89c6defaa8330eef9c638862709dac61_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

89c6defaa8330eef9c638862709dac61_JaffaCakes118
Size

84KB
MD5

89c6defaa8330eef9c638862709dac61
SHA1

2b2d1a87b77c796ac24734c3397dd2d035379851
SHA256

040f21dad41f826467fd642888208993ce64a16ccdb7e80b09cbbf99640ef234
SHA512

241a5cfda626dde35f9c9b9ca452cbff89f4bb4fbec0d40b07c5e06142dc72a49f59e6d2be5c73aff625301f9c6d60b7895fac7fa46e44dceb73456851418cf2
SSDEEP

1536:cKglshvsRVyLw6YYCb7Rb5txOd1Xjn+1:cK3hvs6GYCbV1tgvXj+1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
89c6defaa8330eef9c638862709dac61_JaffaCakes118

Files

89c6defaa8330eef9c638862709dac61_JaffaCakes118
.dll windows:4 windows x86 arch:x86

281f067ebb436230a5e0dd8fdbbde584

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

UnlockFileEx
AddAtomW
GetCurrentDirectoryW
SetVolumeLabelA
GetFileTime
ConnectNamedPipe
VerifyVersionInfoA
SystemTimeToFileTime
LockResource
RegisterWaitForSingleObjectEx
OpenMutexA
FileTimeToSystemTime
GetCommState
SetEnvironmentVariableW
FindNextFileW
SetVolumeLabelW
OpenFileMappingA
GetUserDefaultUILanguage
SetCurrentDirectoryW
FormatMessageW
GetStringTypeA
LocalHandle
GetAtomNameW
WriteConsoleInputA
GetDefaultCommConfigW
GlobalFree
SetEnvironmentVariableA
SetSystemTime
CompareFileTime
GetNumberFormatA
CreateMailslotA
GetFileAttributesExW
CreateThread
SetTimeZoneInformation
VerSetConditionMask
FileTimeToDosDateTime
GetOverlappedResult
CreatePipe
SetConsoleMode
FreeEnvironmentStringsW
EnumResourceLanguagesA
GetFileType
CreateConsoleScreenBuffer
GetCommConfig
SleepEx
LocalFileTimeToFileTime
DeleteVolumeMountPointW
SwitchToThread
SetFileAttributesA
MultiByteToWideChar
GetVersionExW
UnregisterWaitEx
EnumResourceNamesW
BackupWrite
GetFileInformationByHandle
GlobalReAlloc
GetTempFileNameW
ActivateActCtx
EscapeCommFunction
GetDiskFreeSpaceExW
FindFirstChangeNotificationW
GetTimeZoneInformation
BeginUpdateResourceA
SetupComm
GetLocaleInfoW
GetAtomNameA
IsBadStringPtrW
ProcessIdToSessionId
DeleteTimerQueueTimer
GetFileAttributesExA
SetDefaultCommConfigW
ExpandEnvironmentStringsA
GetTempPathA
LCMapStringW
ChangeTimerQueueTimer
DosDateTimeToFileTime
HeapFree
MapViewOfFile
HeapAlloc
LeaveCriticalSection
CreateFileMappingA
GetTickCount
GetSystemTimeAsFileTime
CreateEventA
GetModuleHandleA
ExitProcess
GlobalAlloc
CreateFileA
VirtualProtect
GetProcessHeap
GetProcAddress
SetLastError
VirtualQuery
CreateProcessA
InterlockedCompareExchange
LocalSize
LoadLibraryA

ole32

CoFreeUnusedLibrariesEx
RegisterDragDrop
OleCreateLink
CoWaitForMultipleHandles
CoGetClassObject
OleCreateFromData
OleRun
PropVariantCopy
CreateFileMoniker
OleLoad
OleLoadFromStream
CoCreateFreeThreadedMarshaler
CreateBindCtx
OleCreateStaticFromData
GetRunningObjectTable
CoDisableCallCancellation
CoReleaseMarshalData
OleLockRunning
CreateDataAdviseHolder

shlwapi

PathIsDirectoryW
UrlIsW
StrFormatKBSizeW
PathIsURLW
UrlCombineW
StrToIntExW
PathRenameExtensionW
StrFormatByteSizeW
SHDeleteValueW
PathCreateFromUrlW
StrToIntA
StrChrW
PathIsPrefixW
PathFindExtensionW
UrlEscapeW
StrStrIW
UrlUnescapeW
PathFindExtensionA

shell32

SHPathPrepareForWriteW
DragFinish
SHFileOperationA
SHGetSettings
SHBrowseForFolderW
SHGetFolderPathAndSubDirW

gdi32

SetMapperFlags
GetBkMode
PathToRegion
CreateDCW
GetWinMetaFileBits
SetBitmapDimensionEx
GetTextExtentExPointA
GetObjectType
CreateMetaFileW
GetTextCharset
LPtoDP
SetWindowExtEx
GetLayout
EndDoc
EndPage
EnumFontFamiliesExA
GetTextFaceA
CreateICW
GetTextExtentPoint32W
CreateDiscardableBitmap
GetRegionData
PolyDraw
DPtoLP
GetGlyphOutlineW
StrokePath
GetClipRgn
EnumFontFamiliesA
ScaleWindowExtEx
SetTextJustification
IntersectClipRect
DeleteObject
SetTextCharacterExtra
SetArcDirection
SetBkColor
CreatePolygonRgn
GetDIBits
CreateMetaFileA

Exports

Exports

CPlApplet

Sections

.text
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

281f067ebb436230a5e0dd8fdbbde584

Headers

File Characteristics

Imports

kernel32

ole32

shlwapi

shell32

gdi32

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 58KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 8KB - Virtual size: 6KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 60KB - Virtual size: 58KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 6KB

.reloc
Size: 4KB - Virtual size: 2KB