45d09bd76eecf7156bd8246142c06881_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

45d09bd76eecf7156bd8246142c06881_JaffaCakes118
Size

436KB
MD5

45d09bd76eecf7156bd8246142c06881
SHA1

9ac394c1b9260939267841e91ec407d3fd252629
SHA256

44eef694328b9e4517d6c65133dc51e8818943f8f3200d55843767f40ddcf3c1
SHA512

527e56ab69c7727f0893dbbb8640a490c077523a9042ac32184da40bf3360628458aac1a1cd80a4f634b61430dccd6d008d69b2a4189de9c2364b318ea3ffab9
SSDEEP

12288:iE3rPMVLqffhzDHy4+ILMmn4Kiy8cO/4OhIJgoqxyx+slevGFi6SrbuDqL6xcGYX:iE3rPMV+fpfHjlUxgSv56SXwq+xW

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
45d09bd76eecf7156bd8246142c06881_JaffaCakes118

Files

45d09bd76eecf7156bd8246142c06881_JaffaCakes118
.dll windows:4 windows x86 arch:x86

f65f3268243a846c0ce26dd4e0bb49a8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

pncrt

printf
_mbctype
_adjust_fdiv
_initterm
__dllonexit
_telli64
_lseeki64
_chsize
_fstat
_ftol
strtod
isdigit
_onexit
_errno
_vsnprintf
tolower
memmove
atof
atol
sscanf
_purecall
strtok
rand
fopen
fread
isspace
fclose
realloc
malloc
wcslen
abort
strchr
toupper
atoi
strtol
qsort
strncmp
strrchr
_stricmp
free
_strdup
strncpy
strstr
sprintf
??2@YAPAXI@Z
??3@YAXPAX@Z
_unlink
_write
_read
_tell
_lseek
_sopen
_open
_creat
_close
_putenv
_strnicmp
_itoa
_stat
_strcmpi
_strlwr
_strupr

ole32

CoCreateInstance
CoUninitialize
CoInitialize

kernel32

GlobalUnlock
SetErrorMode
GetSystemInfo
GetVersionExA
GlobalAlloc
DisableThreadLibraryCalls
GetTempFileNameA
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
GetTempPathA
InterlockedDecrement
InterlockedIncrement
GetLastError
FreeLibrary
GetModuleFileNameA
GetCurrentThreadId
GetProcAddress
LoadLibraryA
GlobalFree
MulDiv
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
lstrlenA
GlobalLock
WideCharToMultiByte
MultiByteToWideChar
GetVersion
CloseHandle
GetFileSize
CreateFileA

user32

GetMenu
GetWindowLongA
DrawTextA
GetIconInfo
FillRect
AdjustWindowRectEx
GetKeyState
GetWindowThreadProcessId
RedrawWindow
SetRect
CreateCursor
SystemParametersInfoA
GetSysColor
CharNextA
RegisterClassA
RegisterWindowMessageA
PeekMessageA
GetMessageA
TranslateMessage
DispatchMessageA
DeferWindowPos
BeginDeferWindowPos
EnableWindow
GetFocus
DestroyCursor
RegisterClassExA
GetWindowRect
GetUpdateRect
GetDC
ReleaseDC
BeginPaint
EndPaint
GetActiveWindow
SetCursor
InvalidateRect
GetDesktopWindow
GetMenuItemInfoA
GetClientRect
WindowFromPoint
PtInRect
IsChild
KillTimer
PostMessageA
IsWindow
DestroyWindow
CreateWindowExA
GetWindow
CallNextHookEx
GetCursorPos
SendMessageA
EndDeferWindowPos
WaitMessage
PostQuitMessage
SetFocus
ChildWindowFromPointEx
GetClassNameA
IsWindowEnabled
MapWindowPoints
GetTopWindow
GetMenuItemCount
SetActiveWindow
SetWindowPos
UnhookWindowsHookEx
UnregisterClassA
GetParent
SetCursorPos
GetSystemMetrics
ShowCursor
SetWindowsHookExA
SetWindowLongA
LoadIconA
LoadCursorA
SetCapture
ReleaseCapture
GetDlgItem
CallWindowProcA
DefWindowProcA
ScreenToClient
ClientToScreen
SetWindowRgn
SetTimer
EnumChildWindows

advapi32

RegEnumKeyA
RegOpenKeyExA
RegQueryValueExA
RegOpenKeyA
RegDeleteValueA
RegCloseKey
RegDeleteKeyA
RegCreateKeyA
RegSetValueA
RegQueryValueA
RegSetValueExA
RegEnumKeyExA

gdi32

IntersectClipRect
SetTextColor
BitBlt
SetBkMode
SetBkColor
GetTextExtentPoint32A
CreateDIBSection
SelectObject
CreateCompatibleDC
SetPixel
CreateSolidBrush
GetBitmapBits
GetObjectA
CreateDIBitmap
SetBitmapBits
PatBlt
CreateBitmap
CreateCompatibleBitmap
GetDIBits
CreateRectRgn
CombineRgn
GetClipRgn
SelectClipRgn
DeleteObject
GetPixel
CreateFontIndirectA
DeleteDC

comctl32

ord17

shell32

DragQueryPoint
DragQueryFileA
ExtractIconExA
DragFinish

oleaut32

VariantInit
SysAllocString
VariantClear

Exports

Exports

RMACreateInstance
RMAShutdown
SetDLLAccessPath

Sections

.text
Size: 348KB - Virtual size: 344KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 40KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 960B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 132KB - Virtual size: 132KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f65f3268243a846c0ce26dd4e0bb49a8

Headers

File Characteristics

Imports

pncrt

ole32

kernel32

user32

advapi32

gdi32

comctl32

shell32

oleaut32

Exports

Exports

Sections

.text Size: 348KB - Virtual size: 344KB

.rdata Size: 40KB - Virtual size: 36KB

.data Size: 16KB - Virtual size: 12KB

.rsrc Size: 4KB - Virtual size: 960B

.reloc Size: 24KB - Virtual size: 20KB

.text Size: 132KB - Virtual size: 132KB

.text
Size: 348KB - Virtual size: 344KB

.rdata
Size: 40KB - Virtual size: 36KB

.data
Size: 16KB - Virtual size: 12KB

.rsrc
Size: 4KB - Virtual size: 960B

.reloc
Size: 24KB - Virtual size: 20KB

.text
Size: 132KB - Virtual size: 132KB