63938415274f1787043407610c07283f_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

63938415274f1787043407610c07283f_JaffaCakes118
Size

244KB
MD5

63938415274f1787043407610c07283f
SHA1

e370efa60fb01bfbdd87bfba4bc2f935dd64c4a9
SHA256

c0ff18889de772d7b47cb6150c933b65477bfffe5fb6fea2597712ddd05cc19a
SHA512

bdbc2697e5d0b8ee831837e4fa9032e2af688bcd7c6a58f190fc4802c093cce611dd92128e8577092f3fef37d3c70f1556583b464780e80e66d1abdd2480c83d
SSDEEP

6144:o6GJVN1qKY9Vs6XOJN1ERg7832au9zzySv4Ch+w:ojN1LQRXO1EISC+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
63938415274f1787043407610c07283f_JaffaCakes118

Files

63938415274f1787043407610c07283f_JaffaCakes118
.dll windows:4 windows x86 arch:x86

bd7ef5a4f5467946bf85719bd0d3e526

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

comdlg32

GetSaveFileNameW
GetOpenFileNameW
CommDlgExtendedError
ChooseFontW

advapi32

RegDeleteKeyW
RegSetValueExW
RegQueryValueExW
RegQueryValueExA
RegOpenKeyExW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExA

shlwapi

PathFindFileNameW

user32

TranslateMessage
SetWindowWord
SetTimer
SetRectEmpty
ValidateRgn
SetCursor
SendMessageW
SendDlgItemMessageW
RemoveMenu
SetPropA
GetDesktopWindow
GetCursorPos
FillRect
EnumWindows
EnumPropsA
EnumChildWindows
DialogBoxParamW
DeleteMenu
DdeInitializeW
CountClipboardFormats
CharToOemBuffA
KillTimer

kernel32

ExitProcess
FindResourceW
FormatMessageW
FreeLibrary
GetCommandLineA
GetConsoleAliasesA
GetConsoleFontSize
GetConsoleOutputCP
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetModuleHandleW
GetPrivateProfileSectionA
GetStartupInfoW
GetSystemTimeAsFileTime
GetTickCount
GetTimeFormatW
GetVersionExA
GlobalDeleteAtom
GlobalFree
GlobalLock
GlobalSize
HeapAlloc
HeapCreate
RegisterWaitForSingleObjectEx
ResumeThread
SetEvent
SetStdHandle
SetThreadPriority
lstrcmpA
Beep
EnumDateFormatsW

msvcrt

wcstod
wcslen
wcscoll
wcscmp
memmove
iswspace
free
exit
_wcsicmp
_wcsdup
_wcmdln
_purecall
_onexit
_ftol
_exit
__dllonexit
__CxxFrameHandler
__setusermatherr
__wgetmainargs
_adjust_fdiv
_controlfp
_except_handler3

gdi32

GdiStartDocEMF
GetBkColor
GetCurrentObject
GetNearestColor
GdiResetDCEMF
Escape
EnumFontFamiliesW
EnumFontFamiliesExW
DescribePixelFormat
DPtoLP
CreatePen
CreateICW
CreateFontIndirectW
CreateDCW
CreateCompatibleDC
CreateBitmapIndirect
GetObjectW
GetPaletteEntries
GetTextMetricsW
GetWinMetaFileBits
PtVisible
Rectangle
ScaleWindowExtEx
SelectFontLocal
SelectObject
SetBkMode
SetDCBrushColor
SetICMMode
SetPixel
SetTextColor
TextOutW

ole32

ReleaseStgMedium
StgCreateDocfileOnILockBytes
StringFromCLSID
ReadClassStg
OleUninitialize
OleRegGetUserType
OleInitialize
CreateILockBytesOnHGlobal
CLSIDFromString
CoTaskMemFree

shell32

ShellAboutW
SHGetSpecialFolderPathW
SHGetSettings
DragQueryFileW
DragFinish
ShellExecuteExW

Exports

Exports

EnumAFDistanceSettingRelease
EnumAvValueRelease
EnumImageDataInItemReset
GetDevSplineArrayEx
GetSurfaceReference
ImportIsoTrack
Malloc3DArray
RegisterShared
SetAllParamValueToAtCapture

Sections

.text
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bd7ef5a4f5467946bf85719bd0d3e526

Headers

File Characteristics

Imports

comdlg32

advapi32

shlwapi

user32

kernel32

msvcrt

gdi32

ole32

shell32

Exports

Exports

Sections

.text Size: 160KB - Virtual size: 160KB

.data Size: 72KB - Virtual size: 116KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 160KB - Virtual size: 160KB

.data
Size: 72KB - Virtual size: 116KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 4KB