9424ac4b86d584795d9d09aa1443b479_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

9424ac4b86d584795d9d09aa1443b479_JaffaCakes118
Size

77KB
MD5

9424ac4b86d584795d9d09aa1443b479
SHA1

8f2a71bbdad32db7c796d8ba07a9c19e853f2bf9
SHA256

6663646aa6ab8b4d6468858e7138370ee3e3b7b52e1993636704b6477ba3cc36
SHA512

39277b4f5caf8455e76d628dc40264e2cf3028ee9160a861c50ab146580d76aff6f615e437a63a7dd1b837cd0a647243870248b179848b78ae50280b13728819
SSDEEP

1536:PJdLac9MFgGxC8cRTFi9AE5G0w/jXjqTwcQ4HBMLD8zbYBxriR+u4:m26JAm50j0sDLD8zs4+u4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
9424ac4b86d584795d9d09aa1443b479_JaffaCakes118

Files

9424ac4b86d584795d9d09aa1443b479_JaffaCakes118
.dll windows:5 windows x86 arch:x86

2ac42742db132efd25901460347394eb

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetModuleHandleA
FormatMessageW
LoadLibraryW
GetLocaleInfoA
SizeofResource
InitializeCriticalSection
LoadResource
GetFileType
IsDBCSLeadByte
GlobalDeleteAtom
GetModuleFileNameA
SetEvent
GetModuleFileNameW
FreeLibrary
LeaveCriticalSection
SetHandleCount
InterlockedIncrement
LocalFree
GetLastError
GetCPInfo
GetEnvironmentVariableA
DisableThreadLibraryCalls
GetVersionExA
SetFilePointer
FindResourceW
GlobalAlloc
InterlockedCompareExchange
ResetEvent
GetCurrentThreadId
lstrlenW
HeapSize
FindNextFileA
GetVersion
GetFullPathNameW
DebugBreak
GetFileAttributesW
SetConsoleCP
CloseHandle
GetFullPathNameA
HeapCreate
GetConsoleMode
UnhandledExceptionFilter
EnterCriticalSection
GetModuleHandleW
ResumeThread
WriteFile
FindNextFileW
InterlockedDecrement
CreateFileMappingW
MultiByteToWideChar
GetProcAddress
InterlockedExchange
WaitForMultipleObjects
WideCharToMultiByte
Sleep
CreateDirectoryA
ExitProcess
GetStringTypeW
LCMapStringA
GetCurrentProcess
VirtualFree
CreateFileA
HeapAlloc
CreateThread
FreeEnvironmentStringsA
SetStdHandle
TlsGetValue
GetSystemTimeAsFileTime
FormatMessageA
MapViewOfFile
QueryPerformanceCounter
LocalAlloc
GetACP
FreeEnvironmentStringsW
MulDiv
RtlUnwind
SetLastError
GetStartupInfoA
GetEnvironmentStringsW
IsBadCodePtr
LCMapStringW
HeapDestroy
DeviceIoControl
HeapReAlloc
GetOEMCP
lstrcmpW
GetTickCount
WaitForSingleObject
TerminateProcess
GetPrivateProfileStringA
GetFileSize
CreateDirectoryW
GetProcessHeap
GetEnvironmentVariableW
GetTempPathW
VirtualAlloc
FindClose

gdi32

StretchBlt
SetBkMode
ExtTextOutW
PatBlt
GetTextExtentPoint32A
BitBlt
GetTextExtentPoint32W
Rectangle
SetBrushOrgEx
SetViewportOrgEx
SelectPalette

user32

IsChild
RegisterClassW
GetWindowThreadProcessId
GetSysColor
DefWindowProcA
SetCursor
GetWindowTextA
GetMenuItemID
LoadIconW
CallWindowProcA
OpenClipboard
SetWindowTextW
DrawIcon
DestroyMenu
GetMessagePos
EnumThreadWindows
BeginPaint
RedrawWindow
GetActiveWindow
GetFocus
EndDialog
SetTimer
IsRectEmpty
MessageBoxA
GetNextDlgTabItem
CallNextHookEx
GetWindow
GetMessageTime
UpdateWindow
GetMenu
GetDC
GetClassNameW
EnableWindow
ScreenToClient
GetClientRect
DialogBoxParamW
GetClassNameA
SetWindowLongW
SendDlgItemMessageA
CreateWindowExA
GetWindowLongW
IsDialogMessageA
GetWindowRect
DefWindowProcW

msvcrt

_amsg_exit
malloc
_callnewh
strchr
memset
realloc
_purecall
_onexit
__dllonexit
wcsstr
??1exception@@UAE@XZ
??1type_info@@UAE@XZ
memcpy
__getmainargs
_adjust_fdiv

advapi32

RegQueryValueExA
RegCloseKey
RegOpenKeyExA
RegSetValueExA
RegSetValueExW
RegDeleteValueW
RegCreateKeyExA
RegCreateKeyExW
RegDeleteKeyA

ole32

ReleaseStgMedium
CoTaskMemRealloc
StringFromCLSID
CoTaskMemFree
GetDocumentBitStg
CoUninitialize

lz32

LZSeek
LZOpenFileW
LZStart

version

VerQueryValueA

Sections

.text
Size: 14KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 61KB - Virtual size: 74KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 40B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 512B - Virtual size: 384B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2ac42742db132efd25901460347394eb

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

gdi32

user32

msvcrt

advapi32

ole32

lz32

version

Sections

.text Size: 14KB - Virtual size: 13KB

.rdata Size: 61KB - Virtual size: 74KB

.data Size: 512B - Virtual size: 40B

.reloc Size: 512B - Virtual size: 384B

.text
Size: 14KB - Virtual size: 13KB

.rdata
Size: 61KB - Virtual size: 74KB

.data
Size: 512B - Virtual size: 40B

.reloc
Size: 512B - Virtual size: 384B