5fe43c2fb5b4ef99bf82bbc111bad9f6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5fe43c2fb5b4ef99bf82bbc111bad9f6_JaffaCakes118
Size

256KB
MD5

5fe43c2fb5b4ef99bf82bbc111bad9f6
SHA1

43dd1490dc6b4afaf75eb0a882b157cc0648866d
SHA256

d3f9235c525a3da450c5b8683ceafc39e69b4b6f2067016fde60f8225a1ce35b
SHA512

472cb611317825e2c958f76c3da1d8d9fdb70139e9bb817b4db320b5ad7518a67f497a6ef1f22d3c71ad4e8e8e58a6bc958c39718951e6c638b8d689c83ba010
SSDEEP

6144:lkMkFlGhYVDasCEoUupxHvMuvlcoRbh6R6NOMt:GMk7yYlasCWupxPMWaoRc6Nzt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5fe43c2fb5b4ef99bf82bbc111bad9f6_JaffaCakes118

Files

5fe43c2fb5b4ef99bf82bbc111bad9f6_JaffaCakes118
.dll windows:4 windows x86 arch:x86

851a99f0b43f638dcacd5aa9da1279fe

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

IsProcessorFeaturePresent
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
LoadResource
LockResource
MulDiv
MultiByteToWideChar
QueryPerformanceCounter
RaiseException
SetLastError
IsDBCSLeadByte
VirtualAlloc
VirtualFree
VirtualProtect
WideCharToMultiByte
lstrcmpA
lstrcmpiA
lstrcpynA
lstrlenA
lstrlenW
InterlockedIncrement
InterlockedExchange
InterlockedDecrement
InterlockedCompareExchange
InitializeCriticalSection
HeapFree
HeapAlloc
GlobalUnlock
GlobalLock
GlobalHandle
GlobalFree
GlobalAlloc
GetVersionExA
GetTickCount
GetThreadLocale
GetSystemTimeAsFileTime
GetProcessPriorityBoost
GetProcessHeap
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetLocaleInfoA
GetLastError
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GetACP
DeleteCriticalSection
FreeLibrary
FlushInstructionCache
FindResourceA
ExitProcess
EnterCriticalSection
DisableThreadLibraryCalls
SizeofResource

ddraw

GetSurfaceFromDC
DDInternalUnlock

advapi32

RegDeleteValueA
RegSetValueExA
RegQueryValueExA
RegQueryInfoKeyA
RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
RegEnumKeyExA
RegOpenKeyExA

user32

SendMessageA
SetCapture
SetCursor
SetFocus
SetWindowContextHelpId
SetWindowLongA
SetWindowPos
ReleaseDC
UnregisterClassA
WINNLSGetEnableStatus
wsprintfA
ReleaseCapture
RegisterWindowMessageA
RegisterClassExA
RedrawWindow
PtInRect
GetParent
MessageBoxA
MapDialogRect
GetFocus
GetDlgItem
LoadStringA
LoadCursorA
IsWindow
IsChild
InvalidateRgn
InvalidateRect
GetWindowTextA
GetWindowRect
GetWindowLongA
GetWindow
GetTopWindow
GetSysColor
SetWindowTextA
GetDlgCtrlID
GetDesktopWindow
GetDC
GetCursorPos
GetClientRect
GetClassInfoExA
GetAsyncKeyState
GetActiveWindow
EndPaint
EndDialog
EnableWindow
DialogBoxIndirectParamA
DestroyWindow
DefWindowProcA
CreateWindowExA
CreateAcceleratorTableA
CharNextA
CallWindowProcA
BeginPaint
GetClassNameA

shell32

SHLoadNonloadedIconOverlayIdentifiers
SHGetMalloc
SHFreeNameMappings
SHExtractIconsW
SHBindToParent
DragAcceptFiles
SHGetSpecialFolderLocation

comctl32

ord17

oleaut32

VariantInit
VariantClear
VarUI4FromStr
VarR8FromI2
SysStringLen
SysStringByteLen
SysFreeString
SysAllocString
OleCreateFontIndirect
LoadTypeLi
LoadRegTypeLi
BstrFromVector

gdi32

SelectObject
SelectPalette
SaveDC
SetTextColor
SetViewportOrgEx
SetWindowOrgEx
Polygon
ModifyWorldTransform
GetStockObject
GetObjectA
GetDeviceCaps
DeleteMetaFile
DeleteDC
DPtoLP
CreateSolidBrush
CreateFontIndirectA
CreateCompatibleDC
BitBlt
SetBkMode

Exports

Exports

ConvertMeshSubsetToStrips
GatherFragmentsFromFileA
GatherFragmentsFromResourceW
GetLoadResolution
SHDot
SaveMeshToXW
TransformFile
VecLoadMemory
WriteFileTransforms
mpegInOpenTSStream

Sections

.text
Size: 51KB - Virtual size: 51KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 43KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 36KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

851a99f0b43f638dcacd5aa9da1279fe

Headers

File Characteristics

Imports

kernel32

ddraw

advapi32

user32

shell32

comctl32

oleaut32

gdi32

Exports

Exports

Sections

.text Size: 51KB - Virtual size: 51KB

.rdata Size: 120KB - Virtual size: 120KB

.data Size: 43KB - Virtual size: 43KB

.rsrc Size: 36KB - Virtual size: 36KB

.reloc Size: 3KB - Virtual size: 2KB

.text
Size: 51KB - Virtual size: 51KB

.rdata
Size: 120KB - Virtual size: 120KB

.data
Size: 43KB - Virtual size: 43KB

.rsrc
Size: 36KB - Virtual size: 36KB

.reloc
Size: 3KB - Virtual size: 2KB