3739d6dfca000ce17abdc757cfc9
SHA512

2ff8251e2d1a3200719098ea18ba7192e4c88b00bbce7cea81da185be70392462937f06eaa8584df446b185fab9cdf9fc71b8fb6585bb7b404e96f3c537b91a7
SSDEEP

192:ppQPvI/leoeyILQAUfm1jUUSJsWrbP35zNmVJ4ij4R4m6fRY5m5DH3M:ppQnI9eXQAUfm1jUUfWrbPRNmVE+m6F8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3538f9801385421aebfd9d89e002ef19_JaffaCakes118

Files

3538f9801385421aebfd9d89e002ef19_JaffaCakes118
.dll windows:5 windows x86 arch:x86

32a3a2468774d41f7b1b41daeb5c95d3

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualAlloc
ExitProcess
CreateFileA
lstrcpyA
lstrlenA
GetProcAddress
LoadLibraryA
GetWindowsDirectoryA
GetVersion
AddAtomW
AllocConsole
BuildCommDCBAndTimeoutsW
CallNamedPipeW
ClearCommError
CreateHardLinkA
CreateJobObjectA
CreateJobObjectW
CreateMailslotW
CreateTimerQueueTimer
CreateWaitableTimerA
DebugBreak
DefineDosDeviceA
DeleteCriticalSection
DeleteFiber
DeleteTimerQueueEx
DisableThreadLibraryCalls
DuplicateHandle
EndUpdateResourceW
EnterCriticalSection
EnumCalendarInfoExW
EnumResourceLanguagesW
EnumSystemLocalesA
EnumSystemLocalesW
ExpandEnvironmentStringsW
FindVolumeClose
FoldStringW
FormatMessageA
FreeEnvironmentStringsW
FreeLibrary
GenerateConsoleCtrlEvent
GetBinaryTypeW
GetCPInfoExA
GetCPInfoExW
GetCalendarInfoW
GetConsoleAliasesLengthW
GetConsoleCursorInfo
GetConsoleTitleW
GetCurrentDirectoryA
GetCurrentProcess
GetCurrentThread
GetDiskFreeSpaceW
GetDriveTypeW
GetExitCodeProcess
GetFileAttributesA
GetFileSizeEx
GetLocaleInfoA
GetOverlappedResult
GetProcessAffinityMask
GetStartupInfoW
GetStringTypeExW
GetSystemWindowsDirectoryW
GetTapePosition
GetTempPathA
GetTempPathW
GetThreadSelectorEntry
GetVolumeNameForVolumeMountPointA
GetVolumePathNameA
GlobalAddAtomW
GlobalReAlloc
GlobalSize
GlobalUnWire
HeapUnlock
HeapWalk
InterlockedExchangeAdd
IsBadCodePtr
LockFileEx
LockResource
Module32FirstW
Module32NextW
MoveFileW
OpenThread
PeekConsoleInputA
PeekConsoleInputW
Process32FirstW
ProcessIdToSessionId
QueueUserAPC
RaiseException
ReadConsoleOutputA
ReadDirectoryChangesW
ScrollConsoleScreenBufferA
SetCommBreak
SetCommTimeouts
SetComputerNameA
SetConsoleCtrlHandler
SetEnvironmentVariableW
SetLocaleInfoW
SetThreadIdealProcessor
SetupComm
SizeofResource
Sleep
SuspendThread
WriteFileGather
WritePrivateProfileStringW
_hread
lstrcmpW
lstrcmpiW
lstrcpynW

