37f4ae0a8997ee448477a5166fc29ba5_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

37f4ae0a8997ee448477a5166fc29ba5_JaffaCakes118
Size

193KB
MD5

37f4ae0a8997ee448477a5166fc29ba5
SHA1

a167452b59b342044145f2a16bf188c86066aecc
SHA256

5558ba9cf2155235381cfd561db7f0115ca9ca8320ba84adfc04d6ba45ea48d1
SHA512

c57bf81029ae2d87a69addadaa4a6253d329d0ec579223dfcf96df8f9964cdef4a285c9ea08025fcc87434e930db78cec730112287842d642a9d0605721408ce
SSDEEP

3072:ep7wVjthF9mKEmP9dxMBkZdtkCiS8ot4Co4DS5a+5sJW:SOrT6mFdxMSZdB1toW4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
37f4ae0a8997ee448477a5166fc29ba5_JaffaCakes118

Files

37f4ae0a8997ee448477a5166fc29ba5_JaffaCakes118
.dll windows:5 windows x86 arch:x86

b3e67183ebb7a9a08a0e4cf5693fed0c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

psapi

EnumProcesses
GetModuleBaseNameA
EnumProcessModules

kernel32

SetFilePointer
FlushFileBuffers
GetCurrentProcess
CreateFileA
GlobalAddAtomA
lstrcmpW
GlobalDeleteAtom
GlobalFindAtomA
GetLocaleInfoA
WriteFile
GetOEMCP
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
HeapAlloc
HeapFree
HeapReAlloc
RtlUnwind
RaiseException
VirtualAlloc
HeapSize
GetACP
IsValidCodePage
LCMapStringA
LCMapStringW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
HeapCreate
HeapDestroy
VirtualFree
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
LoadLibraryA
GlobalFlags
GetCurrentThreadId
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
InterlockedDecrement
InterlockedIncrement
GetModuleHandleW
CompareStringA
lstrcmpA
GlobalGetAtomNameA
GetModuleFileNameA
GetLastError
SetLastError
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
LocalFree
FindResourceA
LoadResource
LockResource
SizeofResource
lstrlenA
WideCharToMultiByte
MultiByteToWideChar
CreateThread
ResumeThread
FreeLibrary
GetVersionExA
GetModuleHandleA
GetProcAddress
TerminateProcess
Sleep
GetCurrentProcessId
GetWindowsDirectoryA
Module32First
ExitProcess
ReadProcessMemory
OpenProcess
CloseHandle
Process32Next
Process32First
CreateToolhelp32Snapshot
GetCPInfo

user32

DestroyMenu
PostQuitMessage
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
RegisterWindowMessageA
LoadIconA
WinHelpA
GetCapture
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
SetMenu
SetForegroundWindow
GetClientRect
PostMessageA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
CopyRect
DefWindowProcA
CallWindowProcA
GetMenu
SystemParametersInfoA
IsIconic
GetWindowPlacement
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
EnableMenuItem
CheckMenuItem
SetWindowPos
SetWindowLongA
GetDlgItem
GetFocus
MessageBoxA
FindWindowA
GetParent
GetWindowThreadProcessId
ClientToScreen
GetDlgCtrlID
GetWindowRect
PtInRect
SetWindowTextA
SetWindowsHookExA
CallNextHookEx
DispatchMessageA
GetKeyState
PeekMessageA
GetWindowTextA
GetClassNameA
GetWindow
IsWindow
SendMessageA
IsWindowVisible
EnumWindows
GetSubMenu
GetMenuItemCount
GetMenuItemID
ValidateRect
UnhookWindowsHookEx
LoadCursorA
GetSystemMetrics
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
EnableWindow
GetMenuState

oleacc

LresultFromObject
CreateStdAccessibleObject

gdi32

DeleteDC
GetStockObject
CreateBitmap
GetClipBox
SetTextColor
SetBkColor
SaveDC
RestoreDC
SetMapMode
SetViewportExtEx
ScaleWindowExtEx
SetWindowExtEx
DeleteObject
GetDeviceCaps
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
ScaleViewportExtEx

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

oleaut32

VariantClear
VariantChangeType
VariantInit

Exports

Exports

init

Sections

.text
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b3e67183ebb7a9a08a0e4cf5693fed0c

Headers

File Characteristics

Imports

psapi

kernel32

user32

oleacc

gdi32

winspool.drv

oleaut32

Exports

Exports

Sections

.text Size: 120KB - Virtual size: 120KB

.rdata Size: 29KB - Virtual size: 29KB

.data Size: 14KB - Virtual size: 29KB

.reloc Size: 28KB - Virtual size: 27KB

.text
Size: 120KB - Virtual size: 120KB

.rdata
Size: 29KB - Virtual size: 29KB

.data
Size: 14KB - Virtual size: 29KB

.reloc
Size: 28KB - Virtual size: 27KB