73d1648020ec8824db8e8b7a424531f2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

73d1648020ec8824db8e8b7a424531f2_JaffaCakes118
Size

472KB
MD5

73d1648020ec8824db8e8b7a424531f2
SHA1

d98c32a23b909dad705d5a7047a0ef904b331ed6
SHA256

0854b0c0925a97728c42689b6e60ae608f17da50f8bb8bfb668b2da7adcf1de2
SHA512

940ecd03e9660aba51883362c85307473d95188b394bb7f0ba0175a8aebd6bce08479946e119fdcb14aefea43697cf50831ab8167450318bef3a1277a60648ed
SSDEEP

6144:PJsY/dSNk03NtXOjBHlItknXtMr+hu1S8ytG5dHL+TxFdCMd0d:PJXTlLX0+8Bk5H+d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
73d1648020ec8824db8e8b7a424531f2_JaffaCakes118

Files

73d1648020ec8824db8e8b7a424531f2_JaffaCakes118
.dll windows:5 windows x86 arch:x86

da85ffe2ede0104fdb7fd00aaffb46ba

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

usp10.pdb

Imports

kernel32

DeleteCriticalSection
EnterCriticalSection
GetACP
GetLocaleInfoW
IsValidLocale
ConvertDefaultLocale
GetLastError
InterlockedIncrement
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
DisableThreadLibraryCalls
GetSystemTimeAsFileTime
GetCurrentProcessId
GetCurrentThreadId
GetTickCount
QueryPerformanceCounter
FindResourceA
LoadResource
LockResource
IsDBCSLeadByte
HeapFree
InterlockedExchange
HeapAlloc
HeapDestroy
LeaveCriticalSection
LoadLibraryA
InitializeCriticalSection
GetUserDefaultLCID
GetVersionExA
HeapCreate
lstrcpyA
GetProfileIntA
lstrcmpiA
GetProfileStringA
CreateFileA
ReadFile
CloseHandle
WideCharToMultiByte
lstrcpyW
lstrcmpW
lstrlenW
MultiByteToWideChar
GetProcAddress
MulDiv

user32

SetRect
ReleaseDC
GetDC
GetSystemMetrics
wsprintfA
CharUpperW
GetSysColor

gdi32

GetTextExtentExPointW
GetTextExtentExPointA
CreateSolidBrush
Ellipse
GetTextColor
CreatePen
GetStockObject
LineTo
GetBkMode
SetBkMode
MoveToEx
ExtTextOutA
ExtTextOutW
CreateCompatibleDC
GetGraphicsMode
SetGraphicsMode
DeleteDC
GetTextMetricsW
CreateFontA
TranslateCharsetInfo
CreateFontIndirectW
GetTextCharset
GetGlyphOutlineA
DPtoLP
GetCharABCWidthsA
GetFontData
GetCharWidthA
GetDeviceCaps
GetWindowExtEx
GetViewportExtEx
GetCurrentObject
GetObjectA
CreateFontIndirectA
SelectObject
GetTextMetricsA
GetOutlineTextMetricsW
GetTextFaceW
GetOutlineTextMetricsA
GetTextFaceA
EnumFontFamiliesExW
GetTextAlign
GetCurrentPositionEx
SetBkColor
SetTextColor
SetTextAlign
DeleteObject

advapi32

RegEnumValueA
RegOpenKeyExW
RegQueryInfoKeyW
RegEnumValueW
RegOpenKeyExA
RegQueryValueExA
RegCloseKey

Exports

Exports

LpkPresent
ScriptApplyDigitSubstitution
ScriptApplyLogicalWidth
ScriptBreak
ScriptCPtoX
ScriptCacheGetHeight
ScriptFreeCache
ScriptGetCMap
ScriptGetFontProperties
ScriptGetGlyphABCWidth
ScriptGetLogicalWidths
ScriptGetProperties
ScriptIsComplex
ScriptItemize
ScriptJustify
ScriptLayout
ScriptPlace
ScriptRecordDigitSubstitution
ScriptShape
ScriptStringAnalyse
ScriptStringCPtoX
ScriptStringFree
ScriptStringGetLogicalWidths
ScriptStringGetOrder
ScriptStringOut
ScriptStringValidate
ScriptStringXtoCP
ScriptString_pLogAttr
ScriptString_pSize
ScriptString_pcOutChars
ScriptTextOut
ScriptXtoCP
UspAllocCache
UspAllocTemp
UspFreeMem

Sections

.text
Size: 270KB - Virtual size: 270KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 40KB - Virtual size: 60KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Shared
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 76KB - Virtual size: 76KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

da85ffe2ede0104fdb7fd00aaffb46ba

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

Exports

Exports

Sections

.text Size: 270KB - Virtual size: 270KB

.data Size: 40KB - Virtual size: 60KB

Shared Size: 7KB - Virtual size: 7KB

.rsrc Size: 71KB - Virtual size: 70KB

.reloc Size: 6KB - Virtual size: 5KB

.text Size: 76KB - Virtual size: 76KB

.text
Size: 270KB - Virtual size: 270KB

.data
Size: 40KB - Virtual size: 60KB

Shared
Size: 7KB - Virtual size: 7KB

.rsrc
Size: 71KB - Virtual size: 70KB

.reloc
Size: 6KB - Virtual size: 5KB

.text
Size: 76KB - Virtual size: 76KB