3d2e4c23e25a597c4a32782e9cfbd9d2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3d2e4c23e25a597c4a32782e9cfbd9d2_JaffaCakes118
Size

51KB
MD5

3d2e4c23e25a597c4a32782e9cfbd9d2
SHA1

4ec285f33dec53b1bdcd288bc92b8f9177c596ec
SHA256

836b90cec98eebccb1cbbcc58a8502b1f7112db54330e627690ce7bad45db5d3
SHA512

f876f9b1a50da7820a21a04131b851a1cf2d926dfbc9da0979474e3e1aba2b78fb9406a65c357b1a04e2b8ea2a4b918fa805895a842192d022d3f64c95d62477
SSDEEP

1536:nTntRCevUs+vcYvLIwOfwdf+SPpq9uCDZ+c:pRCevUs+vcYvrdxqn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3d2e4c23e25a597c4a32782e9cfbd9d2_JaffaCakes118

Files

3d2e4c23e25a597c4a32782e9cfbd9d2_JaffaCakes118
.dll windows:5 windows x86 arch:x86

5a892ab794729a2255694ddda34010c9

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

gdi32

GetStockObject
SetBkColor
CreateCompatibleBitmap

comctl32

CreatePropertySheetPageW
ImageList_Replace
_TrackMouseEvent
InitCommonControlsEx
ImageList_GetImageInfo

ntdll

NtOpenEventPair

msvcrt

__setusermatherr
memset
_wtoi64
_exit
wcstoul
__p__fmode
_ismbblead
_XcptFilter

user32

OffsetRect
LoadImageW
SetCapture
GetWindowThreadProcessId
OpenClipboard
LoadStringW
LoadIconW
DrawTextW
InsertMenuW
ShowWindow
PtInRect
CreateAcceleratorTableW
RegisterClassExW
EndDialog
GetClassInfoExW
DefWindowProcW
CharUpperW
GetCapture
RedrawWindow
IsChild
GetMenuItemCount
GetDesktopWindow
TrackPopupMenuEx
GetWindowTextLengthW
FrameRect
GetMenuItemInfoW

shell32

CommandLineToArgvW
SHCreateShellItem

gdiplus

GdipDisposeImageAttributes
GdipCreateImageAttributes
GdipCreateBitmapFromFile
GdipScaleMatrix
GdipSetPathGradientCenterColor
GdipFillRectangle
GdipGetImageWidth
GdipCreateHBITMAPFromBitmap
GdipAddPathRectangle
GdipBitmapUnlockBits
GdipCreateFont

kernel32

UnhandledExceptionFilter
GlobalLock
GetACP
InterlockedExchangeAdd
GetQueuedCompletionStatus
FindFirstVolumeW
ReadDirectoryChangesW
CreateThread
CloseHandle
GetSystemTimeAsFileTime
GetFileAttributesW
GetLastError
CreateWaitableTimerA
GetTickCount
SetLastError
InterlockedIncrement
lstrlenW
LoadLibraryW
SetLastError
CreateIoCompletionPort
VirtualAlloc

advapi32

RegisterTraceGuidsW

ole32

RevokeDragDrop
StringFromGUID2

Exports

Exports

GetAdapterOrderMap
CreateProcessNotify
GetIfEntry
GetBestRoute
AllocateAndGetIpAddrTableFromStack
GetOwnerModuleFromTcpEntry

Sections

.text
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 31KB - Virtual size: 31KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5a892ab794729a2255694ddda34010c9

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

comctl32

ntdll

msvcrt

user32

shell32

gdiplus

kernel32

advapi32

ole32

Exports

Exports

Sections

.text Size: 17KB - Virtual size: 17KB

.data Size: 31KB - Virtual size: 31KB

.rsrc Size: 512B - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 8KB

.text
Size: 17KB - Virtual size: 17KB

.data
Size: 31KB - Virtual size: 31KB

.rsrc
Size: 512B - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 8KB