aa6311eeab174d174252c86532169486JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

aa6311eeab174d174252c86532169486JaffaCakes118
Size

326KB
MD5

aa6311eeab174d174252c86532169486
SHA1

e7b1bfbf03e87373a40b61be2ddedeb1ee33c08a
SHA256

b7ce576cffde2cc76d9ce43a46f928441a803bc9308f017960aa75d804e446b6
SHA512

e44499b67be119f4a8d16d3c78be2f2260e498e90f182934350c8640c1f1de8bfcd9cb66384543702d01d8d3570d80af2e508c4d30e9807fbbb2800c2efbd506
SSDEEP

6144:W38NV017QA16NLsdvZR9y9G9iMn2Oq2Kz2222UHj0RMuDa:W38NV0173ULsq1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
aa6311eeab174d174252c86532169486JaffaCakes118

Files

aa6311eeab174d174252c86532169486JaffaCakes118
.dll windows:4 windows x86 arch:x86

b78fb872a71404a49538f62ac09466c9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

gdi32

GetObjectW
GetTextExtentPoint32W
GetDeviceCaps
CreateFontIndirectW
DeleteDC
SetTextColor
CreateCompatibleBitmap
DeleteObject
SelectObject
SetDCBrushColor
ExtTextOutW
GetStockObject
OffsetWindowOrgEx
SetWindowOrgEx
SetBkColor
SetBkMode
CreateCompatibleDC

winmm

timeEndPeriod
timeBeginPeriod

comctl32

ord17
ImageList_Create
ImageList_Destroy
ImageList_Add
ImageList_ReplaceIcon
ImageList_LoadImageW

shell32

SHGetDesktopFolder
ShellExecuteW
SHGetFolderPathW
DragFinish
SHOpenFolderAndSelectItems
SHChangeNotify
ShellExecuteExW
DragAcceptFiles

kernel32

GetCurrentThread
EnterCriticalSection
GetTickCount
MoveFileExW
SystemTimeToFileTime
ReadDirectoryChangesW
FindResourceExW
HeapAlloc
LoadResource
GetOEMCP
ResetEvent
FlushInstructionCache
RtlUnwind
LoadLibraryA
GlobalLock
GetCommandLineW
SetErrorMode
GetSystemTimeAsFileTime
DuplicateHandle
DeleteFileW
GetCPInfo
GetConsoleCP
CloseHandle
ReadFile
FindResourceW
GetCurrentThreadId
InterlockedCompareExchange
FindNextFileW
RemoveDirectoryW
GetOverlappedResult
GetExitCodeThread
SleepEx
GetCurrentProcess
CreateMutexW
CopyFileW
lstrlenW
HeapFree
FlushFileBuffers
FileTimeToSystemTime
InitializeCriticalSection
TlsSetValue
GetConsoleMode
TlsFree
SetConsoleCtrlHandler
SetThreadPriority
LockResource
InterlockedIncrement
OutputDebugStringW
GlobalUnlock
LeaveCriticalSection
GetModuleHandleW
HeapSetInformation
WriteConsoleW
CreateFileW
SetUnhandledExceptionFilter
GetProcessHeap
MulDiv
InterlockedPopEntrySList
TlsAlloc
LocalAlloc
VirtualQuery
HeapDestroy
GetModuleFileNameW
GetCurrentProcessId
GetFileAttributesW
QueryPerformanceFrequency
Sleep
GetACP
IsDebuggerPresent
GetStartupInfoW
InterlockedDecrement
SetHandleCount
SetFilePointer
DeleteCriticalSection
GetModuleHandleA
GetFileTime
SetStdHandle
LocalFileTimeToFileTime
GetFileType
GetProcAddress
GetProcessAffinityMask
SetEndOfFile
IsValidCodePage
TlsGetValue
FindFirstFileW
GetStdHandle
SizeofResource
GetFileInformationByHandle
GetFileAttributesExW
WaitForMultipleObjects
HeapSize
LCMapStringW
FreeLibrary
FileTimeToLocalFileTime
HeapReAlloc
GetLastError
WaitForSingleObject
GetStringTypeW
CreateEventW
CreateThread
VirtualProtect
FreeEnvironmentStringsW
FormatMessageW
SetLastError
InitializeCriticalSectionAndSpinCount
GetFileSize
QueryPerformanceCounter
SetEvent
ResumeThread
HeapQueryInformation
WriteFile
LoadLibraryW
GetThreadPriority
HeapCreate
RaiseException
InterlockedPushEntrySList
FindClose
CancelIo
SetThreadExecutionState

