6220c47713dbd4ca4232405032a6be5e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6220c47713dbd4ca4232405032a6be5e_JaffaCakes118
Size

55KB
MD5

6220c47713dbd4ca4232405032a6be5e
SHA1

04fc84376354f9b5be5d8569c7a10ea12a4df530
SHA256

683876260b4fe67b3da2e64021ababac153f424e69d3d271db3a6b7d1e7c44c1
SHA512

c1c4cdc5b8b88a5316276deccfd0a0ab30e38a2ae72100fad74d906b68ea1a08bfb3d778356192792a0d551b74ed9197ec15d181c313a94f7c877217c0bf5449
SSDEEP

1536:FX/4isLma94WeamYtm8sJX456F2gKTg+W+Llo:lds394UmYtm3FWg+W+Ll

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6220c47713dbd4ca4232405032a6be5e_JaffaCakes118

Files

6220c47713dbd4ca4232405032a6be5e_JaffaCakes118
.dll windows:5 windows x86 arch:x86

741a61586043d92549618196e7a3d697

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
SetThreadPriority
WriteFile
InitializeCriticalSection
GetProcAddress
TerminateProcess
IsDBCSLeadByteEx
LeaveCriticalSection
GlobalSize
CloseHandle
GetModuleHandleA
GetOEMCP
IsProcessorFeaturePresent
WideCharToMultiByte
GlobalFree
WaitForMultipleObjects
UnmapViewOfFile
LoadLibraryA
QueryPerformanceFrequency
QueryPerformanceCounter
EnterCriticalSection
CreateThread
MapViewOfFile
SetHandleCount
CreateFileMappingA
GetFileTime
VirtualQuery
GetSystemTimeAsFileTime

crypovau

ImmGetCompositionWindow
ImmGetRegisterWordStyleA
PifMgr_SetProperties
ImmGetCandidateListA
ImmSetCompositionStringA
ImmSetCompositionWindow
CtfAImmDeactivate
SdbGetBinaryTagData
PifMgr_CloseProperties
DAD_DragLeave
ImmDestroyContext
ImmUnlockClientImc
ILCombine
SdbCloseDatabase
ImmTranslateMessage
ImmDisableIme
ImmGetAppCompatFlags
ExtractIconEx
DoEnvironmentSubstA
RestartDialog
ImmGetContext
ImmGetImeInfoEx
SdbFindNextMsiPackage
DAD_DragEnterEx
CtfAImmActivate
ImmUnlockIMCC
PathResolve
PrintersGetCommand_RunDLL
ImmSetActiveContextConsoleIME
DllGetClassObject
PifMgr_OpenProperties
SdbOpenApphelpDetailsDatabase
IsLFNDrive
ImmReleaseContext
RestartDialogEx
ShimFlushCache
ImmSetActiveContext
CheckEscapesA
SdbGetMsiPackageInformation
SdbReadStringTagRef
ILSaveToStream
ImmGetCandidateListCountA

gdi32

GetBitmapBits
SetBrushOrgEx
Polyline
SetBkColor
LineTo
GetCharWidthA
GetDIBits
EndDoc
Pie
GetTextCharsetInfo
GetMetaFileBitsEx
GetCurrentObject
SetBkMode
CreateDIBSection
StretchDIBits
SetAbortProc

user32

MessageBeep
FlashWindow
GetMessageExtraInfo
GetWindow
GetUpdateRect
GetActiveWindow
GetWindowWord
GetSysColor
GetDlgItem
ShowWindow
DrawIconEx
PostQuitMessage
GetKeyState
GetScrollInfo
GetSystemMetrics
EndPaint
IsWindow
EmptyClipboard
IntersectRect
SetKeyboardState
SetRectEmpty
DestroyMenu

advapi32

AllocateAndInitializeSid
RevertToSelf
InitializeSecurityDescriptor
SetSecurityDescriptorGroup
AccessCheck
CryptGetHashParam
CryptCreateHash
GetSecurityDescriptorDacl
EqualSid
RegCloseKey
GetPrivateObjectSecurity

ole32

GetHGlobalFromStream
WriteFmtUserTypeStg
CoTaskMemAlloc
GetHGlobalFromILockBytes
OleCreateFromData
CoUninitialize
CoLockObjectExternal
IsAccelerator

msvcrt

memmove
_controlfp
_adjust_fdiv
__p__commode

Exports

Exports

CreateProcessNotify
audirmap

Sections

.text
Size: 46KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

741a61586043d92549618196e7a3d697

Headers

File Characteristics

Imports

kernel32

crypovau

gdi32

user32

advapi32

ole32

msvcrt

Exports

Exports

Sections

.text Size: 46KB - Virtual size: 48KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1KB - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 46KB - Virtual size: 48KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1KB - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB