947a024eecffc61101c5075afff29481_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

947a024eecffc61101c5075afff29481_JaffaCakes118
Size

1.0MB
MD5

947a024eecffc61101c5075afff29481
SHA1

4aaf313657bbc06c918eca8993a8cc773dc7b5e2
SHA256

0f2e5b2db2755585ee0e64a318df9bc3bf9df1d24bd0e679b2ac845be376f912
SHA512

65afcd9a26a9fd7ee03d5aa2c1e1bdc84d2a3f43f5afb6df76714dd94f8a346ce1ed6cc62a88cbe84ff6533763300aa27beadc80006a8d863c43ac067284aa79
SSDEEP

24576:aWRbAXxXbvZKD18O4LheIF9YAX5SbEtZ04AM5xWUt6JV:bRqFAD18O4jFagkbguQxZe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
947a024eecffc61101c5075afff29481_JaffaCakes118

Files

947a024eecffc61101c5075afff29481_JaffaCakes118
.dll windows:4 windows x86 arch:x86

a7f92363ece51b8c0c78219c35d24041

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalFree
GlobalUnlock
GlobalHandle
GlobalReAlloc
LocalFree
LocalAlloc
HeapAlloc
GetProcessHeap
VirtualAlloc
VirtualProtect
VirtualFree
GetProcAddress
LoadLibraryA
IsBadReadPtr
HeapFree
FreeLibrary
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
GetModuleFileNameA
CloseHandle
GetExitCodeProcess
WaitForSingleObject
CreateProcessA
GetStartupInfoA
GetFileAttributesA
ExitProcess
WritePrivateProfileStringA
MulDiv
lstrcpyA
SetEndOfFile
SetEnvironmentVariableA
CompareStringW
CompareStringA
SetConsoleCtrlHandler
CreateFileA
FlushFileBuffers
GetUserDefaultLCID
EnumSystemLocalesA
GetLocaleInfoA
IsValidCodePage
IsValidLocale
_lwrite
GetStringTypeA
UnhandledExceptionFilter
IsBadCodePtr
GetEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsW
FreeEnvironmentStringsA
SetUnhandledExceptionFilter
WriteFile
GetStdHandle
SetHandleCount
GetFileType
SetStdHandle
ReadFile
SetFilePointer
GetOEMCP
GetACP
GetCPInfo
HeapSize
GetCurrentProcess
TerminateProcess
IsBadWritePtr
HeapCreate
HeapDestroy
GetVersionExA
GetEnvironmentVariableA
GetModuleHandleA
LCMapStringW
LCMapStringA
Sleep
FatalAppExitA
GetCurrentThread
TlsGetValue
SetLastError
TlsFree
TlsAlloc
TlsSetValue
GetCurrentThreadId
GetVersion
GetCommandLineA
FileTimeToLocalFileTime
FileTimeToSystemTime
FindClose
WideCharToMultiByte
_llseek
OpenFile
_lclose
GlobalAlloc
GlobalLock
GetPrivateProfileIntA
GetTempFileNameA
DeleteFileA
GetTempPathA
GetSystemDirectoryA
GetPrivateProfileStringA
MultiByteToWideChar
GetStringTypeW
FindNextFileA
FindFirstFileA
GetLastError
HeapReAlloc
RaiseException
GetLocalTime
GetSystemTime
GetTimeZoneInformation
InterlockedIncrement
InterlockedDecrement
RtlUnwind
GetLocaleInfoW

comdlg32

GetOpenFileNameA
GetSaveFileNameA

encryptpdf

ord1

gdi32

DeleteDC
SetBkMode
TextOutA
CreateFontIndirectA
GetDeviceCaps
CreateCompatibleDC
GetObjectA
CreateDIBSection
SelectObject
BitBlt
ExtCreateRegion
CombineRgn
DeleteObject

ole32

OleInitialize
CLSIDFromProgID
CoCreateInstance
OleUninitialize

oleaut32

VariantInit
SysAllocString
VariantClear

shell32

DragFinish
SHBrowseForFolderA
SHGetPathFromIDListA
DragQueryFileA
ShellExecuteA
DragAcceptFiles

user32

SetRect
MessageBoxA
GetActiveWindow
MessageBoxW
PtInRect
MessageBeep
DestroyMenu
TrackPopupMenu
GetSubMenu
SetRectEmpty
SetDlgItemTextA
CheckDlgButton
GetDlgItem
EnableWindow
GetDlgItemTextA
IsDlgButtonChecked
EndDialog
CheckMenuItem
EnableMenuItem
DialogBoxParamA
DestroyWindow
DefWindowProcA
GetCapture
ReleaseCapture
SetCursor
SetCapture
SetFocus
BeginPaint
EndPaint
PostMessageA
GetKeyState
GetSystemMetrics
LoadImageA
CreateWindowExA
SetWindowRgn
UpdateWindow
GetWindowLongA
LoadIconA
LoadCursorA
RegisterClassExA
GetDesktopWindow
GetWindowRect
GetDC
ReleaseDC
IsWindow
SetWindowPos
InvalidateRect
PeekMessageA
TranslateMessage
DispatchMessageA
ShowWindow
PostQuitMessage
SendMessageA
GetCursorPos
LoadMenuA

Sections

.text
Size: 248KB - Virtual size: 247KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 780KB - Virtual size: 791KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: - Virtual size: 21KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a7f92363ece51b8c0c78219c35d24041

Headers

File Characteristics

Imports

kernel32

comdlg32

encryptpdf

gdi32

ole32

oleaut32

shell32

user32

Sections

.text Size: 248KB - Virtual size: 247KB

.rdata Size: 32KB - Virtual size: 32KB

.data Size: 780KB - Virtual size: 791KB

.rsrc Size: 4KB - Virtual size: 1KB

.reloc Size: - Virtual size: 21KB

.text
Size: 248KB - Virtual size: 247KB

.rdata
Size: 32KB - Virtual size: 32KB

.data
Size: 780KB - Virtual size: 791KB

.rsrc
Size: 4KB - Virtual size: 1KB

.reloc
Size: - Virtual size: 21KB