93dacc341ae824918758c33a078c726d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

93dacc341ae824918758c33a078c726d_JaffaCakes118
Size

84KB
MD5

93dacc341ae824918758c33a078c726d
SHA1

6d073b58dec4ffc7e746e8cb311047ef9e5b59b6
SHA256

229cb01f1c5bd67c02dacace6232379549a07b250b078ea3769b82a501a782bb
SHA512

51cd98d1e8682048e493750e529c0f11fad56d6b8373885062ffcbbb90619b96f75422fee10b905fa4db3ad4fa5ba0c1861db62868800c5df589850690b5f28f
SSDEEP

1536:dYWXyMBzvLR16X17nlZ91LRIOA7V0rlJG7bB3jcdwCo0e:ioy+LGF7nvbLRXAQO8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
93dacc341ae824918758c33a078c726d_JaffaCakes118

Files

93dacc341ae824918758c33a078c726d_JaffaCakes118
.dll windows:4 windows x86 arch:x86

4cf93b6d1aa47fd470f83b61e7c64829

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetTempFileNameA
GetFileTime
GetFileAttributesW
IsDBCSLeadByte
IsWow64Process
SetupComm
BackupWrite
SetEvent
ReadConsoleA
HeapCompact
SetHandleCount
GlobalGetAtomNameW
QueueUserWorkItem
OpenSemaphoreW
EnumSystemLocalesA
HeapUnlock
WaitNamedPipeW
InterlockedExchangeAdd
RemoveDirectoryA
GetCommConfig
GetCurrentDirectoryA
VirtualUnlock
IsDBCSLeadByteEx
SetCommMask
GetWindowsDirectoryA
HeapCreate
ActivateActCtx
GetSystemWindowsDirectoryA
DeleteTimerQueueEx
GetModuleHandleExW
SetCurrentDirectoryA
InitializeCriticalSection
ExitProcess
MoveFileW
BindIoCompletionCallback
GetCurrencyFormatA
SetConsoleActiveScreenBuffer
SetInformationJobObject
GetCommState
FindNextFileA
GetProfileIntA
FindNextChangeNotification
BeginUpdateResourceA
GetSystemWow64DirectoryW
lstrcpyW
PurgeComm
CreateFileMappingA
WriteFile
LocalFree
GetComputerNameA
GetCommandLineA
UnmapViewOfFile
Sleep
LeaveCriticalSection
InterlockedExchange
WaitForSingleObject
MapViewOfFile
GetProcAddress
GetLastError
VirtualQuery
CopyFileA
GetVolumeInformationA
LoadLibraryA
GetQueuedCompletionStatus

ole32

CoQueryProxyBlanket
CoReleaseMarshalData
OleCreateFromFile
CoGetCallContext
OleSave
CoEnableCallCancellation
PropVariantClear
OleCreate
CoTaskMemRealloc
CreateILockBytesOnHGlobal
GetHGlobalFromILockBytes
CoInitialize
CoTaskMemFree

user32

OpenWindowStationW
GetDlgItemTextW
GetUserObjectInformationW
DeferWindowPos
ShowWindowAsync
ValidateRect
DrawTextA
DefFrameProcA
GetMessageExtraInfo
ChangeDisplaySettingsA
SetMenu
LoadMenuA
CreateCaret
LockWindowUpdate
EndDialog
CallWindowProcW
IsCharAlphaNumericA
DrawIcon
EnableWindow
SetWindowPlacement
GetDlgItemInt
GetSysColor
CreateIcon
RedrawWindow
MessageBeep
SendDlgItemMessageA
BeginPaint
IsCharAlphaW
InvertRect
IsDialogMessageW
ClientToScreen
GetComboBoxInfo
SendMessageTimeoutA
CreatePopupMenu
PostThreadMessageA
FindWindowW
OpenWindowStationA
WindowFromDC
GetClassNameW
GetWindowRgn
SetPropW
ReuseDDElParam
GetPropW
SetWindowPos
GetMenuCheckMarkDimensions
CharUpperA
FindWindowExA
GetWindowInfo
TranslateMessage
CallNextHookEx
PostQuitMessage
DestroyWindow
SetTimer
GetClassNameA
SetWindowsHookExA
SetScrollInfo

oleaut32

SysReAllocStringLen

shlwapi

StrRetToBufW
AssocCreate
PathIsDirectoryW
StrCatW
StrToIntW
PathIsRelativeW
UrlUnescapeW
PathFindExtensionW

shell32

SHGetSpecialFolderPathW
SHGetFolderLocation
ExtractIconA
SHCreateShellItem
SHAddToRecentDocs
SHGetDesktopFolder

gdi32

Chord
CreatePalette
SetPolyFillMode
CreateFontIndirectW
BitBlt
ModifyWorldTransform
EnumFontFamiliesA
SetWindowOrgEx
RemoveFontResourceW
AnimatePalette
Arc
LPtoDP
GetPath
AddFontResourceA
SetBitmapBits
PtInRegion
StretchDIBits
CreateEllipticRgnIndirect
PolyDraw
CreateHatchBrush
CreatePen
SetBkMode
PolyBezierTo
SelectObject
Pie
GetOutlineTextMetricsA
UnrealizeObject

Exports

Exports

CRLCommsLite

Sections

.text
Size: 60KB - Virtual size: 59KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4cf93b6d1aa47fd470f83b61e7c64829

Headers

File Characteristics

Imports

kernel32

ole32

user32

oleaut32

shlwapi

shell32

gdi32

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 59KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 8KB - Virtual size: 6KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 60KB - Virtual size: 59KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 6KB

.reloc
Size: 4KB - Virtual size: 2KB