3989eec4efa00c046c01905f83da6bb2_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3989eec4efa00c046c01905f83da6bb2_JaffaCakes118
Size

916KB
MD5

3989eec4efa00c046c01905f83da6bb2
SHA1

2c69231834a628202d41f342e8895ad18e6fdd54
SHA256

d4e8e5ba9877801bc09dd0407f3dc00c838f1611388a6e6b63552029d7520b7d
SHA512

34621942aec3ed9add62276a1829256c4f3903eb59e82c184a57c2cb175623e223cdbbd2fb5ab65aa6a2c634fecf8130bae7e0dc5cf32d568360527fccf899fb
SSDEEP

24576:joTX+2zZTpZF7mkbTe7fw8Xhyo/hbEwx8j6UvTctep:jSHZT7ba7tXD/hbvxW3l

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3989eec4efa00c046c01905f83da6bb2_JaffaCakes118

Files

3989eec4efa00c046c01905f83da6bb2_JaffaCakes118
.dll windows:5 windows x86 arch:x86

35e957acd78709d0407b0f7e5604dab1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrlenW
FreeLibrary
ExitProcess
LoadLibraryExW
lstrcatW
GetVersion
CreateProcessW
lstrcmpiW
GetFullPathNameW
lstrcpyW
Sleep
SearchPathW
GetSystemDirectoryW
WriteFile
GetPrivateProfileStringW
ExpandEnvironmentStringsW
GetProcAddress
WaitForSingleObject
CopyFileW
CreateDirectoryW
lstrcpynA
GetTempFileNameW
GlobalLock
GetShortPathNameW
lstrcmpW
GetTickCount
lstrcpynW
CreateThread
CreateFileW
ReadFile
MoveFileW
LoadLibraryA
SetErrorMode
WideCharToMultiByte
GetCommandLineW
SetCurrentDirectoryW
FindClose
GetModuleHandleW
HeapAlloc
HeapCreate
GetModuleHandleA
GetTempPathW
CloseHandle
lstrcpyA
GlobalUnlock
RemoveDirectoryW
OpenProcess
SetFilePointer
CompareFileTime
GlobalAlloc
MultiByteToWideChar
LoadLibraryW
WritePrivateProfileStringW
DeleteFileW
SetFileTime
GetVersionExW
SetFileAttributesW
GetFileAttributesW
GetExitCodeProcess
GlobalFree
GetDiskFreeSpaceW
lstrcmpiA
GetWindowsDirectoryW
GetLastError
MulDiv
GetModuleFileNameW
FindNextFileW
GetCurrentProcess
GetFileSize
FindFirstFileW
lstrlenA

user32

DefWindowProcW
CharNextW
GetMessagePos
LoadCursorW
LoadBitmapW
IsWindowVisible
GetSystemMetrics
IsWindow
CloseClipboard
CheckDlgButton
PostQuitMessage
OpenClipboard
SystemParametersInfoW
PeekMessageW
GetSysColor
DispatchMessageW
CharPrevW
EndDialog
ExitWindowsEx
AppendMenuW
TrackPopupMenu
SetWindowTextW
IsWindowEnabled
GetClassInfoW
GetSystemMenu
SetDlgItemTextW
wsprintfA
GetDlgItemTextW
GetWindowRect
SetClassLongW
LoadImageW
MessageBoxIndirectW
SetWindowPos
CharNextA
CharUpperW
DestroyWindow
EmptyClipboard
SendMessageW
CallWindowProcW
ScreenToClient
EndPaint
CreateDialogParamW
GetWindowLongW
SetWindowLongW
FindWindowExW
ShowWindow
wsprintfW
EnableMenuItem
DialogBoxParamW
SetTimer
RegisterClassW
GetDC
CreateWindowExW
FillRect
SendMessageTimeoutW
EnableWindow
SetClipboardData
SetForegroundWindow
InvalidateRect
BeginPaint
CreatePopupMenu
GetClientRect
DrawTextW
SetCursor
GetDlgItem

gdi32

CreateFontIndirectW
SetBkColor
SelectObject
SetBkMode
GetDeviceCaps
CreateBrushIndirect
DeleteObject
SetTextColor

advapi32

RegEnumValueW
RegDeleteValueW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegEnumKeyW
RegCloseKey
RegDeleteKeyW
RegQueryValueExW

shell32

ShellExecuteW
SHGetFileInfoW
SHGetPathFromIDListW
SHFileOperationW
SHBrowseForFolderW
SHGetSpecialFolderLocation

ole32

OleUninitialize
CoCreateInstance
CoTaskMemFree
OleInitialize

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

secur32

QuerySecurityPackageInfoA

wldap32

ord13

Sections

.text
Size: 129KB - Virtual size: 129KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.xyue
Size: 512B - Virtual size: 126B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 650KB - Virtual size: 650KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 127KB - Virtual size: 623KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

35e957acd78709d0407b0f7e5604dab1

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

comctl32

version

secur32

wldap32

Sections

.text Size: 129KB - Virtual size: 129KB

.xyue Size: 512B - Virtual size: 126B

.rdata Size: 650KB - Virtual size: 650KB

.data Size: 127KB - Virtual size: 623KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 129KB - Virtual size: 129KB

.xyue
Size: 512B - Virtual size: 126B

.rdata
Size: 650KB - Virtual size: 650KB

.data
Size: 127KB - Virtual size: 623KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 4KB - Virtual size: 4KB