user32

AdjustWindowRectEx
BeginPaint
ChangeDisplaySettingsA
ChangeMenuA
CharToOemBuffA
CharUpperBuffA
CloseWindowStation
CreateCursor
CreateDialogParamA
CreateWindowExW
DdeClientTransaction
DdeConnect
DdeImpersonateClient
DdeSetUserHandle
DeferWindowPos
DestroyMenu
DialogBoxIndirectParamA
DispatchMessageW
DlgDirListW
DrawAnimatedRects
EditWndProc
EmptyClipboard
EnableWindow
FillRect
FindWindowExA
FindWindowExW
FreeDDElParam
GetClassInfoW
GetClassNameW
GetClientRect
GetClipboardOwner
GetClipboardViewer
GetDCEx
GetDlgItemInt
GetKeyNameTextA
GetKeyboardLayoutNameW
GetMenu
GetMenuCheckMarkDimensions
GetMenuDefaultItem
GetMessagePos
GetMonitorInfoA
GetProcessWindowStation
GetPropA
GetScrollInfo
GetTabbedTextExtentA
GetTitleBarInfo
GetWindowContextHelpId
GetWindowModuleFileName
InsertMenuItemA
IsZoomed
LoadAcceleratorsW
LoadStringW
MapVirtualKeyExW
ModifyMenuA
MonitorFromPoint
OemToCharBuffA
OffsetRect
PostThreadMessageA
RegisterClassA
RegisterClassExW
RegisterClassW
RegisterHotKey
ReleaseDC
ReplyMessage
ReuseDDElParam
ScreenToClient
SendDlgItemMessageA
SendMessageA
SendMessageCallbackA
SetDeskWallpaper
SetWinEventHook
SetWindowPlacement
SetWindowsHookA
ShowCursor
ShowOwnedPopups
ShowWindow
ShowWindowAsync
SwitchDesktop
SystemParametersInfoA
TabbedTextOutA
TileWindows
TranslateAccelerator
UnionRect
UnregisterHotKey
ValidateRgn
WaitMessage
keybd_event
wsprintfW

ole32

CLSIDFromString
CoAddRefServerProcess
CoBuildVersion
CoCancelCall
CoCreateGuid
CoCreateInstance
CoCreateInstanceEx
CoDisableCallCancellation
CoDisconnectObject
CoDosDateTimeToFileTime
CoGetCallContext
CoGetClassVersion
CoGetCurrentLogicalThreadId
CoGetInstanceFromFile
CoGetTreatAsClass
CoInitializeWOW
CoLoadLibrary
CoQueryReleaseObject
CoRegisterPSClsid
CoRevokeClassObject
CreateBindCtx
CreateDataCache
CreateGenericComposite
CreateItemMoniker
CreateOleAdviseHolder
DllGetClassObjectWOW
DoDragDrop
FreePropVariantArray
HACCEL_UserFree
HBITMAP_UserMarshal
HBITMAP_UserSize
HGLOBAL_UserMarshal
HICON_UserMarshal
HICON_UserSize
HMENU_UserUnmarshal
HMETAFILEPICT_UserFree
HMETAFILE_UserMarshal
HMETAFILE_UserUnmarshal
HPALETTE_UserUnmarshal
IIDFromString
IsAccelerator
MkParseDisplayName
MonikerCommonPrefixWith
MonikerRelativePathTo
OleBuildVersion
OleCreateDefaultHandler
OleCreateEx
OleCreateFromData
OleCreateLinkToFile
OleCreateMenuDescriptor
OleCreateStaticFromData
OleDoAutoConvert
OleDraw
OleFlushClipboard
OleGetAutoConvert
OleQueryCreateFromData
OleRegEnumFormatEtc
OleSave
OleTranslateAccelerator
OleUninitialize
PropStgNameToFmtId
PropVariantCopy
ReadStringStream
SNB_UserFree
SNB_UserMarshal
SNB_UserSize
SetConvertStg
SetDocumentBitStg
StgConvertVariantToProperty
StgCreateDocfile
StgCreateDocfileOnILockBytes
StringFromCLSID
StringFromIID
UtConvertDvtd16toDvtd32
UtConvertDvtd32toDvtd16
WdtpInterfacePointer_UserSize
WdtpInterfacePointer_UserUnmarshal
WriteClassStg
WriteStringStream

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text2
Size: 228KB - Virtual size: 227KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 80B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

32a3a2468774d41f7b1b41daeb5c95d3

Headers

File Characteristics

Imports

kernel32

user32

ole32

Sections

.text Size: 9KB - Virtual size: 9KB

.text2 Size: 228KB - Virtual size: 227KB

.data Size: 512B - Virtual size: 80B

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 9KB - Virtual size: 9KB

.text2
Size: 228KB - Virtual size: 227KB

.data
Size: 512B - Virtual size: 80B

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 2KB - Virtual size: 1KB