87692ba289ab8842665ae39dc1a4c22c_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

87692ba289ab8842665ae39dc1a4c22c_JaffaCakes118
Size

348KB
MD5

87692ba289ab8842665ae39dc1a4c22c
SHA1

d91be2f88a22d73ebbdd00cb1accdb0c9c27d265
SHA256

e055c1161831da703aa1740b229292e017d153f6f94bb4144a10b22ee217464b
SHA512

edfc3d5df028e61fff9e22db85196b6eadacc866ab8b65c1b207a0ee6083ac873ff363deb3a2c7a1f71b2c58839e29f3ce83c5122a7522accab95eae7b3a7d86
SSDEEP

6144:tjgGNv3g40JPXnKfU5ok1tPvpMmc02fl9gT/bDpf2+ER4xo87p6mN+H1l:tjtNvw4eP6fibvcFlOT/bDN4R4xoip67

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
87692ba289ab8842665ae39dc1a4c22c_JaffaCakes118

Files

87692ba289ab8842665ae39dc1a4c22c_JaffaCakes118
.dll windows:4 windows x86 arch:x86

774de68f1720a04c60cade80f9ba625f

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateWaitableTimerW
GlobalUnlock
FindFirstChangeNotificationW
GlobalAddAtomW
CreateEventW
CloseHandle
FindFirstFileW
GetFileAttributesExW
QueryDosDeviceW
SetCurrentDirectoryW
GlobalDeleteAtom
SuspendThread
VirtualAlloc
MultiByteToWideChar
CreateThread
SetEvent
FindClose
GetUserDefaultLangID
GetVersion
FindNextChangeNotification
ResumeThread
GetModuleHandleW
GlobalFree
FreeLibrary
GetProcessHeap
HeapAlloc
HeapFree
HeapSize
IsBadReadPtr
LoadLibraryA
VirtualProtect
GetModuleFileNameW
FileTimeToSystemTime
GetLocalTime
GetLastError
GetLogicalDrives
SetEndOfFile
DuplicateHandle
GetCurrentThread
GetCurrentThreadId
FindResourceW
FindResourceExW
InterlockedIncrement
FreeResource
WriteFile
GetTickCount
GlobalAlloc
GetDriveTypeW
GetProcAddress
CreateProcessW
InterlockedDecrement
LockResource
MulDiv
GetSystemTime
VirtualFree
Sleep
LoadResource
DeleteFileW
SetWaitableTimer
WaitForSingleObject
lstrlenW
SetFilePointer
CreateFileW
SetLastError

user32

EnableWindow
DestroyMenu
wsprintfW
DialogBoxParamW
LoadIconW
GetCursorPos
RegisterWindowMessageW
OffsetRect
GetSystemMetrics
LoadImageW
GetKeyState
LoadStringW
SendDlgItemMessageW
SystemParametersInfoW
VkKeyScanW
InvalidateRect
SendMessageW
MessageBoxW
GetClassNameW
WindowFromPoint
SetDlgItemTextW
GetDlgItem
SetCursorPos
DestroyIcon
EndDialog
RegisterHotKey
SetForegroundWindow
AppendMenuW
SetLayeredWindowAttributes
IsWindow
UpdateWindow
GetSysColor
PostQuitMessage
CreatePopupMenu
LoadBitmapW
SetWindowTextW
GetWindowTextW
TrackPopupMenu
SetCapture
DrawTextW
GetWindowDC
GetMessageW
GetWindowThreadProcessId
PostMessageW
LoadCursorW

gdi32

CreateFontIndirectW
CreatePen
DeleteDC
BitBlt
SelectObject
StretchBlt
GetMapMode
CreateCompatibleBitmap
GetObjectW
CreateBitmap
SetDIBits
SetMapMode
CreateRoundRectRgn
SetBkMode
DPtoLP
CreateSolidBrush
DeleteObject
LineTo
SetBkColor
MoveToEx
Rectangle
CreateICW
CreateCompatibleDC

advapi32

GetUserNameW
LookupAccountSidW
RegDeleteValueW
RegSetValueExW
StartServiceW
SetSecurityDescriptorDacl
RegOpenKeyExW
LookupPrivilegeValueW

shell32

SHChangeNotify
Shell_NotifyIconW

ole32

CreateStreamOnHGlobal

oleaut32

SysFreeString

Sections

.text
Size: 324KB - Virtual size: 322KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

774de68f1720a04c60cade80f9ba625f

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 324KB - Virtual size: 322KB

.rdata Size: 4KB - Virtual size: 3KB

.data Size: 12KB - Virtual size: 8KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 324KB - Virtual size: 322KB

.rdata
Size: 4KB - Virtual size: 3KB

.data
Size: 12KB - Virtual size: 8KB

.reloc
Size: 4KB - Virtual size: 2KB