shlwapi

StrCmpLogicalW
SHDeleteKeyW
SHAutoComplete

ole32

OleInitialize
CoUninitialize
CoTaskMemAlloc
OleUninitialize
OleSetClipboard
CoCreateInstance
CoCreateGuid
ReleaseStgMedium
CreateStreamOnHGlobal
OleGetClipboard
CoInitialize
CoTaskMemFree

user32

IntersectRect
SetWindowsHookExW
CreateDialogParamW
CreatePopupMenu
DispatchMessageW
SetMenuItemInfoW
CheckMenuRadioItem
AppendMenuW
RegisterWindowMessageW
MonitorFromPoint
GetMessageW
PostMessageW
DefWindowProcW
PeekMessageW
GetActiveWindow
TranslateAcceleratorW
ScreenToClient
DrawIconEx
LoadIconW
CallWindowProcW
IsCharAlphaW
RegisterClassExW
UnhookWindowsHookEx
GetDC
UnregisterClassA
RedrawWindow
GetMenu
MsgWaitForMultipleObjects
TrackPopupMenuEx
SendMessageW
KillTimer
GetKeyState
MapVirtualKeyW
GetScrollInfo
MessageBeep
DestroyAcceleratorTable
CharLowerW
GetMonitorInfoW
UnregisterHotKey
MapDialogRect
GetClipboardData
wsprintfW
UnregisterClassW
IsClipboardFormatAvailable
GetClassNameW
SetDlgItemTextW
GetDlgItem
FillRect
TrackPopupMenu
OpenClipboard
SetFocus
CloseClipboard
LoadAcceleratorsW
DrawEdge
MonitorFromRect
CallNextHookEx
UpdateWindow
RegisterClipboardFormatW
OffsetRect
SendDlgItemMessageW
GetFocus
MapWindowPoints
ClientToScreen
ReleaseDC
SetCapture
CopyRect
GetMenuItemInfoW
SetCursor
RegisterClassW
GetComboBoxInfo
LoadCursorW
SetActiveWindow
BeginPaint
TranslateMessage
EmptyClipboard
EndPaint
LoadImageW
DrawTextW
GetClassInfoExW
DialogBoxParamW
GetMenuItemCount
GetMessagePos
SetWindowLongW
SetClipboardData
GetDlgCtrlID
EnableWindow
MessageBoxW
DestroyIcon
IsDialogMessageW
PostQuitMessage
SetTimer
InvalidateRect
DestroyMenu
CharUpperW
RegisterHotKey
EndDialog

advapi32

RegQueryInfoKeyW
CryptReleaseContext
RegQueryValueExW
CryptCreateHash
RegCloseKey
CryptGetHashParam
RegEnumKeyExW
CryptImportKey
CryptHashData
RegOpenKeyExW
CryptDestroyKey
RegCreateKeyW
RegCreateKeyExW
CryptVerifySignatureW
RegOpenKeyW
RegSetValueExW
RegEnumValueW
CryptDestroyHash
CryptAcquireContextW
RegDeleteValueW

Exports

Exports

AllCalendars_es_EC
CollationOptions_en_PH
CollationOptions_en_TT
_Compress_Set_License
eJPEG_SetTileSize

Sections

.text
Size: 111KB - Virtual size: 112KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 55KB - Virtual size: 56KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 11KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.bss
Size: - Virtual size: 40KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.idata
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 126KB - Virtual size: 128KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b78fb872a71404a49538f62ac09466c9

Headers

File Characteristics

Imports

gdi32

winmm

comctl32

shell32

kernel32

shlwapi

ole32

user32

advapi32

Exports

Exports

Sections

.text Size: 111KB - Virtual size: 112KB

.data Size: 55KB - Virtual size: 56KB

.rdata Size: 11KB - Virtual size: 12KB

.bss Size: - Virtual size: 40KB

.edata Size: 2KB - Virtual size: 4KB

.idata Size: 8KB - Virtual size: 8KB

.rsrc Size: 126KB - Virtual size: 128KB

.reloc Size: 11KB - Virtual size: 11KB

.text
Size: 111KB - Virtual size: 112KB

.data
Size: 55KB - Virtual size: 56KB

.rdata
Size: 11KB - Virtual size: 12KB

.bss
Size: - Virtual size: 40KB

.edata
Size: 2KB - Virtual size: 4KB

.idata
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 126KB - Virtual size: 128KB

.reloc
Size: 11KB - Virtual size: 11KB