78e4926c133d3b744fe71d9988418ddd_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

78e4926c133d3b744fe71d9988418ddd_JaffaCakes118
Size

84KB
MD5

78e4926c133d3b744fe71d9988418ddd
SHA1

7db93c6bed6d0081df140569b049279080105b97
SHA256

158e635bc0f128ae248f1f5b568f705908197720874730cc5290d61ba01d2438
SHA512

ab8b0e5890c7a171cda4d85edaadee09ec1f2a14cf47a18e738228a5e621d174596a880cf5e8c3fa72f3470284a1b28e346048b587eabd5860bce6dd6ba001db
SSDEEP

1536:TRoUbIIlpPorhypgJ5pv6wZifKDtfzNx8bdbCtI:T5kFy+vp/o+fRjt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
78e4926c133d3b744fe71d9988418ddd_JaffaCakes118

Files

78e4926c133d3b744fe71d9988418ddd_JaffaCakes118
.dll windows:4 windows x86 arch:x86

d39f5c0914df1ca64a5c21f23d931cee

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

SetProcessShutdownParameters
GetSystemWow64DirectoryW
DeleteVolumeMountPointW
FindResourceW
GetCommState
GetCommTimeouts
SuspendThread
LocalHandle
GetConsoleOutputCP
GetFileAttributesW
DeleteTimerQueueEx
LockFile
WaitForMultipleObjectsEx
SleepEx
EscapeCommFunction
VirtualFree
GetThreadTimes
ReadConsoleA
FlushViewOfFile
CreateWaitableTimerW
SetProcessWorkingSetSize
GetSystemDefaultUILanguage
SetCurrentDirectoryA
AddRefActCtx
GetThreadPriority
GlobalMemoryStatusEx
OpenSemaphoreW
CreateHardLinkW
RemoveDirectoryW
CreateFileW
CancelWaitableTimer
FindAtomA
DeviceIoControl
FileTimeToDosDateTime
FindResourceExA
CreatePipe
Beep
FindResourceA
GetProcAddress
GetVolumeNameForVolumeMountPointW
AssignProcessToJobObject
DnsHostnameToComputerNameW
GetCommModemStatus
PulseEvent
SetMailslotInfo
HeapDestroy
CreateDirectoryA
MapViewOfFile
HeapFree
VirtualQuery
GetTickCount
lstrlenA
InterlockedIncrement
HeapAlloc
LoadLibraryA
CopyFileA
InterlockedCompareExchange
GetModuleHandleA
CloseHandle
GetComputerNameA
LocalUnlock

ole32

OleRegEnumVerbs
StgOpenStorageOnILockBytes
SetConvertStg
CoLockObjectExternal
CoFreeUnusedLibrariesEx
CoTaskMemRealloc
CoSwitchCallContext
CoUninitialize

user32

CloseWindowStation
GrayStringA
SetWindowRgn
AppendMenuW
MsgWaitForMultipleObjects
ShowWindowAsync
CharLowerBuffA
UpdateLayeredWindow
CharUpperBuffW
GetSystemMetrics
IsIconic
ReleaseCapture
DrawFrameControl
EnableScrollBar
RemoveMenu
GetCaretPos
RedrawWindow
FindWindowW
wvsprintfA
GetWindowRgn
CheckMenuItem
RegisterHotKey
EnableMenuItem
GetForegroundWindow
MonitorFromWindow
DrawEdge
DestroyCursor
CheckRadioButton
LoadMenuA
ChangeMenuA
EnumDisplaySettingsW
DrawTextW
SetCursorPos
GetGUIThreadInfo
UpdateWindow
GetMenuStringW
TrackMouseEvent
SystemParametersInfoW
IsDlgButtonChecked
SendMessageTimeoutA
VkKeyScanA
MessageBoxIndirectA
ModifyMenuA
GetDlgCtrlID
DrawStateA
SetDlgItemTextW
IsZoomed
RemovePropA
GetMenuItemCount
RegisterWindowMessageW
MapVirtualKeyExW
SetMenuItemInfoW
GetDlgItemTextW
InSendMessageEx
UnhookWinEvent
GetClassNameA
GetSysColorBrush

advapi32

GetUserNameA
ConvertStringSecurityDescriptorToSecurityDescriptorW
RegQueryValueExW
LogonUserW
EnumServicesStatusA
InitiateSystemShutdownExW
CreateProcessAsUserW
ClearEventLogW
ChangeServiceConfig2W
RegCreateKeyW
RegQueryInfoKeyA
OpenThreadToken
BuildExplicitAccessWithNameW
RegEnumValueW
RegDeleteValueW
CredFree
RegisterServiceCtrlHandlerA
ControlService

shell32

SHGetFolderLocation
SHGetSpecialFolderPathA
ShellAboutW

gdi32

Pie
PolyPolyline
Ellipse
GetTextAlign
CreateScalableFontResourceA
ExtEscape
EndPage
CreateFontIndirectA
OffsetWindowOrgEx
FillRgn
GetObjectType
SetStretchBltMode
EnumEnhMetaFile
GetPaletteEntries
CreateFontIndirectW
BeginPath
CopyMetaFileW
SetPixelV
StretchDIBits
SetPixel
CreateICW
EnumFontFamiliesExW
PtInRegion
Escape
GetWindowOrgEx
ArcTo
EnumMetaFile
CreatePolygonRgn
EqualRgn
CloseEnhMetaFile
CreateDCA
SetDIBColorTable
UpdateColors
ExtCreateRegion

Exports

Exports

wmiPadRpl

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d39f5c0914df1ca64a5c21f23d931cee

Headers

File Characteristics

Imports

kernel32

ole32

user32

advapi32

shell32

gdi32

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 59KB

.rdata Size: 8KB - Virtual size: 5KB

.data Size: 8KB - Virtual size: 6KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 60KB - Virtual size: 59KB

.rdata
Size: 8KB - Virtual size: 5KB

.data
Size: 8KB - Virtual size: 6KB

.reloc
Size: 4KB - Virtual size: 2KB