acdd8889f198c53d4f69c5ca2a741a76_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

acdd8889f198c53d4f69c5ca2a741a76_JaffaCakes118
Size

252KB
MD5

acdd8889f198c53d4f69c5ca2a741a76
SHA1

855f22564d789fad47490b9ff2f5a3a63430cfc7
SHA256

48980a2724c009d4243058fac79edbb3f267210c4bb95d80c392934f80270467
SHA512

cf6e6c6457a5f3d3ac7670dc0e609710568a0ce7283a9cc48af342aaee65f912af7f95ca8a648aab6967759f4a4d1256ac833da78b25da35a357e033fed11138
SSDEEP

6144:4/dUqJKg+qP5wLRN382sAQs0xom+9tWfMe:kdBvduPsZt+HHe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
acdd8889f198c53d4f69c5ca2a741a76_JaffaCakes118

Files

acdd8889f198c53d4f69c5ca2a741a76_JaffaCakes118
.dll windows:4 windows x86 arch:x86

4ffe2a41df9e9575da00f3314d79359d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegOpenKeyExA
RegOpenKeyExW
RegQueryValueExA
RegQueryValueExW
RegSetValueExW

kernel32

TerminateProcess
lstrlenW
AddAtomW
CreateEventW
CreateFileW
DeleteAtom
ExitProcess
GetCommandLineA
SetUnhandledExceptionFilter
SetThreadPriority
MultiByteToWideChar
MulDiv
LoadLibraryW
LoadLibraryExW
LoadLibraryExA
InterlockedIncrement
HeapCreate
HeapAlloc
GlobalGetAtomNameW
GlobalFree
GlobalAlloc
GlobalAddAtomW
GetVersionExA
GetUserDefaultLCID
GetSystemTimeAsFileTime
GetModuleHandleA
GetLastError
GetDateFormatW
GetCurrentThreadId
lstrcmpW

comdlg32

CommDlgExtendedError
GetOpenFileNameW
GetSaveFileNameW
ChooseFontW

ole32

StringFromCLSID
CreateILockBytesOnHGlobal
CLSIDFromString
IsEqualGUID
OleInitialize
OleRegGetUserType
OleUninitialize
ReleaseStgMedium
StgCreateDocfileOnILockBytes

user32

UpdateWindow
SetRect
SetFocus
SetCursor
SendMessageW
SendMessageTimeoutW
PeekMessageW
OffsetRect
LoadMenuW
GetNextDlgTabItem
GetMonitorInfoW
GetDC
GetActiveWindow
FindWindowW
EnableWindow
DefWindowProcW
CharToOemBuffA
CallNextHookEx
LoadIconW
WinHelpW
SendDlgItemMessageW

gdi32

CreateDCW
CreateFontIndirectW
CreateICW
CreatePen
CreateSolidBrush
DPtoLP
DeleteObject
Escape
ExtTextOutW
GetBkColor
GetDeviceCaps
GetObjectW
GetPaletteEntries
GetStockObject
GetTextColor
GetTextExtentPoint32W
GetTextMetricsW
PtVisible
RectVisible
Rectangle
ScaleWindowExtEx
SelectObject
SetBkMode
SetDCBrushColor
SetTextColor
TextOutW
CreateCompatibleDC

shlwapi

PathFindFileNameW

msvcrt

wcstod
wcscoll
_XcptFilter
__CxxFrameHandler
__dllonexit
__p__commode
__p__fmode
__set_app_type
__setusermatherr
__wgetmainargs
_adjust_fdiv
_c_exit
_cexit
_controlfp
_initterm
_onexit
_wcsdup
exit
memmove
setlocale
wcscmp

shell32

DragQueryFileW
SHGetSettings
SHGetSpecialFolderPathW
ShellAboutW
ShellExecuteExW
DragFinish

Exports

Exports

BAOOpenFile
D3D9UnmapResources
GetLimitation
GetSupportParamValueHead

Sections

.text
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4ffe2a41df9e9575da00f3314d79359d

Headers

File Characteristics

Imports

advapi32

kernel32

comdlg32

ole32

user32

gdi32

shlwapi

msvcrt

shell32

Exports

Exports

Sections

.text Size: 168KB - Virtual size: 168KB

.data Size: 72KB - Virtual size: 108KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 168KB - Virtual size: 168KB

.data
Size: 72KB - Virtual size: 108KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 4KB