36666caddabf2bf488b8924924e33db3_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

36666caddabf2bf488b8924924e33db3_JaffaCakes118
Size

113KB
MD5

36666caddabf2bf488b8924924e33db3
SHA1

7b14c374825c58d85c690da3129e04e7bc4b1109
SHA256

11e8f8a82f4bf7d81559c7afdc6fc7462ae820dadf11ed811acf973a145f5113
SHA512

a7a06c9b1570466ba14fd4cd0f6be7745dc41680d789d64d84da1705e7beb104eb935775b8177b6ea365c233ecc0fb35f3fb521367f50edba7ba4684d40afabc
SSDEEP

3072:uWD6In9QPsSLmfcso6LjSGMH2d+y94lgsdM9Ys/:uSdkPsXPS1y9Iu/

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
36666caddabf2bf488b8924924e33db3_JaffaCakes118

Files

36666caddabf2bf488b8924924e33db3_JaffaCakes118
.dll windows:5 windows x86 arch:x86

b6c3c3ade6010e7453e32f0483420ef0

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DeleteFileA
DeleteFileW
DeviceIoControl
EnterCriticalSection
ExitProcess
ExitThread
FileTimeToDosDateTime
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
FindCloseChangeNotification
FindFirstChangeNotificationA
FindFirstChangeNotificationW
FindFirstFileA
FindFirstFileW
FindNextChangeNotification
FindNextFileA
FindNextFileW
FormatMessageA
FormatMessageW
FreeLibrary
GetCompressedFileSizeW
GetCurrentDirectoryW
GetCurrentProcess
GetDiskFreeSpaceA
GetDriveTypeA
GetExitCodeThread
GetFileSize
GetFullPathNameA
GetFullPathNameW
GetLastError
GetLogicalDriveStringsA
GetLogicalDriveStringsW
GetModuleFileNameA
GetModuleHandleA
GetModuleHandleW
GetProcAddress
GetProcessHeap
GetStartupInfoA
GetSystemTime
GetTempFileNameA
GetTempFileNameW
DeleteCriticalSection
GetTickCount
GetUserDefaultLangID
GetVersionExA
GetVolumeInformationA
GetVolumeInformationW
GetWindowsDirectoryA
GetWindowsDirectoryW
GlobalAlloc
GlobalFree
GlobalLock
GlobalSize
GlobalUnlock
HeapAlloc
InitializeCriticalSection
InterlockedIncrement
LeaveCriticalSection
LoadLibraryA
LoadLibraryW
LocalFree
MapViewOfFile
MoveFileA
MoveFileW
MultiByteToWideChar
ReadFile
RemoveDirectoryA
RemoveDirectoryW
SetEndOfFile
SetEvent
SetFilePointer
SetFileTime
SetLastError
SetPriorityClass
SystemTimeToFileTime
UnmapViewOfFile
VirtualAlloc
VirtualFree
VirtualProtect
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
lstrcatA
CreateProcessW
CreateProcessA
CreateFileW
CreateFileMappingA
CreateFileA
CreateDirectoryW
CreateDirectoryA
CopyFileW
CopyFileA
GetTempPathW
CompareFileTime

shell32

SHBrowseForFolderA
SHFileOperationA
SHGetDesktopFolder
SHGetFileInfoA
SHGetMalloc
SHGetPathFromIDListA
SHGetSpecialFolderLocation
ShellExecuteA
SHChangeNotify

user32

CheckRadioButton
ChildWindowFromPointEx
ClientToScreen
CreateAcceleratorTableA
CreateIconIndirect
CreateMenu
CreateWindowExA
CreateWindowExW
DdeConnectList
DdeGetLastError
DefWindowProcA
DefWindowProcW
DestroyAcceleratorTable
DestroyIcon
DestroyMenu
DestroyWindow
DialogBoxParamA
DialogBoxParamW
DispatchMessageW
DrawMenuBar
DrawStateW
EmptyClipboard
EnableWindow
EndPaint
ExcludeUpdateRgn
FindWindowA
FlashWindowEx
GetCapture
GetClassInfoA
GetClassInfoW
GetClientRect
GetDlgItem
GetGUIThreadInfo
GetInputState
GetKeyState
GetMenu
GetMenuBarInfo
GetMenuItemCount
GetMenuItemInfoA
GetMenuItemInfoW
GetMessageW
GetSubMenu
GetTitleBarInfo
GetUserObjectInformationA
GetWindowLongA
GetWindowPlacement
GetWindowTextA
CheckMenuRadioItem
InsertMenuItemA
InvalidateRect
IsDlgButtonChecked
IsWindowEnabled
IsZoomed
KillTimer
LoadAcceleratorsA
LoadAcceleratorsW
LoadBitmapA
LoadCursorA
LoadIconA
LockSetForegroundWindow
LookupIconIdFromDirectory
MapDialogRect
MapVirtualKeyA
MessageBoxW
ModifyMenuW
NotifyWinEvent
OpenClipboard
PostMessageA
PostQuitMessage
RegisterClassA
RegisterClipboardFormatA
RemoveMenu
SendMessageW
SetDebugErrorLevel
SetMenu
SetMenuItemInfoW
SetTimer
SetWindowLongA
SetWindowLongW
SetWindowTextA
SetWindowTextW
ShowScrollBar
ShowWindow
SystemParametersInfoA
TileWindows
TrackPopupMenuEx
TranslateAcceleratorA
TranslateAcceleratorW
TranslateMDISysAccel
TranslateMessage
UnregisterHotKey
UpdateLayeredWindow
UpdateWindow
wsprintfA
CheckMenuItem
CheckDlgButton
CharUpperW
CharUpperA
AppendMenuW
CharLowerW
CharLowerA
CallWindowProcW
GetWindowTextW
CallWindowProcA
CharPrevA

msvcrt

_initterm
_onexit
_purecall
_wcsicmp
exit
free
malloc
memcmp
_exit
memmove
memset
rand
srand
strlen
wcslen
wcsncmp
_except_handler3
_controlfp
_beginthreadex
memcpy
_CxxThrowException
_XcptFilter
__CxxFrameHandler
__dllonexit
__getmainargs
__p__commode
__p__fmode
_adjust_fdiv
_acmdln
__setusermatherr
__set_app_type

ole32

RevokeDragDrop
ReleaseStgMedium
RegisterDragDrop
OleUninitialize
OleInitialize
DoDragDrop
CoUninitialize
CoTaskMemAlloc
CoInitialize
CoTaskMemFree

advapi32

GetUserNameW
RegSetValueExW
RegSetValueExA
RegQueryValueExW
RegQueryValueExA
RegOpenKeyExA
RegEnumKeyExA
RegDeleteKeyA
RegCreateKeyExA
RegCloseKey

comdlg32

PageSetupDlgA
PrintDlgA
GetFileTitleA

Sections

.text
Size: 24KB - Virtual size: 28KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 69KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b6c3c3ade6010e7453e32f0483420ef0

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

shell32

user32

msvcrt

ole32

advapi32

comdlg32

Sections

.text Size: 24KB - Virtual size: 28KB

.rdata Size: 69KB - Virtual size: 72KB

.data Size: 17KB - Virtual size: 20KB

.rsrc Size: 1024B - Virtual size: 4KB

.text
Size: 24KB - Virtual size: 28KB

.rdata
Size: 69KB - Virtual size: 72KB

.data
Size: 17KB - Virtual size: 20KB

.rsrc
Size: 1024B - Virtual size: 4KB