8331524bb0876136865d435ac7bcf9d6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8331524bb0876136865d435ac7bcf9d6_JaffaCakes118
Size

128KB
MD5

8331524bb0876136865d435ac7bcf9d6
SHA1

dffa727272f4a1e93afea6f78811f1ef16063fdd
SHA256

b5ad598a1a235e277b56b3e786abd4153c7e49213bb2d74ebaaf25e2ed7265c4
SHA512

ad47913f612e63a48b467337717112dbf701c85c35e00931c8d0db0d88abc746491ca9a31a2ce19dcafcb985ec42ccbfc7be7dca782533fa9cc02ce8dd008dba
SSDEEP

3072:ThhQ3gEbG0qFVypQoEnSSsRgMQmFDyQiCNv:ThhQwj3QeoEnSSsJ1mC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8331524bb0876136865d435ac7bcf9d6_JaffaCakes118

Files

8331524bb0876136865d435ac7bcf9d6_JaffaCakes118
.dll windows:4 windows x86 arch:x86

65726dc0f12ade48299c98e13b674888

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shell32

DragQueryFileA

ole32

StringFromGUID2
OleCreateDefaultHandler
CreateDataCache
CreatePointerMoniker
CoFreeUnusedLibraries
OleRegEnumFormatEtc
StgCreateDocfile
ReleaseStgMedium
CreateItemMoniker
CoTaskMemAlloc
CoTreatAsClass
OleCreateEmbeddingHelper
OleSetContainedObject
SetConvertStg
CoCreateInstance
OleMetafilePictFromIconAndLabel
HACCEL_UserMarshal
OleSetClipboard
OleSave
BindMoniker
OleLoadFromStream
CoFileTimeToDosDateTime
OleRun
CoRegisterSurrogate
CoTaskMemRealloc
STGMEDIUM_UserFree
CoUninitialize
OleBuildVersion
HWND_UserFree
CoReleaseMarshalData
CreateFileMoniker
GetConvertStg
HMENU_UserSize
CoFreeLibrary
WriteClassStm
HMENU_UserFree
CoGetStandardMarshal
StgGetIFillLockBytesOnILockBytes
CoTaskMemFree
CoRegisterClassObject
OleConvertIStorageToOLESTREAM
CLSIDFromString
STGMEDIUM_UserUnmarshal
HPALETTE_UserMarshal
HBITMAP_UserMarshal
CoMarshalInterface
OleRegGetUserType
CreateAntiMoniker
StgOpenStorageOnILockBytes
HWND_UserSize
HWND_UserUnmarshal
CoGetMalloc
OleGetAutoConvert
CoDisconnectObject
OleCreateFromFile
OleDuplicateData
CLIPFORMAT_UserUnmarshal
OleGetIconOfClass

advapi32

OpenServiceA

gdi32

CreateICA
CreatePalette

wininet

HttpEndRequestW
GopherGetAttributeA
FtpFindFirstFileW
InternetGetConnectedState
FindNextUrlCacheEntryA
InternetCreateUrlA
FtpGetCurrentDirectoryA
InternetWriteFile
GopherFindFirstFileA
InternetOpenUrlW
FindNextUrlCacheEntryW
InternetGoOnline
InternetTimeFromSystemTime
FtpDeleteFileA
FtpCreateDirectoryW
InternetGetLastResponseInfoA
InternetAttemptConnect
InternetCrackUrlW
InternetAutodial
InternetSetOptionExW
InternetQueryOptionW
InternetSetStatusCallback
HttpOpenRequestW
GopherFindFirstFileW
FtpRenameFileA
FtpDeleteFileW
GopherCreateLocatorA
FtpSetCurrentDirectoryW
DeleteUrlCacheEntry
ReadUrlCacheEntryStream
FtpGetFileA

comdlg32

PrintDlgW
ReplaceTextA
GetFileTitleA
GetFileTitleW
PrintDlgA
PageSetupDlgW
ChooseFontW

version

GetFileVersionInfoSizeW

oleacc

AccessibleObjectFromEvent
GetRoleTextW

setupapi

SetupQueueRenameSectionW
SetupDiGetClassImageListExA
SetupQueryInfFileInformationA
SetupAddToSourceListA
SetupInstallFileW
SetupDiSelectBestCompatDrv
SetupDiClassGuidsFromNameA
SetupAddInstallSectionToDiskSpaceListA
SetupInstallFileA
SetupAddToSourceListW
SetupDiGetDeviceInstanceIdW

mpr

WNetGetUserA

msvcrt

free
_initterm
_adjust_fdiv
malloc

shlwapi

SHCreateShellPalette
PathFileExistsW
PathUnquoteSpacesW
PathRemoveFileSpecW
StrDupW
SHRegEnumUSKeyW
StrToIntExW
StrPBrkA
PathRelativePathToA
PathAddBackslashA
PathQuoteSpacesW
PathStripToRootW

comctl32

FlatSB_SetScrollProp
ImageList_GetImageInfo
ImageList_GetBkColor
ImageList_Merge
ImageList_DragLeave
FlatSB_SetScrollPos
ord2
ImageList_DragEnter
ord6
CreatePropertySheetPageA
ImageList_GetIcon
ImageList_Add
ImageList_Copy
ImageList_ReplaceIcon
ImageList_GetIconSize
ord3
ImageList_Replace
DestroyPropertySheetPage
ImageList_Create
UninitializeFlatSB
ord13
FlatSB_SetScrollInfo
InitializeFlatSB
FlatSB_GetScrollInfo
ImageList_SetOverlayImage
PropertySheetW
ImageList_DrawIndirect
ImageList_SetBkColor
InitCommonControlsEx
ImageList_DrawEx
ord16
FlatSB_GetScrollPos
ImageList_DragShowNolock
ImageList_LoadImageA
ImageList_LoadImageW
PropertySheetA
ImageList_DragMove
CreatePropertySheetPageW
ord5
ImageList_SetImageCount

kernel32

EnumSystemLocalesA
CreateDirectoryExW
GetTapePosition
FindNextFileA
GetSystemDefaultLCID
GlobalAddAtomA
GetStdHandle
FlushConsoleInputBuffer
ExitThread
GetEnvironmentStrings

Exports

Exports

nD3TtJjZzPpf5VvL
WOCc9my
Yu17X11
f8p6U24

Sections

.text
Size: 48KB - Virtual size: 44KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 3.9MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

65726dc0f12ade48299c98e13b674888

Headers

File Characteristics

Imports

shell32

ole32

advapi32

gdi32

wininet

comdlg32

version

oleacc

setupapi

mpr

msvcrt

shlwapi

comctl32

kernel32

Exports

Exports

Sections

.text Size: 48KB - Virtual size: 44KB

.rdata Size: 48KB - Virtual size: 46KB

.data Size: 4KB - Virtual size: 3.9MB

.rsrc Size: 8KB - Virtual size: 4KB

.reloc Size: 16KB - Virtual size: 14KB

.text
Size: 48KB - Virtual size: 44KB

.rdata
Size: 48KB - Virtual size: 46KB

.data
Size: 4KB - Virtual size: 3.9MB

.rsrc
Size: 8KB - Virtual size: 4KB

.reloc
Size: 16KB - Virtual size: 14KB