3c6e6f8195ea78b97095a69cc4f71602_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3c6e6f8195ea78b97095a69cc4f71602_JaffaCakes118
Size

272KB
MD5

3c6e6f8195ea78b97095a69cc4f71602
SHA1

eb6efccc2d7ac85422d75dcd7346fe30c929927f
SHA256

b32dc3779e444a33a583f9ae97d8a12e4467d3839b3287e96e7cbe92c6342344
SHA512

c3873515998117f741a501fbe1b8ecb6947d5f72bae20e8860b19eb3a9a21e50713089458b4df2df94670a87b63d123f4ac73631458005fde6a5bf644b824e00
SSDEEP

6144:jsDFERomTJbZFb3iF/Ui0kEVFI4K0LR7esoOjmOPKqLAwudt0pT+Ff4uc:jiFEa2xrIUiVo1I3XgSvsTf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c6e6f8195ea78b97095a69cc4f71602_JaffaCakes118

Files

3c6e6f8195ea78b97095a69cc4f71602_JaffaCakes118
.dll windows:4 windows x86 arch:x86

851a99f0b43f638dcacd5aa9da1279fe

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

IsProcessorFeaturePresent
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadResource
LockResource
MulDiv
MultiByteToWideChar
QueryPerformanceCounter
RaiseException
SetLastError
IsDBCSLeadByte
VirtualAlloc
VirtualFree
VirtualProtect
WideCharToMultiByte
lstrcmpA
lstrcmpiA
lstrcpynA
lstrlenA
lstrlenW
InterlockedIncrement
InterlockedExchange
InterlockedDecrement
InterlockedCompareExchange
InitializeCriticalSection
HeapFree
HeapAlloc
GlobalUnlock
GlobalLock
GlobalHandle
GlobalFree
GlobalAlloc
GetVersionExA
GetTickCount
GetThreadLocale
GetSystemTimeAsFileTime
GetProcessPriorityBoost
GetProcessHeap
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetLocaleInfoA
GetLastError
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GetACP
DeleteCriticalSection
FreeLibrary
FlushInstructionCache
FindResourceA
ExitProcess
EnterCriticalSection
DisableThreadLibraryCalls
SizeofResource

ddraw

GetSurfaceFromDC
DDInternalUnlock

advapi32

RegDeleteValueA
RegSetValueExA
RegQueryValueExA
RegQueryInfoKeyA
RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
RegEnumKeyExA
RegOpenKeyExA

user32

SendMessageA
SetCapture
SetCursor
SetFocus
SetWindowContextHelpId
SetWindowLongA
SetWindowPos
ReleaseDC
UnregisterClassA
WINNLSGetEnableStatus
wsprintfA
ReleaseCapture
RegisterWindowMessageA
RegisterClassExA
RedrawWindow
PtInRect
GetParent
MessageBoxA
MapDialogRect
GetFocus
GetDlgItem
LoadStringA
LoadCursorA
IsWindow
IsChild
InvalidateRgn
InvalidateRect
GetWindowTextA
GetWindowRect
GetWindowLongA
GetWindow
GetTopWindow
GetSysColor
SetWindowTextA
GetDlgCtrlID
GetDesktopWindow
GetDC
GetCursorPos
GetClientRect
GetClassInfoExA
GetAsyncKeyState
GetActiveWindow
EndPaint
EndDialog
EnableWindow
DialogBoxIndirectParamA
DestroyWindow
DefWindowProcA
CreateWindowExA
CreateAcceleratorTableA
CharNextA
CallWindowProcA
BeginPaint
GetClassNameA

shell32

SHLoadNonloadedIconOverlayIdentifiers
SHGetMalloc
SHFreeNameMappings
SHExtractIconsW
SHBindToParent
DragAcceptFiles
SHGetSpecialFolderLocation

comctl32

ord17

oleaut32

VariantInit
VariantClear
VarUI4FromStr
VarR8FromI2
SysStringLen
SysStringByteLen
SysFreeString
SysAllocString
OleCreateFontIndirect
LoadTypeLi
LoadRegTypeLi
BstrFromVector

gdi32

SelectObject
SelectPalette
SaveDC
SetTextColor
SetViewportOrgEx
SetWindowOrgEx
Polygon
ModifyWorldTransform
GetStockObject
GetObjectA
GetDeviceCaps
DeleteMetaFile
DeleteDC
DPtoLP
CreateSolidBrush
CreateFontIndirectA
CreateCompatibleDC
BitBlt
SetBkMode

Exports

Exports

CreateCubeTextureFromResourceW
CreateEffectFromResourceExA
CreateLine
CreatePRTEngine
LoadSurfaceFromResourceW
MatrixOrthoOffCenterLH
Vec3Unproject
mpegInNew

Sections

.text
Size: 50KB - Virtual size: 49KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 136KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 38KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

851a99f0b43f638dcacd5aa9da1279fe

Headers

File Characteristics

Imports

kernel32

ddraw

advapi32

user32

shell32

comctl32

oleaut32

gdi32

Exports

Exports

Sections

.text Size: 50KB - Virtual size: 49KB

.rdata Size: 136KB - Virtual size: 136KB

.data Size: 43KB - Virtual size: 43KB

.rsrc Size: 38KB - Virtual size: 38KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 50KB - Virtual size: 49KB

.rdata
Size: 136KB - Virtual size: 136KB

.data
Size: 43KB - Virtual size: 43KB

.rsrc
Size: 38KB - Virtual size: 38KB

.reloc
Size: 3KB - Virtual size: 2KB