853c5f48616fd2afd63e487d197c9796_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

853c5f48616fd2afd63e487d197c9796_JaffaCakes118
Size

464KB
MD5

853c5f48616fd2afd63e487d197c9796
SHA1

e1cc2d9cb09c029bd63ce40f19b99c81d6a37794
SHA256

062f094b3b20d67c5dbaee280d3def3d9c352401e5a0306cc19565034e8937a2
SHA512

d7163c5d540cd6537e1bf90b37afd6c05afe7e47cdb0dd9548c628aa1fe997ec7fd29d0d6f0cb3afc4a2e5cf6ccf61462e5c63e55989cfec293e5fda848b8abd
SSDEEP

12288:MuX3k1x9bnpgsxcUDte8VGnT9fU7LLsUoI4WMX:MuHk1XpiUDtepT9fSLLsb5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
853c5f48616fd2afd63e487d197c9796_JaffaCakes118

Files

853c5f48616fd2afd63e487d197c9796_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

b71dd9d2147840d429646b67b47d87ee

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetFileType
GetStdHandle
SetHandleCount
GetModuleHandleA
GetProcAddress
SetUnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
HeapDestroy
TlsGetValue
SetLastError
TlsFree
TlsAlloc
TlsSetValue
GetCurrentThreadId
GetStartupInfoA
TerminateProcess
GetCPInfo
LCMapStringW
LCMapStringA
ExitProcess
GetVersion
GetCommandLineA
RaiseException
HeapFree
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
WriteFile
SetFilePointer
FlushFileBuffers
CloseHandle
IsValidLocale
IsValidCodePage
GetLocaleInfoA
EnumSystemLocalesA
GetUserDefaultLCID
GetVersionExA
GetStringTypeA
GetStringTypeW
IsBadReadPtr
IsBadCodePtr
GetACP
GetOEMCP
LoadLibraryA
SetStdHandle
ReadFile
DisableThreadLibraryCalls
GetLocaleInfoW
lstrcatA
GlobalAlloc
GlobalLock
GlobalUnlock
GetCurrentProcess
HeapAlloc
HeapReAlloc
RtlUnwind
InterlockedExchange
Sleep
FlushInstructionCache
lstrcpyA
MulDiv
lstrlenA
MultiByteToWideChar
WideCharToMultiByte
FindResourceA
LoadResource
LockResource
lstrlenW
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSection
GetLastError
HeapSize

user32

SetWindowTextA
SendMessageA
DefWindowProcA
GetKeyState
PtInRect
UnionRect
ShowWindow
IsChild
SetDlgItemTextA
GetDlgItem
SendDlgItemMessageA
GetAsyncKeyState
ScrollWindow
GetScrollInfo
SetScrollInfo
IsRectEmpty
InflateRect
GetCapture
LoadCursorA
SetCursor
GetClassInfoExA
RegisterClassExA
GetWindowTextLengthA
GetWindowTextA
wsprintfA
DrawTextA
LoadImageA
GetFocus
PostMessageA
SetCapture
ClientToScreen
ScreenToClient
ReleaseCapture
FillRect
BeginPaint
GetClientRect
EndPaint
InvalidateRect
CreateWindowExA
CallWindowProcA
GetWindowLongA
IntersectRect
EqualRect
OffsetRect
SetWindowRgn
SetWindowPos
SetWindowLongA
GetParent
SetFocus
GetDC
ReleaseDC
GetDialogBaseUnits
CreateDialogParamA
LoadStringA
IsDialogMessageA
WinHelpA
MoveWindow
IsWindow
DestroyWindow

gdi32

SetROP2
CreatePen
CreateCompatibleBitmap
SetBkMode
Rectangle
LineTo
MoveToEx
SetTextColor
CreateCompatibleDC
BitBlt
CreateSolidBrush
LPtoDP
SetMapMode
SetViewportOrgEx
DeleteDC
CreateMetaFileA
SaveDC
SetWindowOrgEx
SetWindowExtEx
RestoreDC
CloseMetaFile
DeleteMetaFile
CreateRectRgnIndirect
GetDeviceCaps
CreateFontIndirectA
SelectObject
GetTextMetricsA
GetTextExtentPointA
DeleteObject
CreateBrushIndirect

advapi32

CryptEncrypt
CryptAcquireContextW
CryptImportKey

atl

ord18
ord57
ord32
ord30
ord46
ord51
ord15
ord50
ord31
ord43
ord44
ord27
ord26
ord23
ord21
ord58
ord16

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 148KB - Virtual size: 147KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 256KB - Virtual size: 252KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b71dd9d2147840d429646b67b47d87ee

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

atl

Exports

Exports

Sections

.text Size: 148KB - Virtual size: 147KB

.rdata Size: 24KB - Virtual size: 22KB

.data Size: 12KB - Virtual size: 19KB

.rsrc Size: 256KB - Virtual size: 252KB

.reloc Size: 20KB - Virtual size: 16KB

.text
Size: 148KB - Virtual size: 147KB

.rdata
Size: 24KB - Virtual size: 22KB

.data
Size: 12KB - Virtual size: 19KB

.rsrc
Size: 256KB - Virtual size: 252KB

.reloc
Size: 20KB - Virtual size: 16KB