a384c498ac197809f8cabdc70125b74a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a384c498ac197809f8cabdc70125b74a_JaffaCakes118
Size

57KB
MD5

a384c498ac197809f8cabdc70125b74a
SHA1

41f8736d5f858b3879baf98c6cea22738c3d6734
SHA256

dd995a0fd8a3666e9a4aa2aa67da31fa8c997c7a29301857987f74b7bd764e73
SHA512

74e6bd5401ae2884e671f25785bc836682fee95509c1390236aef75760fcb5c9b9f0312d8796fcc8821b42fd4e1efdfc9606b2ed0ae4281048cd8e75b742a716
SSDEEP

1536:TxvwT/067MG4nyZ+w8o0NDmQ+i9Ck8cmzNEs/7oARo:TZyjQp1doSabcAzNEs/7o2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a384c498ac197809f8cabdc70125b74a_JaffaCakes118

Files

a384c498ac197809f8cabdc70125b74a_JaffaCakes118
.dll windows:5 windows x86 arch:x86

2a9a8d42c3b952fa15036a90a1ac9fb0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

GetThreadDesktop
IsWindowVisible
ClientToScreen
GetScrollRange
GetDC
SetWindowPos
GetKeyState
GetSysColor
DrawMenuBar
SetForegroundWindow
MonitorFromRect
DrawTextA
IsChild
GetQueueStatus

kernel32

LockFile
GetModuleHandleA
TerminateThread
ReadFile
GetStartupInfoA
IsDBCSLeadByteEx
VirtualQueryEx
MapViewOfFile
GetProcAddress
IsProcessorFeaturePresent
WaitForMultipleObjects
GetFileSize
UnmapViewOfFile
MultiByteToWideChar
FileTimeToSystemTime
ReleaseMutex
CreateFileMappingA
GetFileTime
WaitForSingleObject
MulDiv

ole32

OleCreateLinkFromData
StgCreateDocfileOnILockBytes
WriteClassStm
OleIsCurrentClipboard
CoInitialize

aclerobj

SdbGrabMatchingInfoEx
CtfAImmIsIME
SdbFindFirstTag
Options_RunDLLA
SdbOpenApphelpDetailsDatabaseSP
SdbGetDatabaseID
ExtractAssociatedIconExA
RealShellExecuteA
CtfAImmDeactivate
CDefFolderMenu_Create
SdbFindNextTag
ImmIMPGetIMEA
PathIsExe
CtfImmLeaveCoInitCountSkipMode
CtfImmCoUninitialize
ImmReleaseContext
ImmLockIMC
ImmLoadIME

gdi32

GetSystemPaletteEntries
GetCharWidthA
DeleteEnhMetaFile
CreateCompatibleBitmap
CreateDIBPatternBrush
GetBitmapBits
SetViewportExtEx
DeleteMetaFile
SetBitmapBits
GetStockObject
Pie

advapi32

SetSecurityDescriptorDacl
SetSecurityDescriptorGroup

msvcrt

_onexit
_wtoi

Exports

Exports

CreateProcessNotify
mobsexec

Sections

.text
Size: 38KB - Virtual size: 40KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2a9a8d42c3b952fa15036a90a1ac9fb0

Headers

File Characteristics

Imports

user32

kernel32

ole32

aclerobj

gdi32

advapi32

msvcrt

Exports

Exports

Sections

.text Size: 38KB - Virtual size: 40KB

.rdata Size: 2KB - Virtual size: 4KB

.data Size: 13KB - Virtual size: 16KB

.rsrc Size: 1KB - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 38KB - Virtual size: 40KB

.rdata
Size: 2KB - Virtual size: 4KB

.data
Size: 13KB - Virtual size: 16KB

.rsrc
Size: 1KB - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB