8da55a66f7bf0fb9a7df6b04e1feac35_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

8da55a66f7bf0fb9a7df6b04e1feac35_JaffaCakes118
Size

38KB
MD5

8da55a66f7bf0fb9a7df6b04e1feac35
SHA1

9184ddd02901197a5ff86ee706a5d1e1551540df
SHA256

ad2561fca9e48b8d6164b1b18b0b1eac419b84b229f9bd0a867343520a3da7ce
SHA512

10be83cb936fce0cccf886061ff2ec51ae4d48313dade0e7f59cbdace6440916a9006d078382580fcfeef230e5f9147e32265ff21ef30f4d47bf62ba89d0f916
SSDEEP

768:j/PhrNnR0rFu9IRnAr2KMtyTbY3OOOOOOOI27D7ztpRynqDs:jPlNqrY9UAKKMtyTyGXxpRyqDs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8da55a66f7bf0fb9a7df6b04e1feac35_JaffaCakes118

Files

8da55a66f7bf0fb9a7df6b04e1feac35_JaffaCakes118
.dll windows:4 windows x86 arch:x86

8dd86af14051372c1bbe1f9649995acd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
EnumResourceLanguagesW
EnumResourceTypesA
ExitProcess
GetACP
GetCommandLineA
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GetSystemDirectoryA
GetSystemTimeAsFileTime
GetVersion
HeapAlloc
LeaveCriticalSection
LocalAlloc
MultiByteToWideChar
OpenFile
SetLastError
SetUnhandledExceptionFilter
Sleep
VirtualAlloc
VirtualFree
lstrcmpiA
lstrcpyA
lstrcpynA

msvcrt

fwprintf
free
_wcsicmp
__set_app_type
__getmainargs
__p__commode
exit

ole32

CLSIDFromString
CoCreateInstance
CoInitialize
CoTaskMemAlloc
CoTaskMemFree
CoUninitialize
CreateOleAdviseHolder
OleInitialize
OleQueryLinkFromData
RegisterDragDrop
StgCreateDocfile
StringFromGUID2
WriteClassStg
WriteClassStm

ntdll

NtOpenKey
NtOpenSymbolicLinkObject
NtOpenThreadToken
NtCreateSemaphore
RtlCharToInteger
RtlEnterCriticalSection
RtlInitString
RtlInitUnicodeString
RtlLeaveCriticalSection
RtlNtStatusToDosError
NtCreateSection
LdrUnloadDll
RtlAppendUnicodeStringToString

shlwapi

SHSetValueW
PathSkipRootW
PathIsUNCW
StrCmpIW
PathFindNextComponentW
PathFindFileNameW
PathFindExtensionW
StrFormatKBSizeW
StrRChrW
StrRetToBufW
PathAppendW
PathAddBackslashW
PathIsPrefixW
AssocCreate

comdlg32

ChooseColorA
CommDlgExtendedError
GetFileTitleW
GetOpenFileNameA
ChooseFontW
FindTextW
FindTextA
ChooseColorW
PrintDlgW
PageSetupDlgW
PageSetupDlgA
LoadAlterBitmap
GetSaveFileNameW
GetOpenFileNameW

comctl32

ImageList_ReplaceIcon
InitCommonControlsEx

winmm

mixerGetLineInfoA
mmGetCurrentTask
midiStreamOpen

oleaut32

SafeArrayCreate
GetErrorInfo
ClearCustData
SetErrorInfo
SysFreeString
SysReAllocString
OleLoadPicture

user32

GetMenu
ShowCaret
OemToCharW
OemToCharBuffA
CharToOemBuffA
CharUpperA
CreateCursor
DrawCaption
EmptyClipboard
EnableScrollBar
GetMessageA
IsCharLowerA
LoadImageA
LoadMenuA
MessageBoxIndirectA

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8dd86af14051372c1bbe1f9649995acd

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

ole32

ntdll

shlwapi

comdlg32

comctl32

winmm

oleaut32

user32

Sections

.text Size: 10KB - Virtual size: 9KB

.data Size: 6KB - Virtual size: 5KB

.rsrc Size: 21KB - Virtual size: 20KB

.text
Size: 10KB - Virtual size: 9KB

.data
Size: 6KB - Virtual size: 5KB

.rsrc
Size: 21KB - Virtual size: 20KB