8d88bbfc25550af45b5e56e11412afd0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8d88bbfc25550af45b5e56e11412afd0_JaffaCakes118
Size

55KB
MD5

8d88bbfc25550af45b5e56e11412afd0
SHA1

8b3cd5312d45e97afb838ffed2a8b12dfd9221fa
SHA256

9fff572308c36bcb2556c254e08170d8f10a9557301e624129159cc3d365ffb9
SHA512

58225cb8111e679514ffee7583b817837645d04c1e30a7c37f4d24959f418e7ef11702027197205c568a8c31aa414a1727e03ea51e8228fb9797f127196fafb4
SSDEEP

1536:FX/4isLma94WeamYtm8sJX456F2gKTg+W+Lro:lds394UmYtm3FWg+W+Lr

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8d88bbfc25550af45b5e56e11412afd0_JaffaCakes118

Files

8d88bbfc25550af45b5e56e11412afd0_JaffaCakes118
.dll windows:5 windows x86 arch:x86

741a61586043d92549618196e7a3d697

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
SetThreadPriority
WriteFile
InitializeCriticalSection
GetProcAddress
TerminateProcess
IsDBCSLeadByteEx
LeaveCriticalSection
GlobalSize
CloseHandle
GetModuleHandleA
GetOEMCP
IsProcessorFeaturePresent
WideCharToMultiByte
GlobalFree
WaitForMultipleObjects
UnmapViewOfFile
LoadLibraryA
QueryPerformanceFrequency
QueryPerformanceCounter
EnterCriticalSection
CreateThread
MapViewOfFile
SetHandleCount
CreateFileMappingA
GetFileTime
VirtualQuery
GetSystemTimeAsFileTime

crypovau

ImmGetCompositionWindow
ImmGetRegisterWordStyleA
PifMgr_SetProperties
ImmGetCandidateListA
ImmSetCompositionStringA
ImmSetCompositionWindow
CtfAImmDeactivate
SdbGetBinaryTagData
PifMgr_CloseProperties
DAD_DragLeave
ImmDestroyContext
ImmUnlockClientImc
ILCombine
SdbCloseDatabase
ImmTranslateMessage
ImmDisableIme
ImmGetAppCompatFlags
ExtractIconEx
DoEnvironmentSubstA
RestartDialog
ImmGetContext
ImmGetImeInfoEx
SdbFindNextMsiPackage
DAD_DragEnterEx
CtfAImmActivate
ImmUnlockIMCC
PathResolve
PrintersGetCommand_RunDLL
ImmSetActiveContextConsoleIME
DllGetClassObject
PifMgr_OpenProperties
SdbOpenApphelpDetailsDatabase
IsLFNDrive
ImmReleaseContext
RestartDialogEx
ShimFlushCache
ImmSetActiveContext
CheckEscapesA
SdbGetMsiPackageInformation
SdbReadStringTagRef
ILSaveToStream
ImmGetCandidateListCountA

gdi32

GetBitmapBits
SetBrushOrgEx
Polyline
SetBkColor
LineTo
GetCharWidthA
GetDIBits
EndDoc
Pie
GetTextCharsetInfo
GetMetaFileBitsEx
GetCurrentObject
SetBkMode
CreateDIBSection
StretchDIBits
SetAbortProc

user32

MessageBeep
FlashWindow
GetMessageExtraInfo
GetWindow
GetUpdateRect
GetActiveWindow
GetWindowWord
GetSysColor
GetDlgItem
ShowWindow
DrawIconEx
PostQuitMessage
GetKeyState
GetScrollInfo
GetSystemMetrics
EndPaint
IsWindow
EmptyClipboard
IntersectRect
SetKeyboardState
SetRectEmpty
DestroyMenu

advapi32

AllocateAndInitializeSid
RevertToSelf
InitializeSecurityDescriptor
SetSecurityDescriptorGroup
AccessCheck
CryptGetHashParam
CryptCreateHash
GetSecurityDescriptorDacl
EqualSid
RegCloseKey
GetPrivateObjectSecurity

ole32

GetHGlobalFromStream
WriteFmtUserTypeStg
CoTaskMemAlloc
GetHGlobalFromILockBytes
OleCreateFromData
CoUninitialize
CoLockObjectExternal
IsAccelerator

msvcrt

memmove
_controlfp
_adjust_fdiv
__p__commode

Exports

Exports

CreateProcessNotify
ctfmosk

Sections

.text
Size: 46KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

741a61586043d92549618196e7a3d697

Headers

File Characteristics

Imports

kernel32

crypovau

gdi32

user32

advapi32

ole32

msvcrt

Exports

Exports

Sections

.text Size: 46KB - Virtual size: 48KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 1KB - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 46KB - Virtual size: 48KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 1KB - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB