3c5681c63e6f3cda7a61486c060760b2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3c5681c63e6f3cda7a61486c060760b2_JaffaCakes118
Size

134KB
MD5

3c5681c63e6f3cda7a61486c060760b2
SHA1

3052f25bab2bb354555f7a40460529c9735eaf3a
SHA256

99cd77f71fa82495cbcffcb295446bdf41ab963d75978ce2e61ddf6847f5bd96
SHA512

b63c79f11a0e64cf3f4d03a71b916addb96ae3cc9d2cf9f10c4295d97d8f6ead521854bf0ebf6cb815c2870592345490e01449e453bc2457e75312a133c7a487
SSDEEP

1536:EWg12TJ542a+JMC58roni82jpg/Ypw3UbMEotxy4EAU5bqERgmKYnC5:EWg1T2iC58rU5paB4EAUdRgp8w

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3c5681c63e6f3cda7a61486c060760b2_JaffaCakes118

Files

3c5681c63e6f3cda7a61486c060760b2_JaffaCakes118
.dll windows:1 windows x86 arch:x86

3b4694dbc2a2db41d86f1e7cca58421e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DEBUG_STRIPPED
IMAGE_FILE_DLL

Imports

comctl32

ImageList_Destroy
ImageList_ReplaceIcon
InitCommonControlsEx
ImageList_Remove
ImageList_GetIcon
ImageList_LoadImageA

gdi32

BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
CreateFontIndirectA
CreateSolidBrush
DeleteDC
DeleteObject
GetDeviceCaps
GetStockObject
GetTextMetricsA
MoveToEx
SelectObject
SetBkColor
SetBkMode
SetTextAlign
SetTextColor

kernel32

CloseHandle
CreateFileA
EnumResourceNamesA
ExitProcess
FindClose
FindFirstFileA
FindNextFileA
GetCommandLineA
GetFileAttributesA
GetFileSize
GetFileType
GetLastError
GetModuleHandleA
GetProcAddress
GetStartupInfoA
GetVersionExA
GetVolumeInformationA
GlobalAlloc
GlobalFree
GlobalReAlloc
LoadLibraryA
MultiByteToWideChar
ReadFile
SetEndOfFile
SetErrorMode
SetFilePointer
SetLastError
Sleep
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
WideCharToMultiByte
WriteFile
FreeLibrary
GetPrivateProfileStringA
WritePrivateProfileStringA
RtlMoveMemory

ole32

CLSIDFromProgID
CoCreateInstance
CoInitialize
CoUninitialize
ProgIDFromCLSID

oleaut32

GetActiveObject
SafeArrayCreate
SysAllocStringByteLen
SysFreeString
SysStringByteLen
VariantClear
VariantCopy

user32

CallWindowProcA
CharUpperBuffA
CheckRadioButton
ClientToScreen
CreateDialogIndirectParamA
CreateDialogParamA
CreateWindowExA
DestroyIcon
DestroyWindow
DialogBoxIndirectParamA
DispatchMessageA
EnableWindow
FillRect
GetClientRect
GetCursorPos
GetDC
GetDlgItem
GetMenu
GetMenuItemInfoA
GetSysColor
GetSysColorBrush
GetWindowLongA
GetWindowRect
GetWindowTextA
GetWindowTextLengthA
IsDialogMessageA
IsWindow
LoadImageA
MapDialogRect
MessageBoxA
PeekMessageA
PostMessageA
RedrawWindow
ReleaseDC
ScreenToClient
SendMessageA
SetFocus
SetForegroundWindow
SetWindowLongA
SetWindowPos
SetWindowTextA
ShowWindow
SystemParametersInfoA
TranslateMessage
DialogBoxParamA
GetAsyncKeyState
GetWindow

Exports

Exports

CALC941DEP
LOADGUI
REPORT941

Sections

.text
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.link
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3b4694dbc2a2db41d86f1e7cca58421e

Headers

File Characteristics

Imports

comctl32

gdi32

kernel32

ole32

oleaut32

user32

Exports

Exports

Sections

.text Size: 115KB - Virtual size: 114KB

.data Size: 9KB - Virtual size: 23KB

.link Size: 3KB - Virtual size: 3KB

.rloc Size: 5KB - Virtual size: 5KB

.text
Size: 115KB - Virtual size: 114KB

.data
Size: 9KB - Virtual size: 23KB

.link
Size: 3KB - Virtual size: 3KB

.rloc
Size: 5KB - Virtual size: 5KB