703b5a59c10915f5cf4cd3b813e37275_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

703b5a59c10915f5cf4cd3b813e37275_JaffaCakes118
Size

143KB
MD5

703b5a59c10915f5cf4cd3b813e37275
SHA1

a684f19310c56267c0f636095affc2d1cab91cf8
SHA256

20ba95be9604586c39ff4b94d7225e48e128243daade467bafcfe1f24642778c
SHA512

f70917cc9e58f8cb9de0dc446bc6d86976bee6e8de58555422611e825ace40b9466b33e21296c80c63247d8d2afdd8006a48d57d523221472a36de1b1bebda58
SSDEEP

3072:9/TMlWHlZQ93tMoXlBzdwbjTLs+RII/x9x6ViGfXEyWi6zBFfFJvya:JTMlOlW93tMeBKb/Lf9Dx6ViGvErfFxN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
703b5a59c10915f5cf4cd3b813e37275_JaffaCakes118

Files

703b5a59c10915f5cf4cd3b813e37275_JaffaCakes118
.dll windows:5 windows x86 arch:x86

73e8f56f67de574ccedb4e903305ebf3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleFileNameW
GetPrivateProfileSectionW
LocalFree
IsBadWritePtr
CopyFileW
GetSystemDefaultLangID
WideCharToMultiByte
GetSystemWindowsDirectoryW
GetPrivateProfileStringW
lstrcmpW
FindFirstFileW
FindNextFileW
FindClose
lstrcatW
CreateDirectoryW
RemoveDirectoryW
DeleteFileW
SetFileAttributesW
GetFileAttributesW
LoadLibraryA
SetUnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
GetModuleHandleA
GetProfileStringW
MulDiv
lstrcpyW
CreateThread
SetEvent
CreateEventW
GetLastError
Sleep
SetNamedPipeHandleState
ResetEvent
WaitForSingleObject
GetOverlappedResult
CancelIo
TransactNamedPipe
CreateFileW
CloseHandle
lstrcpynW
LoadLibraryW
GetProcAddress
SetFilePointer
ReadFile
lstrlenW
GetDiskFreeSpaceExW
GlobalAlloc
GetCommandLineW
GlobalFree
WritePrivateProfileStringW
FreeLibrary

msvcrt

_endthreadex
wcscpy
wcsncpy
_wtoi
_itow
wcstol
_beginthreadex
_wcslwr
_wsplitpath
wcscmp
wcslen
wcstok
iswctype
wcschr
wcsrchr
free
_initterm
_adjust_fdiv
malloc
_CIpow
_vsnwprintf
wcsncmp

advapi32

RegOpenKeyExA
RegQueryValueExW
RegCreateKeyExW
RegSetValueExW
GetUserNameW
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegQueryValueExA
RegCloseKey

user32

RegisterClassExW
LoadCursorW
LoadIconW
SetWindowPos
MapWindowPoints
GetWindowRect
SetFocus
EndDialog
EndPaint
GetScrollInfo
BeginPaint
SetScrollInfo
DialogBoxParamW
OffsetRect
CopyRect
GetSystemMetrics
DrawTextW
FillRect
SetRect
GetSysColor
wsprintfW
SetDlgItemInt
GetDlgItemInt
SetCapture
ReleaseCapture
ScrollWindowEx
DefWindowProcW
WinHelpW
DispatchMessageW
TranslateMessage
TranslateAcceleratorW
MessageBoxW
ShowWindow
SetActiveWindow
GetForegroundWindow
FlashWindowEx
EnableScrollBar
RedrawWindow
GetClientRect
EnableWindow
DestroyWindow
RemovePropW
GetWindowPlacement
KillTimer
DestroyMenu
PostQuitMessage
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
MoveWindow
InflateRect
GetMenuItemInfoW
EnableMenuItem
CheckMenuRadioItem
IsWindowEnabled
CheckMenuItem
InvalidateRect
GetWindowLongW
PostMessageW
GetPropW
LoadMenuW
RemoveMenu
SetMenu
GetDC
ReleaseDC
SetPropW
SetTimer
LoadStringW
SetRectEmpty
SystemParametersInfoW
LoadBitmapW
LoadAcceleratorsW
CreateWindowExW
UpdateWindow
GetMessageW
GetFocus
SendMessageW
GetDlgItem

winspool.drv

GetPrinterW
DeviceCapabilitiesW
OpenPrinterW
ClosePrinter
GetPrinterDataW
SetPrinterDataW
DocumentPropertiesW
GetJobW
SetJobW
GetPrinterDriverW

gdi32

SetTextColor
RestoreDC
TextOutW
SaveDC
FillRgn
SetROP2
PatBlt
ExtSelectClipRgn
CombineRgn
CreateEllipticRgnIndirect
StretchDIBits
RectVisible
LineTo
SetTextAlign
OffsetRgn
CreateRectRgn
SetWindowOrgEx
SetICMMode
SetStretchBltMode
RealizePalette
SelectPalette
GetDeviceCaps
GetObjectW
GetTextExtentPoint32W
SetPixel
CreateSolidBrush
GetStockObject
CreatePen
SetBrushOrgEx
MoveToEx
SelectObject
SetBkMode
CreateHalftonePalette
CreatePatternBrush
SelectClipRgn
DeleteObject

comctl32

CreateStatusWindowW
ord17
CreateToolbarEx

version

GetFileVersionInfoW
GetFileVersionInfoSizeW
VerQueryValueW

shell32

SHGetFolderPathW

Exports

Exports

PreviewEntryPoint

Sections

.text
Size: 72KB - Virtual size: 71KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 56KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

73e8f56f67de574ccedb4e903305ebf3

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

advapi32

user32

winspool.drv

gdi32

comctl32

version

shell32

Exports

Exports

Sections

.text Size: 72KB - Virtual size: 71KB

.data Size: 56KB - Virtual size: 56KB

.rsrc Size: 10KB - Virtual size: 9KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 72KB - Virtual size: 71KB

.data
Size: 56KB - Virtual size: 56KB

.rsrc
Size: 10KB - Virtual size: 9KB

.reloc
Size: 3KB - Virtual size: 3KB