455cdffd28571a79a6d4b82eaf8b30f7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

455cdffd28571a79a6d4b82eaf8b30f7_JaffaCakes118
Size

248KB
MD5

455cdffd28571a79a6d4b82eaf8b30f7
SHA1

f231218fddd8156098081d5a40cd97b33d0b69d6
SHA256

5e555e3abf958c03b01310fcf56c528937c9969a31c302c3eb7817ff94a94072
SHA512

da2da50721dfc366eed6d4b421015e77b357db5ec067b835f692dd7e8d91fe943efe6062c60e477c4d71735262c68a7dabba0fee508945ba4b94880bd15522e4
SSDEEP

6144:m/NpWPtOIpeunxSVM6gqwKL14UJQqZlle3oiT:agPtOIYpVM65J4UJQgleYiT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
455cdffd28571a79a6d4b82eaf8b30f7_JaffaCakes118

Files

455cdffd28571a79a6d4b82eaf8b30f7_JaffaCakes118
.dll windows:4 windows x86 arch:x86

32698a8660e9425fd6a850f7a41d087c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

SendMessageTimeoutW
SendDlgItemMessageW
PeekMessageW
OffsetRect
LoadMenuW
LoadIconW
SendMessageW
GetMonitorInfoW
GetDC
GetAsyncKeyState
GetActiveWindow
FindWindowW
EnableWindow
DefWindowProcW
CharToOemBuffA
SetCursor
SetFocus
SetRect
UpdateWindow
WinHelpW
GetNextDlgTabItem
CallNextHookEx

ole32

OleRegGetUserType
OleInitialize
CreateILockBytesOnHGlobal
CoTaskMemFree
CLSIDFromString
ReleaseStgMedium
StgCreateDocfileOnILockBytes
StringFromCLSID
OleUninitialize

gdi32

RectVisible
GetTextMetricsW
GetTextExtentPoint32W
GetTextColor
GetStockObject
GetPaletteEntries
Rectangle
GetDeviceCaps
GetBkColor
ExtTextOutW
Escape
DeleteObject
DPtoLP
CreateSolidBrush
ScaleWindowExtEx
SelectObject
SetBkMode
SetDCBrushColor
SetPixel
SetTextColor
TextOutW
GetObjectW
PtVisible
CreatePen
CreateCompatibleDC
CreateDCW
CreateFontIndirectW
CreateICW

kernel32

GetShortPathNameW
GetSystemTimeAsFileTime
GetUserDefaultLCID
GetVersionExA
GlobalAddAtomW
GlobalAlloc
GlobalFree
GlobalGetAtomNameW
HeapAlloc
HeapCreate
InterlockedIncrement
LoadLibraryExA
LoadLibraryExW
GetLastError
LoadLibraryW
MulDiv
MultiByteToWideChar
SetThreadPriority
SetUnhandledExceptionFilter
TerminateProcess
lstrcmpW
lstrlenW
GetModuleHandleA
AddAtomW
CreateEventW
CreateFileW
DeleteAtom
ExitProcess
GetCommandLineA
GetCurrentThreadId
GetDateFormatW

msvcrt

_onexit
_wcsdup
exit
memmove
setlocale
wcscmp
wcscoll
wcslen
_initterm
__wgetmainargs
__setusermatherr
__set_app_type
__p__fmode
__p__commode
__dllonexit
__CxxFrameHandler
_XcptFilter
_controlfp
_cexit
_c_exit
wcstod
_adjust_fdiv

shlwapi

PathFindFileNameW

shell32

DragFinish
DragQueryFileW
SHGetSettings
SHGetSpecialFolderPathW
ShellAboutW
ShellExecuteExW

advapi32

RegCloseKey
RegDeleteKeyW
RegOpenKeyExA
RegOpenKeyExW
RegQueryValueExA
RegQueryValueExW
RegSetValueExW
RegCreateKeyExW

comdlg32

CommDlgExtendedError
GetOpenFileNameW
GetSaveFileNameW
ChooseFontW

Exports

Exports

D3D10ResourceGetMappedPitch
DevelopLogPosToNormalPos
EnumRelCamSettingReset
GLUnregisterBufferObject
GetDevSplineArray
GetExtractJpegSize_ByModelName
GetIIMInfoCount
GetSplineArrayEx
GraphicsResourceGetMappedPointer
HostAlloc
Memcpy2DFromArray

Sections

.text
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

32698a8660e9425fd6a850f7a41d087c

Headers

File Characteristics

Imports

user32

ole32

gdi32

kernel32

msvcrt

shlwapi

shell32

advapi32

comdlg32

Exports

Exports

Sections

.text Size: 164KB - Virtual size: 164KB

.data Size: 72KB - Virtual size: 112KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 164KB - Virtual size: 164KB

.data
Size: 72KB - Virtual size: 112KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 4KB