42956dc9d43fbb2caed942177fc0f7d8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

42956dc9d43fbb2caed942177fc0f7d8_JaffaCakes118
Size

248KB
MD5

42956dc9d43fbb2caed942177fc0f7d8
SHA1

d20e033b231c6d427e9165936354f317edc27aa6
SHA256

fd18f611dd1da4a116e2b56767f2af49d1bad03dec608940129ac778c9c1067d
SHA512

f37c5d8488b221fff9a86655faada382830c47638b8e564bc0bca96919b528ffeb1806f7b76a5d6ba5f5c1ae056a6379351b5a3a7ed0a97e66e60e8bbbbd5735
SSDEEP

6144:gCpJPMbj/XfFHlYqftJeL1t4UbPj2s5258qAmUEYi:gYJ0bj/XfP3ef42PSsY8BDi

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
42956dc9d43fbb2caed942177fc0f7d8_JaffaCakes118

Files

42956dc9d43fbb2caed942177fc0f7d8_JaffaCakes118
.dll windows:4 windows x86 arch:x86

cc36e34beac4ecdc18aca75b43ae1dc1

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetLastError
lstrlenW
lstrcmpW
TerminateProcess
SetUnhandledExceptionFilter
SetThreadPriority
MultiByteToWideChar
MulDiv
LoadLibraryW
LoadLibraryExW
LoadLibraryExA
InterlockedIncrement
HeapCreate
HeapAlloc
GlobalGetAtomNameW
GlobalFree
GlobalAlloc
GlobalAddAtomW
GetVersionExA
GetUserDefaultLCID
GetSystemTimeAsFileTime
GetShortPathNameW
GetDateFormatW
GetCurrentThreadId
GetCommandLineA
ExitProcess
DeleteAtom
CreateFileW
CreateEventW
GetModuleHandleA
AddAtomW

msvcrt

_wcsdup
__CxxFrameHandler
__dllonexit
__p__commode
__p__fmode
__set_app_type
__setusermatherr
__wgetmainargs
wcstod
wcslen
wcscoll
wcscmp
setlocale
memmove
exit
_adjust_fdiv
_onexit
_initterm
_controlfp
_cexit
_c_exit
_XcptFilter

ole32

CLSIDFromString
CoTaskMemFree
CreateILockBytesOnHGlobal
OleInitialize
OleRegGetUserType
StgCreateDocfileOnILockBytes
StringFromCLSID
ReleaseStgMedium
OleUninitialize

comdlg32

GetSaveFileNameW
GetOpenFileNameW
CommDlgExtendedError
ChooseFontW

advapi32

RegCloseKey
RegDeleteKeyW
RegOpenKeyExA
RegOpenKeyExW
RegQueryValueExA
RegQueryValueExW
RegSetValueExW
RegCreateKeyExW

user32

CallNextHookEx
CharToOemBuffA
DefWindowProcW
EnableWindow
FindWindowW
GetActiveWindow
GetAsyncKeyState
GetDC
GetMonitorInfoW
GetNextDlgTabItem
LoadIconW
LoadMenuW
OffsetRect
PeekMessageW
SendDlgItemMessageW
SendMessageTimeoutW
SendMessageW
SetCursor
SetFocus
SetRect
UpdateWindow
WinHelpW

shell32

SHGetSpecialFolderPathW
DragQueryFileW
ShellExecuteExW
ShellAboutW
SHGetSettings
DragFinish

gdi32

ScaleWindowExtEx
CreateCompatibleDC
CreateDCW
CreateFontIndirectW
CreateICW
CreatePen
CreateSolidBrush
DPtoLP
DeleteObject
Escape
ExtTextOutW
GetBkColor
GetDeviceCaps
GetObjectW
GetPaletteEntries
GetStockObject
GetTextColor
GetTextExtentPoint32W
GetTextMetricsW
PtVisible
RectVisible
Rectangle
SetTextColor
TextOutW
SelectObject
SetPixel
SetDCBrushColor
SetBkMode

shlwapi

PathFindFileNameW

Exports

Exports

BAOOpenFile
D3D9UnmapResources
GetLimitation
GetSupportParamValueHead

Sections

.text
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

cc36e34beac4ecdc18aca75b43ae1dc1

Headers

File Characteristics

Imports

kernel32

msvcrt

ole32

comdlg32

advapi32

user32

shell32

gdi32

shlwapi

Exports

Exports

Sections

.text Size: 164KB - Virtual size: 164KB

.data Size: 72KB - Virtual size: 112KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 164KB - Virtual size: 164KB

.data
Size: 72KB - Virtual size: 112KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 4KB