3a2df6b82d08bfe3a1085607c797fbbb_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

3a2df6b82d08bfe3a1085607c797fbbb_JaffaCakes118
Size

192KB
MD5

3a2df6b82d08bfe3a1085607c797fbbb
SHA1

41f9239834267519b86246070afe24e2d63a5967
SHA256

2cf7959f73d907e8b9c9eb27a4da7940ce8fcd79bc582281eac7e624391dc12f
SHA512

46fa6be3470d976e9d837a654eefd69223e0efc8169633a66471014ba2030159a22b4cb528cbbe756d9878c634887499bbb47eb772d888fc9b99301fc88e1c54
SSDEEP

3072:L2Y3I+bzJDHMXX32BUzmdET8xqo4Hw5VEgvHIjkXx:LI+bVsnUUz6RV7YkX

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3a2df6b82d08bfe3a1085607c797fbbb_JaffaCakes118

Files

3a2df6b82d08bfe3a1085607c797fbbb_JaffaCakes118
.dll windows:4 windows x86 arch:x86

ffb8c84b6fb74170b32f30a6d2f0db39

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

setupapi

SetupInstallFileA
SetupIterateCabinetA

kernel32

TlsAlloc
GlobalFree
GlobalUnlock
GlobalHandle
TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
SetErrorMode
GetVersion
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetProcessVersion
GlobalFlags
FileTimeToSystemTime
FileTimeToLocalFileTime
WritePrivateProfileStringA
GetCPInfo
GetOEMCP
RtlUnwind
RaiseException
GetFileType
HeapFree
HeapAlloc
ExitThread
GetCommandLineA
CreateDirectoryA
SetStdHandle
ExitProcess
LocalAlloc
HeapReAlloc
GetTimeZoneInformation
GetACP
SetUnhandledExceptionFilter
SetHandleCount
GetStdHandle
GetStartupInfoA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
GetExitCodeProcess
CreateProcessA
CompareStringA
CompareStringW
SetEnvironmentVariableA
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
GetCurrentThread
GetFileTime
GetFileSize
lstrcmpiA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
CreateFileA
GetCurrentProcess
DuplicateHandle
lstrcpynA
SetLastError
LocalFree
MultiByteToWideChar
WideCharToMultiByte
SuspendThread
SetThreadPriority
TerminateProcess
GetLastError
CreateEventA
WaitForMultipleObjects
CloseHandle
CopyFileA
lstrlenA
SetEvent
InterlockedDecrement
InterlockedIncrement
ResetEvent
TerminateThread
Sleep
DeleteCriticalSection
InitializeCriticalSection
WaitForSingleObject
GetCurrentThreadId
GetFileAttributesA
CreateThread
ResumeThread
MoveFileA
lstrcpyA
lstrcatA
DeleteFileA
EnterCriticalSection
LeaveCriticalSection
FreeLibrary
GetModuleHandleA
GetModuleFileNameA
LoadLibraryA
GetProcAddress
HeapSize
InterlockedExchange

user32

CopyRect
GetClientRect
AdjustWindowRectEx
SetFocus
GetSysColor
MapWindowPoints
LoadIconA
SetWindowTextA
ShowWindow
LoadCursorA
GetSysColorBrush
ReleaseDC
GetDC
GetClassNameA
PtInRect
ClientToScreen
LoadStringA
TabbedTextOutA
DrawTextA
GrayStringA
DestroyMenu
GetTopWindow
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgItem
GetWindowTextA
GetDlgCtrlID
DefWindowProcA
DestroyWindow
CreateWindowExA
GetClassLongA
SetPropA
GetPropA
CallWindowProcA
RemovePropA
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowLongA
SetWindowPos
RegisterWindowMessageA
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
UnregisterClassA
UnhookWindowsHookEx
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
MessageBoxA
EnableWindow
SetCursor
PostQuitMessage
GetSystemMetrics
CharUpperA
wsprintfA
TranslateMessage
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
GetCursorPos
SetWindowsHookExA
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
PeekMessageA
GetParent
PostMessageA
IsWindow
SetMenuItemBitmaps
CheckMenuItem
SendMessageA
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
DispatchMessageA
PostThreadMessageA

gdi32

SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetObjectA
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
DeleteObject
GetClipBox
CreateBitmap
SetBkColor
SetTextColor
GetDeviceCaps

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegOpenKeyExA
RegCloseKey
RegCreateKeyExA
RegQueryValueExA
RegSetValueExA

shell32

SHGetSpecialFolderPathA

comctl32

ord17

ole32

CoUninitialize
CoTaskMemFree
CoCreateInstance
CoInitializeEx

urlmon

URLDownloadToFileA

wininet

DeleteUrlCacheEntry

Exports

Exports

AddScanDir
GetDefinitions
InitBDEngine
RemoveAllScanDirs
RemoveScanDir
ScanFile
SetGDCallBack
SetSFCallBack
SetVCallBack
StartScanning
StopGetDefinitions
StopScanning
UninitBDEngine

Sections

.text
Size: 124KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ffb8c84b6fb74170b32f30a6d2f0db39

Headers

File Characteristics

Imports

setupapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

ole32

urlmon

wininet

Exports

Exports

Sections

.text Size: 124KB - Virtual size: 122KB

.rdata Size: 28KB - Virtual size: 24KB

.data Size: 8KB - Virtual size: 20KB

.rsrc Size: 12KB - Virtual size: 10KB

.reloc Size: 16KB - Virtual size: 13KB

.text
Size: 124KB - Virtual size: 122KB

.rdata
Size: 28KB - Virtual size: 24KB

.data
Size: 8KB - Virtual size: 20KB

.rsrc
Size: 12KB - Virtual size: 10KB

.reloc
Size: 16KB - Virtual size: 13KB