63b714c515b6b80d3bbe82f7a63aa612_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

63b714c515b6b80d3bbe82f7a63aa612_JaffaCakes118
Size

136KB
MD5

63b714c515b6b80d3bbe82f7a63aa612
SHA1

c34f346303d612597f74f33829a89b1c5cd3aa63
SHA256

0e8591e276ff1c5aa184d50d6d3b8e5f6ba909132f7b68cc9a8d4fb8b7c9a151
SHA512

0c100cf73108d129f29477aa15252b215482c084a6135332ab35314fcbd49c2ea19c8029323e10865871294f3e057e8a2bce88391cc3f0e5df4a5474b0880728
SSDEEP

3072:o9GpLijJYddxW7aenGDCcwBEopSDzQPlxyHS+PadXo3sSs:+sLtW7abDCtBTpSDOHyta

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
63b714c515b6b80d3bbe82f7a63aa612_JaffaCakes118

Files

63b714c515b6b80d3bbe82f7a63aa612_JaffaCakes118
.dll windows:5 windows x86 arch:x86

46acfc1a45dda9a138bc31ec6c8b8054

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

FXSWZRD_A.pdb

Imports

msvcrt

free
_ismbcalpha
_stricmp
_mbsspnp
_initterm
_splitpath
_purecall
_adjust_fdiv
??1type_info@@UAE@XZ
malloc
?terminate@@YAXXZ
wcsstr
wcschr
_callnewh
realloc
strstr
strchr
??2@YAPAXI@Z
__CxxFrameHandler
??3@YAXPAX@Z
_mbslen
_mbsstr
_mbsnbicmp
_mbsnbset
strtoul
_except_handler3
_snprintf
sscanf
_vsnprintf
_mbsninc
_mbsinc
_mbsnbcmp
_mbsicmp
_mbscmp
_mbsrchr
_mbsnbcpy
_mbschr
_strnicmp
strncpy

user32

ReleaseDC
SystemParametersInfoA
InvalidateRect
IsWindowEnabled
LoadMenuA
GetSubMenu
GetFocus
GetMessagePos
TrackPopupMenu
DestroyMenu
DialogBoxParamA
wsprintfA
BeginPaint
EndPaint
CallWindowProcA
SetWindowPos
EndDialog
GetDC
ShowWindow
CheckDlgButton
GetDlgItemTextA
GetWindowRect
ScreenToClient
EnableWindow
SetDlgItemTextA
SetFocus
GetClientRect
GetSystemMetrics
SetWindowLongA
GetDlgItem
wvsprintfA
LoadStringA
DrawTextA
GetActiveWindow
MessageBoxA
GetWindowContextHelpId
WinHelpA
SendMessageA
GetWindowLongA
GetParent
PostMessageA
SendDlgItemMessageA
GetWindowTextLengthA
GetWindowTextA
IsDlgButtonChecked
MessageBeep

kernel32

InterlockedExchange
RaiseException
LocalAlloc
MulDiv
Sleep
GetSystemTime
SystemTimeToFileTime
GetTempPathA
GetFileType
ReadFile
GetFileAttributesA
CreateDirectoryA
GetDateFormatA
ExpandEnvironmentStringsA
WideCharToMultiByte
GetTimeFormatA
GetStringTypeExA
HeapFree
HeapAlloc
GetProcessHeap
HeapDestroy
GetModuleFileNameA
SetUnhandledExceptionFilter
UnhandledExceptionFilter
DisableThreadLibraryCalls
FreeLibrary
GetLastError
WaitForSingleObject
GetLocalTime
SetLastError
GetVersionExA
GetProcAddress
LoadLibraryA
GetComputerNameA
CloseHandle
GetCurrentProcess
GetCurrentThread
DeleteFileA
CopyFileA
GetFileSize
CreateFileA
lstrlenA
lstrcpynA
lstrcpyA
CreateThread
CreateEventA
GetEnvironmentVariableA
GetVersion
FindClose
FindNextFileA
FindFirstFileA
SetEvent
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess

winspool.drv

OpenPrinterA
ClosePrinter
DocumentPropertiesA

gdi32

GetStockObject
GetDeviceCaps
CreateFontIndirectA
CreateDCA
SelectObject
DeleteEnhMetaFile
GetTextMetricsA
SetTextColor
LPtoDP
SetWindowOrgEx
SetViewportExtEx
SetWindowExtEx
SetMapMode
SetBkMode
RestoreDC
PlayEnhMetaFile
GetEnhMetaFileHeader
SetEnhMetaFileBits
SaveDC
SelectClipRgn
CreateRectRgnIndirect
DeleteDC
EndDoc
EndPage
StartPage
StartDocA
DeleteObject
Rectangle

shell32

ShellExecuteExA

advapi32

GetSidIdentifierAuthority
IsValidSid
GetTokenInformation
OpenProcessToken
OpenThreadToken
RegCloseKey
RegOpenKeyA
RegQueryValueExA
RegOpenKeyExA
RegCreateKeyExA
RegSetValueExA
GetSidSubAuthority
GetSidSubAuthorityCount

comctl32

PropertySheetA
InitCommonControlsEx

tapi32

lineTranslateDialogA
lineShutdown
lineSetCurrentLocation

imm32

ImmAssociateContext

Exports

Exports

FaxFreeSendWizardData
FaxSendWizard

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

46acfc1a45dda9a138bc31ec6c8b8054

Headers

File Characteristics

PDB Paths

Imports

msvcrt

user32

kernel32

winspool.drv

gdi32

shell32

advapi32

comctl32

tapi32

imm32

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 59KB

.data Size: 64KB - Virtual size: 64KB

.rsrc Size: 4KB - Virtual size: 1024B

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 60KB - Virtual size: 59KB

.data
Size: 64KB - Virtual size: 64KB

.rsrc
Size: 4KB - Virtual size: 1024B

.reloc
Size: 4KB - Virtual size: 3KB