7542eb55fde2459cf1207d467b4551bb_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

7542eb55fde2459cf1207d467b4551bb_JaffaCakes118
Size

93KB
MD5

7542eb55fde2459cf1207d467b4551bb
SHA1

0b74de3804ecce5fab8970c66a6a2eb394c5ccf6
SHA256

1877ab8ff240f5ad400aae7253bbc0e568d46e2eb68f74d8d7fc12ebb05b29dc
SHA512

7c61250077c36c6aef29c46ea5bf0e2a4259aa48a7613ab125825ee0b1345f26e13248acfb485fae7a0ca19e166bf1418d72164c452c14544cfb1031431fc9f5
SSDEEP

1536:VArS7tyaPTcTcyo6OaNCDANsBGoMvGNUDhQjAPXgQSlMmBQSdoBkPPa:VL7tyawT6laNCDAeXMeSDh8APX+lWtBC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
7542eb55fde2459cf1207d467b4551bb_JaffaCakes118

Files

7542eb55fde2459cf1207d467b4551bb_JaffaCakes118
.dll windows:4 windows x86 arch:x86

d028f1df8b2eb9656ef510f4a74f824a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ws2_32

inet_ntoa
gethostbyname
WSACleanup
WSASetLastError
WSAStartup
htonl
WSAGetLastError
inet_addr
getservbyname
htons
gethostbyaddr
ntohs
getservbyport

kernel32

LeaveCriticalSection
GlobalReAlloc
EnterCriticalSection
TlsFree
TlsSetValue
LocalReAlloc
TlsGetValue
GlobalFlags
GetProcessVersion
DeleteCriticalSection
GlobalHandle
SizeofResource
GetThreadLocale
DuplicateHandle
CreateFileA
ReadFile
WriteFile
SetFilePointer
GetOEMCP
LockFile
GetCPInfo
FlushFileBuffers
FindClose
FindFirstFileA
GetVolumeInformationA
GetFullPathNameA
GetFileAttributesA
GetFileSize
GetFileTime
SetErrorMode
FileTimeToSystemTime
InitializeCriticalSection
GetTickCount
lstrcpynA
TlsAlloc
GetTimeZoneInformation
GetSystemTime
GetLocalTime
HeapFree
HeapAlloc
RaiseException
GetStartupInfoA
GetCommandLineA
TerminateProcess
SetStdHandle
GetFileType
HeapSize
HeapReAlloc
GetACP
LCMapStringA
LCMapStringW
GetEnvironmentVariableA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetHandleCount
GetStdHandle
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
CompareStringA
CompareStringW
SetEnvironmentVariableA
InterlockedExchange
GetProfileStringA
GlobalFree
GlobalAlloc
GetCurrentThread
WideCharToMultiByte
FormatMessageA
MultiByteToWideChar
GlobalLock
InterlockedDecrement
InterlockedIncrement
SetLastError
GlobalUnlock
MulDiv
LockResource
FindResourceA
LoadResource
GlobalGetAtomNameA
GetVersion
GetCurrentThreadId
GlobalDeleteAtom
GlobalAddAtomA
GlobalFindAtomA
FreeLibrary
GetModuleHandleA
GetSystemDirectoryA
LoadLibraryA
lstrcmpA
Sleep
GetCurrentProcess
CreateMutexA
GetVersionExA
LocalFree
GetLastError
LocalAlloc
lstrcmpiA
CloseHandle
WinExec
WritePrivateProfileStringA
GetPrivateProfileSectionA
ExitProcess
lstrlenA
lstrcpyA
GetPrivateProfileIntA
GetModuleFileNameA
GetTempPathA
lstrcatA
GetPrivateProfileStringA
GetProcAddress
RtlUnwind
OutputDebugStringA
UnlockFile
SetEndOfFile
FileTimeToLocalFileTime

gdi32

SetBkMode
GetStockObject
SelectObject
RestoreDC
SaveDC
DeleteDC
CreateBitmap
GetObjectA
GetClipBox
SetBkColor
CreateDIBitmap
GetTextExtentPointA
SetTextColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
DeleteObject
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
GetDeviceCaps
CreateSolidBrush
CreatePatternBrush
RectVisible
TextOutA
PtVisible
Escape
StretchDIBits
ExtTextOutA
CreateCompatibleBitmap
GetCharWidthA
CreateCompatibleDC
GetTextExtentPoint32A
GetTextMetricsA
CreateFontA
GetTextColor
GetBkColor
CreateFontIndirectA
LPtoDP
BitBlt
DPtoLP
PatBlt
SetRectRgn
GetMapMode
CreateRectRgnIndirect
CombineRgn
SetTextAlign
IntersectClipRect
ExcludeClipRect

comdlg32

GetFileTitleA

winspool.drv

EnumPortsA
EnumPrintersA
ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegQueryValueExA
RegOpenKeyExA
RegSetValueExA
RegEnumKeyA
RegDeleteValueA
RegCreateKeyExA
RegEnumValueA
RegQueryInfoKeyA
GetSidSubAuthority
GetSidSubAuthorityCount
GetTokenInformation
OpenProcessToken
RegEnumKeyExA
RegCloseKey

comctl32

ord17

oledlg

ord8

ole32

StgOpenStorageOnILockBytes
CoGetClassObject
CoRevokeClassObject
OleIsCurrentClipboard
CoRegisterMessageFilter
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoTaskMemFree
CoTaskMemAlloc
OleInitialize
OleUninitialize
CoFreeUnusedLibraries
OleFlushClipboard
CLSIDFromString
CLSIDFromProgID

olepro32

ord253

oleaut32

SysStringLen
SysAllocStringByteLen
VariantCopy
SysAllocString
VariantChangeType
VariantTimeToSystemTime
VariantClear
SysAllocStringLen
SysFreeString

Sections

.text
Size: 65KB - Virtual size: 88KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 120KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d028f1df8b2eb9656ef510f4a74f824a

Headers

File Characteristics

Imports

ws2_32

kernel32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

oledlg

ole32

olepro32

oleaut32

Sections

.text Size: 65KB - Virtual size: 88KB

.bss Size: - Virtual size: 120KB

.pdata Size: 4KB - Virtual size: 4KB

.idata Size: 6KB - Virtual size: 6KB

.rsrc Size: 17KB - Virtual size: 16KB

.text
Size: 65KB - Virtual size: 88KB

.bss
Size: - Virtual size: 120KB

.pdata
Size: 4KB - Virtual size: 4KB

.idata
Size: 6KB - Virtual size: 6KB

.rsrc
Size: 17KB - Virtual size: 16KB