38e61c720cf83a3ad162afc792ffd3f2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

38e61c720cf83a3ad162afc792ffd3f2_JaffaCakes118
Size

273KB
MD5

38e61c720cf83a3ad162afc792ffd3f2
SHA1

3a1937608b456425fcf2d7181441d1aba37daf74
SHA256

203091486807a3ac8569718756f84abf5b14f9f7fd32ce1d4d0a8ebaa3411cd9
SHA512

ee8fc3cc081670f96480e5f8221e469f623778bebc9327caa26754c9833d337475858feb4dc9859198a26c7d9c917649d8d90ad9b6e2ba52aec0d264d2da485f
SSDEEP

6144:uX/vsM9v3Ot7pB5Yhzdq9A2n5/6F8QQQA7Mlsl:uHsMYv2Cx7Mu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
38e61c720cf83a3ad162afc792ffd3f2_JaffaCakes118

Files

38e61c720cf83a3ad162afc792ffd3f2_JaffaCakes118
.dll windows:4 windows x86 arch:x86

4d5085237010bb1de1b8d2e233f4b1be

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
LoadLibraryExA
LoadResource
LockResource
MulDiv
MultiByteToWideChar
QueryPerformanceCounter
RaiseException
SetLastError
LeaveCriticalSection
VirtualAlloc
VirtualFree
VirtualProtect
WideCharToMultiByte
lstrcmpA
lstrcmpiA
lstrcpynA
lstrlenA
lstrlenW
IsProcessorFeaturePresent
IsDBCSLeadByte
InterlockedIncrement
InterlockedExchange
InterlockedDecrement
InterlockedCompareExchange
InitializeCriticalSection
HeapFree
HeapAlloc
GlobalUnlock
GlobalLock
GlobalHandle
GlobalFree
GlobalAlloc
GetVersionExA
GetTickCount
GetThreadLocale
GetSystemTimeAsFileTime
GetProcessPriorityBoost
GetProcessHeap
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetLocaleInfoA
GetLastError
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GetACP
FreeLibrary
FlushInstructionCache
FindResourceA
ExitProcess
EnterCriticalSection
DisableThreadLibraryCalls
SizeofResource
DeleteCriticalSection

ddraw

GetSurfaceFromDC

shell32

DragAcceptFiles
SHBindToParent
SHFreeNameMappings
SHGetMalloc
SHGetSpecialFolderLocation
SHLoadNonloadedIconOverlayIdentifiers
DuplicateIcon

user32

SetWindowContextHelpId
SetWindowLongA
SetWindowPos
SetWindowTextA
wsprintfA
PtInRect
MessageBoxA
MapDialogRect
LoadStringA
LoadCursorA
IsWindow
IsChild
InvalidateRgn
InvalidateRect
GetWindowTextLengthA
GetWindowRect
GetWindowLongA
GetWindow
GetSysColor
SetFocus
GetMenuItemID
GetFocus
GetDlgItem
GetDlgCtrlID
GetDesktopWindow
GetDC
GetCursorPos
GetClassNameA
GetClassInfoExA
GetActiveWindow
FillRect
EndPaint
EndDialog
DialogBoxIndirectParamA
DestroyWindow
DestroyAcceleratorTable
DefWindowProcA
CreateWindowExA
CreateAcceleratorTableA
CharNextA
BeginPaint
SetCursor
SetCapture
SendMessageA
ReleaseDC
ReleaseCapture
RegisterWindowMessageA
GetParent
RedrawWindow
GetClientRect

gdi32

GetStockObject
SetWindowOrgEx
SetTextColor
SetTextAlign
SetMiterLimit
SetGraphicsMode
SetBkMode
SelectClipPath
SaveDC
RestoreDC
GetDeviceCaps
DeleteObject
DeleteDC
DPtoLP
CreateSolidBrush
CreateFontIndirectA
CreateCompatibleDC
CreateCompatibleBitmap
CloseEnhMetaFile
PtVisible
BitBlt
ModifyWorldTransform

comctl32

ord17

advapi32

RegDeleteValueA
RegCloseKey
RegSetValueExA
RegQueryValueExA
RegQueryInfoKeyA
RegOpenKeyExA
RegEnumKeyExA
RegCreateKeyExA
RegDeleteKeyA

oleaut32

LoadRegTypeLi
LoadTypeLi
OleCreateFontIndirect
SafeArrayAllocDescriptor
SysAllocString
SysAllocStringLen
SysStringLen
VarUI4FromStr
VariantInit

Exports

Exports

CreateNPatchMesh
CreateVolumeTextureFromFileA
FileInfo
GeneratePMesh
LoadSurfaceFromSurface
ReadFileExtensions
SHDot
SHRotateZ
SaveMeshHierarchyToFileW
SaveSurfaceToFileInMemory
StartDecompressBuffer
Vec4Transform
VecStopFeedLoad
mpegSplitSeekTime

Sections

.text
Size: 52KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 122KB - Virtual size: 122KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4d5085237010bb1de1b8d2e233f4b1be

Headers

File Characteristics

Imports

kernel32

ddraw

shell32

user32

gdi32

comctl32

advapi32

oleaut32

Exports

Exports

Sections

.text Size: 52KB - Virtual size: 51KB

.rdata Size: 122KB - Virtual size: 122KB

.data Size: 43KB - Virtual size: 43KB

.rsrc Size: 51KB - Virtual size: 51KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 52KB - Virtual size: 51KB

.rdata
Size: 122KB - Virtual size: 122KB

.data
Size: 43KB - Virtual size: 43KB

.rsrc
Size: 51KB - Virtual size: 51KB

.reloc
Size: 3KB - Virtual size: 2KB