3be4db4f10282b31479bce68868cc473_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3be4db4f10282b31479bce68868cc473_JaffaCakes118
Size

92KB
MD5

3be4db4f10282b31479bce68868cc473
SHA1

a5a000e6250f4bcb936475a500616a04b08214db
SHA256

ecba9b7649577912cc82527e8bb566a1628ed9200adebeeae3e9570415812fe2
SHA512

3dcb4d3757880b4eaad26d1201f604e4a508673820efc28bce15c64476d3e51fd35806e4df61f2f093322356942a5b37111f657eccb3baf21ac9d9e31fc7c4ac
SSDEEP

1536:57A1EWT/uI+GywUjQYJiPmVcyaLhvTgDLZyeLzx+P6Deli/A61A:2d7uI+zJiTBLx4LZICDeli/M

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3be4db4f10282b31479bce68868cc473_JaffaCakes118

Files

3be4db4f10282b31479bce68868cc473_JaffaCakes118
.dll windows:4 windows x86 arch:x86

3685aad5835705282eabcafccfec1b9e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

c:\Documents and Settings\jlam\Desktop\Slider\IESliderWin32\Release\IESliderWin32.pdb

Imports

kernel32

GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
DeleteCriticalSection
InitializeCriticalSection
RaiseException
LCMapStringW
LCMapStringA
GetStringTypeW
GetLastError
WideCharToMultiByte
lstrlenW
MultiByteToWideChar
EnterCriticalSection
LeaveCriticalSection
FlushInstructionCache
GetCurrentProcess
HeapFree
GetProcessHeap
HeapAlloc
GetCurrentThreadId
lstrlenA
GlobalUnlock
GlobalLock
GlobalAlloc
InterlockedIncrement
SetEvent
InterlockedDecrement
GetModuleFileNameA
MulDiv
lstrcmpA
RtlUnwind
ExitProcess
GetCommandLineA
HeapReAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
TlsAlloc
SetLastError
TlsFree
TlsSetValue
TlsGetValue
GetProcAddress
GetModuleHandleA
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
TerminateProcess
HeapSize
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
WriteFile
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetOEMCP
GetCPInfo
LoadLibraryA
GetStringTypeA

user32

wsprintfA
GetClientRect
SetWindowTextA
GetWindowTextA
GetWindowTextLengthA
RegisterWindowMessageA
CallWindowProcA
PostThreadMessageA
IsWindow
GetSysColor
ReleaseCapture
SetCapture
FillRect
GetDC
ReleaseDC
InvalidateRect
InvalidateRgn
GetDesktopWindow
SetFocus
GetClassInfoExA
IsChild
GetFocus
DestroyAcceleratorTable
GetDlgItem
GetParent
GetClassNameA
CharNextA
CreateAcceleratorTableA
CreateWindowExA
SetWindowLongA
LoadCursorA
RegisterClassExA
DefWindowProcA
GetWindowLongA
BeginPaint
EndPaint
PostQuitMessage
UnregisterClassA
SystemParametersInfoA
GetWindow
SendMessageA
ShowWindow
DestroyWindow
SetWindowPos
SetTimer
MoveWindow
GetWindowRect
RedrawWindow

shell32

SHAppBarMessage

oleaut32

SysFreeString
SysStringByteLen
LoadTypeLi
LoadRegTypeLi
DispCallFunc
SysStringLen
SysAllocString
VariantInit
VariantClear
SysAllocStringLen
OleCreateFontIndirect

gdi32

CreateSolidBrush
SelectObject
DeleteDC
CreateCompatibleBitmap
CreateCompatibleDC
BitBlt
GetDeviceCaps
GetObjectA
GetStockObject
DeleteObject

ole32

CLSIDFromProgID
CLSIDFromString
CoCreateGuid
OleLockRunning
CoTaskMemAlloc
StringFromGUID2
CoCreateInstance
OleUninitialize
OleInitialize
CreateStreamOnHGlobal
CoUninitialize
CoInitialize
CoGetClassObject

Exports

Exports

IESlider

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3685aad5835705282eabcafccfec1b9e

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

shell32

oleaut32

gdi32

ole32

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 59KB

.rdata Size: 16KB - Virtual size: 12KB

.data Size: 4KB - Virtual size: 7KB

.reloc Size: 8KB - Virtual size: 6KB

.text
Size: 60KB - Virtual size: 59KB

.rdata
Size: 16KB - Virtual size: 12KB

.data
Size: 4KB - Virtual size: 7KB

.reloc
Size: 8KB - Virtual size: 6KB