a778b405a7d6cd08dafbaa4dec9cc150_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

a778b405a7d6cd08dafbaa4dec9cc150_JaffaCakes118
Size

248KB
MD5

a778b405a7d6cd08dafbaa4dec9cc150
SHA1

4ee3c00cc63fea4a4aed070d312009b96f17d6d0
SHA256

57afd8c16de46f06b475f219933eb774eb6112b74152d086945890138a50e259
SHA512

d6f490ef05187c47c71f58900890b221692d90fd7dbab1b52ed2f2b94373d844f7e1165818f5eda6df71805e3dd89bb9b01c8c8634b161d185baf03f860a1e70
SSDEEP

6144:gcbPoEPtUyq8bgNEaKOXhWlRht4EO8UYyHDifNpUyoF30Jcum:gcb7P9OKOaRhy9H2jUxRFt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
a778b405a7d6cd08dafbaa4dec9cc150_JaffaCakes118

Files

a778b405a7d6cd08dafbaa4dec9cc150_JaffaCakes118
.dll windows:4 windows x86 arch:x86

4d9220d90be6d13318fd6585654cc657

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ole32

StringFromCLSID
StgCreateDocfileOnILockBytes
ReleaseStgMedium
OleUninitialize
OleRegGetUserType
OleInitialize
CreateILockBytesOnHGlobal
CoTaskMemFree
CLSIDFromString

shell32

ShellAboutW
ShellExecuteExW
DragFinish
DragQueryFileW
SHGetSettings
SHGetSpecialFolderPathW

comdlg32

ChooseFontW
CommDlgExtendedError
GetOpenFileNameW
GetSaveFileNameW

kernel32

GlobalGetAtomNameW
HeapAlloc
HeapCreate
InterlockedIncrement
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
MulDiv
MultiByteToWideChar
SetThreadPriority
SetUnhandledExceptionFilter
TerminateProcess
lstrcmpW
lstrlenA
lstrlenW
GlobalFree
GlobalAlloc
GlobalAddAtomW
GetVersionExA
GetUserDefaultLCID
GetSystemTimeAsFileTime
GetShortPathNameW
GetModuleHandleA
GetLastError
GetDateFormatW
GetCurrentThreadId
GetCommandLineA
ExitProcess
DeleteAtom
CreateFileW
CreateEventW
AddAtomW

gdi32

TextOutW
SetTextColor
SetPixel
SetDCBrushColor
SetBkMode
SelectObject
ScaleWindowExtEx
Rectangle
RectVisible
PtVisible
GetTextMetricsW
GetTextExtentPoint32W
GetTextColor
GetStockObject
GetPaletteEntries
GetObjectW
GetDeviceCaps
GetBkColor
ExtTextOutW
Escape
DeleteObject
DPtoLP
CreateSolidBrush
CreatePen
CreateICW
CreateFontIndirectW
CreateDCW
CreateCompatibleDC
BitBlt

shlwapi

PathFindFileNameW

user32

SetRect
UpdateWindow
SetCursor
WinHelpW
SetFocus
CallNextHookEx
CharToOemBuffA
DefWindowProcW
EnableWindow
FindWindowW
GetActiveWindow
GetAsyncKeyState
GetDC
GetMonitorInfoW
GetNextDlgTabItem
LoadIconW
LoadMenuW
OffsetRect
PeekMessageW
SendDlgItemMessageW
SendMessageTimeoutW
SendMessageW

msvcrt

_onexit
_XcptFilter
__CxxFrameHandler
__dllonexit
__p__commode
__p__fmode
__set_app_type
__setusermatherr
__wgetmainargs
_adjust_fdiv
_c_exit
_cexit
_controlfp
_initterm
wcstod
_wcsdup
exit
memmove
setlocale
wcscmp
wcscoll
wcslen

advapi32

RegSetValueExW
RegQueryValueExW
RegQueryValueExA
RegOpenKeyExW
RegOpenKeyExA
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey

Exports

Exports

EnumAFDistanceSettingRelease
EnumAvValueRelease
EnumImageDataInItemReset
GetDevSplineArrayEx
GetSurfaceReference
ImportIsoTrack
Malloc3DArray
RegisterShared
SetAllParamValueToAtCapture

Sections

.text
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4d9220d90be6d13318fd6585654cc657

Headers

File Characteristics

Imports

ole32

shell32

comdlg32

kernel32

gdi32

shlwapi

user32

msvcrt

advapi32

Exports

Exports

Sections

.text Size: 164KB - Virtual size: 164KB

.data Size: 72KB - Virtual size: 112KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 164KB - Virtual size: 164KB

.data
Size: 72KB - Virtual size: 112KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 4KB