93ee888a24acd36f9f912d3fd8cbbefd_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

93ee888a24acd36f9f912d3fd8cbbefd_JaffaCakes118
Size

42KB
MD5

93ee888a24acd36f9f912d3fd8cbbefd
SHA1

a2edee91bdf3f517c8a35308b6963569e4729eed
SHA256

26dacfe2436d650a5a907cf51e45dd63b4383f68c60924df42ffc8104c6ceedf
SHA512

75c6ff7af22b46352ce272cb1c81703b5159eb93ee21a47c03e2750ac15ff784b80bff0cfde9520fb27fadcbfc3152fbb630928ff48c9c6b8aa1574966ae7f64
SSDEEP

768:e8WIb+uRDVNJ2mZfgoiBimmR2avjkuwAKF6gVaj1/:e8W+DZNLhSJmJTh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
93ee888a24acd36f9f912d3fd8cbbefd_JaffaCakes118

Files

93ee888a24acd36f9f912d3fd8cbbefd_JaffaCakes118
.dll windows:4 windows x86 arch:x86

b33bbd6838dc16a21a6638a45d8a2849

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ntdll

strrchr
strchr
iswspace
wcsstr
wcscspn
memmove
wcschr
wcsrchr
memset
memcpy
_alldiv
_chkstk

gdi32

DeleteObject
GetTextExtentPointW
GetCurrentObject
GetDIBits
DeleteDC
SetTextColor
GetTextExtentPoint32W
CreateSolidBrush
GetTextColor
GetGlyphOutlineW
ExtTextOutW
CreateCompatibleBitmap
CreateCompatibleDC
SelectObject
GdiFlush
SetBkColor
CreateFontW
SetBkMode
GetTextExtentPoint32A
ExtTextOutA
TextOutW
GetGlyphOutlineA
CreateDIBSection
TextOutA
BitBlt

psapi

GetModuleFileNameExW
EnumProcessModules

user32

GetMenuItemCount
GetWindowTextLengthW
SendMessageW
SetWindowTextW
GetWindowRect
EnumThreadWindows
RealGetWindowClassA
GetParent
GetMenuItemInfoW
GetMenu
InvalidateRect
GetWindowTextW
DrawTextExA
GetDC
DrawMenuBar
DrawTextA
ReleaseDC
MessageBoxW
TrackPopupMenuEx
TrackPopupMenu
GetClientRect
GetWindowDC
DrawTextExW
EndPaint
BeginPaint
DrawTextW
MessageBoxA
FillRect
wsprintfW
SetWindowPos
KillTimer
SetMenuItemInfoW
EnumChildWindows

shell32

SHGetFolderPathW

advapi32

RegCloseKey
RegOpenKeyW
RegQueryValueExW

kernel32

EnterCriticalSection
LeaveCriticalSection
GetCurrentProcessId
Sleep
GetCurrentThreadId
Thread32First
CompareStringA
CreateToolhelp32Snapshot
VirtualProtect
CreateProcessA
DisableThreadLibraryCalls
IsBadReadPtr
VirtualQuery
GetTickCount
GetModuleHandleW
CreateThread
GetModuleHandleA
GetModuleFileNameA
GetFileSizeEx
CreateFileW
ReadFile
WriteFile
CompareStringW
WriteProcessMemory
CloseHandle
VirtualAllocEx
GetModuleFileNameW
GetFileAttributesW
LoadLibraryW
CreateRemoteThread
WaitForSingleObject
GetCurrentProcess
CreateProcessW
InitializeCriticalSection
GetProcessHeap
HeapFree
LoadLibraryExW
HeapAlloc
LocalAlloc
InterlockedExchange
GetLastError
LoadLibraryA
Thread32Next
RaiseException
WideCharToMultiByte
MultiByteToWideChar
GetProcAddress
HeapReAlloc
FreeLibrary

Sections

.text
Size: 36KB - Virtual size: 35KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b33bbd6838dc16a21a6638a45d8a2849

Headers

DLL Characteristics

File Characteristics

Imports

ntdll

gdi32

psapi

user32

shell32

advapi32

kernel32

Sections

.text Size: 36KB - Virtual size: 35KB

.data Size: 2KB - Virtual size: 5KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 36KB - Virtual size: 35KB

.data
Size: 2KB - Virtual size: 5KB

.reloc
Size: 2KB - Virtual size: 2KB