85138c693a9aa2b3936bbf1042f70e34_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

85138c693a9aa2b3936bbf1042f70e34_JaffaCakes118
Size

252KB
MD5

85138c693a9aa2b3936bbf1042f70e34
SHA1

39904d319e74fda69e3010cfed3df6cdd041db17
SHA256

7dc4b9a7c130a43eae8b811962952299cfa284dfa463b3b5c97d1c922fc796b7
SHA512

064eaf2d82677943fb861fa4597151305af5bcbb014769f2a350d75274f28e294d246304d65d164fabff8ba8fae7ac08c41deb6d9772581ddf670875a4c98d02
SSDEEP

6144:CkB6nrJ33fkB9DCoVdABwxTM/THxlj6CP8Eta76f6P:CDE9rVdBT6TDWmT6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
85138c693a9aa2b3936bbf1042f70e34_JaffaCakes118

Files

85138c693a9aa2b3936bbf1042f70e34_JaffaCakes118
.dll windows:4 windows x86 arch:x86

301b7bdad33db221f374ac1e44e53b0c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

__p__fmode
__set_app_type
_adjust_fdiv
_controlfp
_except_handler3
_exit
_ftol
_initterm
_purecall
_vsnwprintf
_wcmdln
_wcsdup
_wcsicmp
free
iswspace
memmove
setlocale
wcscmp
wcstod
_XcptFilter
__dllonexit

kernel32

HeapAlloc
HeapCreate
InterlockedIncrement
LoadLibraryW
MulDiv
MultiByteToWideChar
ResetEvent
SetEvent
SetUnhandledExceptionFilter
Sleep
WideCharToMultiByte
lstrcmpiW
lstrlenW
GlobalLock
GlobalFree
GetVersionExA
GetUserDefaultLCID
GetTickCount
GetStartupInfoW
GetModuleHandleA
GetModuleFileNameW
GetFileAttributesW
GetCurrentThreadId
GetCommandLineA
FormatMessageW
FindResourceW
ExitProcess
EnumTimeFormatsW
EnumDateFormatsW
CreateFileW
CreateEventW
GetVersion

advapi32

RegCloseKey
RegDeleteKeyW
RegOpenKeyExA
RegOpenKeyExW
RegQueryValueExA
RegQueryValueExW
RegSetValueExW
RegCreateKeyExW

ole32

StringFromCLSID
ReleaseStgMedium
ReadClassStg
OleUninitialize
OleRegGetUserType
OleInitialize
CreateILockBytesOnHGlobal
CoTaskMemFree
CLSIDFromString
StgCreateDocfileOnILockBytes

gdi32

Rectangle
RectVisible
PtVisible
GetTextMetricsW
GetTextExtentPoint32W
GetTextColor
GetStockObject
GetPaletteEntries
GetObjectW
GetDeviceCaps
GetBkColor
ScaleWindowExtEx
Escape
DeleteObject
EnumFontFamiliesExW
EnumFontFamiliesW
CreateSolidBrush
BitBlt
CreateCompatibleDC
CreateDCW
CreateFontIndirectW
CreateICW
SelectObject
SetBkMode
SetDCBrushColor
SetPixel
SetTextColor
TextOutW
DPtoLP
ExtTextOutW
CreatePen

user32

FillRect
GetCapture
CopyRect
AppendMenuW
WinHelpW
UpdateWindow
SetWindowLongW
SetRect
ScreenToClient
ReleaseCapture
RegisterWindowMessageW
RegisterClipboardFormatW
PtInRect
MsgWaitForMultipleObjects
LoadStringW
LoadBitmapW
IsChild
GetWindowLongW
GetDlgItem
GetDlgCtrlID
GetCursorPos
EnableWindow

shlwapi

PathFindFileNameW

comdlg32

CommDlgExtendedError
GetOpenFileNameW
GetSaveFileNameW
ChooseFontW

shell32

DragQueryFileW
SHGetSettings
SHGetSpecialFolderPathW
ShellAboutW
ShellExecuteExW
DragFinish

Exports

Exports

AudioGUIConfigureItem
BindSurfaceToArray
DAE
EnumIIMInfoReset
EnumImageItemReset
GetBaseImageDataPropertyCount
GetCustomFunctionSettingCount
GetDevSplineArray
GetLocalizedWaitCDTexts

Sections

.text
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

301b7bdad33db221f374ac1e44e53b0c

Headers

File Characteristics

Imports

msvcrt

kernel32

advapi32

ole32

gdi32

user32

shlwapi

comdlg32

shell32

Exports

Exports

Sections

.text Size: 168KB - Virtual size: 168KB

.data Size: 72KB - Virtual size: 108KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 168KB - Virtual size: 168KB

.data
Size: 72KB - Virtual size: 108KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 4KB