5b589f37d5520b33c85a16e8fb163fb7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5b589f37d5520b33c85a16e8fb163fb7_JaffaCakes118
Size

71KB
MD5

5b589f37d5520b33c85a16e8fb163fb7
SHA1

e20ae24c48fb2880e364db3aa7ada932454186f1
SHA256

685a433f7e9446f134d8043a9fe64dcfb4809a8af3c87b7213b00b71bf6fba22
SHA512

b8e5f9cea11769a55da076d5d4891f98d5734fbea4d7bc0bc3275133c1e98486d7d177a8d7182015d9a3b183d74089e1fcd840d9eadd3ceb22aeb08e13d064ed
SSDEEP

1536:i1bj/SqbFArn74mMc9EwoaR/uCEHLAQu:mvSqpADUmMc9JozsQu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5b589f37d5520b33c85a16e8fb163fb7_JaffaCakes118

Files

5b589f37d5520b33c85a16e8fb163fb7_JaffaCakes118
.dll windows:5 windows x86 arch:x86

03f7449c549b76bae5ffc9df1bec7aaa

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

gdi32

LineDDA
EndPath
DeleteDC
SaveDC
BitBlt
CreateCompatibleDC
CreateICW
GetFontData
SelectPalette
CreateSolidBrush
GetLayout
GetTextExtentPointW
GetObjectA
OffsetRgn
StretchDIBits
CreateDiscardableBitmap
UpdateColors
DescribePixelFormat
GetMetaFileA
GetViewportOrgEx

kernel32

GetProcessHeap
GetPrivateProfileIntA
CreateSemaphoreA
MultiByteToWideChar
LocalAlloc
GetSystemInfo
lstrcmpW
GetModuleFileNameW
GetVersion
LoadLibraryExA
CreateWaitableTimerW
CreateMutexA
LCMapStringA
GetCPInfoExA
LocalFree
LoadLibraryA
FindResourceA
GetTickCount
GetLocaleInfoA
GetWindowsDirectoryW
SetEndOfFile
WaitForSingleObjectEx
GetCommConfig
GetCommandLineW
WaitForSingleObject
LeaveCriticalSection
GlobalUnlock

comdlg32

PrintDlgW
GetSaveFileNameA
ReplaceTextW
GetSaveFileNameW
ChooseColorW
GetFileTitleW
CommDlgExtendedError
PageSetupDlgW
ChooseFontW

comctl32

ImageList_Write
ImageList_Read
DestroyPropertySheetPage
ImageList_Draw
PropertySheetW
PropertySheetA
ImageList_Remove
ImageList_LoadImageW
ImageList_GetIconSize
ImageList_Destroy

crypt32

CertFindCertificateInStore
CryptHashPublicKeyInfo
CertFreeCertificateContext
CertCloseStore
CertOpenStore
CryptProtectData

msvcrt

tolower
memcpy
memset
setlocale
longjmp
fputs
fputws
srand
puts
fscanf
putc
getc
strtok
wcstol

user32

CreateAcceleratorTableA
SetCursorPos
GetMenu
InflateRect
DrawFocusRect
GetMenuItemRect
GetUpdateRect
DialogBoxParamW
SetMenuItemBitmaps
TrackPopupMenuEx
GetKeyState
AttachThreadInput
SetCursor
RedrawWindow
RemoveMenu
InsertMenuW
CharUpperA
ModifyMenuA
GetClassNameW
TrackPopupMenu
LoadStringW
DispatchMessageA
GetPropW
CreatePopupMenu
GetMessagePos

winspool.drv

DeviceCapabilitiesA

Exports

Exports

_Login_User_ToSystem@8
_TaK_iecv_wu@16
_NsY_ufewy_oiVd@16
_Terminate_User_Threads@12
_EjJv_peti_y@16

Sections

.code
Size: 512B - Virtual size: 43KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.text
Size: 27KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 34KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 684B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

03f7449c549b76bae5ffc9df1bec7aaa

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

kernel32

comdlg32

comctl32

crypt32

msvcrt

user32

winspool.drv

Exports

Exports

Sections

.code Size: 512B - Virtual size: 43KB

.text Size: 27KB - Virtual size: 27KB

.rdata Size: 7KB - Virtual size: 7KB

.rsrc Size: 34KB - Virtual size: 34KB

.reloc Size: 1024B - Virtual size: 684B

.code
Size: 512B - Virtual size: 43KB

.text
Size: 27KB - Virtual size: 27KB

.rdata
Size: 7KB - Virtual size: 7KB

.rsrc
Size: 34KB - Virtual size: 34KB

.reloc
Size: 1024B - Virtual size: 684B