b02ee6f785c80999cb608f2b72d51b93_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b02ee6f785c80999cb608f2b72d51b93_JaffaCakes118
Size

918KB
MD5

b02ee6f785c80999cb608f2b72d51b93
SHA1

3138b928f0a45b27d17836b2db5d06d6df6a126a
SHA256

91ba9a56d4ae16f905163489b4a93e1ff69b7eff76cd3ec29e6a0c7d585937e3
SHA512

a60b20014194b56896bc87824e119612933e20682a8eeb395bb93b0ac3600714b707773e585e73c9b43328cb78fe27e9be577d1f4c708c78adbbb630e2322687
SSDEEP

24576:QW7pFtnZKEzOw47kjzyXNejTBKq9fOBRo9N:F73zD4QjzyX4jTgq9fOBIN

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b02ee6f785c80999cb608f2b72d51b93_JaffaCakes118

Files

b02ee6f785c80999cb608f2b72d51b93_JaffaCakes118
.dll windows:5 windows x86 arch:x86

35e957acd78709d0407b0f7e5604dab1

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

lstrlenW
FreeLibrary
ExitProcess
LoadLibraryExW
lstrcatW
GetVersion
CreateProcessW
lstrcmpiW
GetFullPathNameW
lstrcpyW
Sleep
SearchPathW
GetSystemDirectoryW
WriteFile
GetPrivateProfileStringW
ExpandEnvironmentStringsW
GetProcAddress
WaitForSingleObject
CopyFileW
CreateDirectoryW
lstrcpynA
GetTempFileNameW
GlobalLock
GetShortPathNameW
lstrcmpW
GetTickCount
lstrcpynW
CreateThread
CreateFileW
ReadFile
MoveFileW
LoadLibraryA
SetErrorMode
WideCharToMultiByte
GetCommandLineW
SetCurrentDirectoryW
FindClose
GetModuleHandleW
HeapAlloc
HeapCreate
GetModuleHandleA
GetTempPathW
CloseHandle
lstrcpyA
GlobalUnlock
RemoveDirectoryW
OpenProcess
SetFilePointer
CompareFileTime
GlobalAlloc
MultiByteToWideChar
LoadLibraryW
WritePrivateProfileStringW
DeleteFileW
SetFileTime
GetVersionExW
SetFileAttributesW
GetFileAttributesW
GetExitCodeProcess
GlobalFree
GetDiskFreeSpaceW
lstrcmpiA
GetWindowsDirectoryW
GetLastError
MulDiv
GetModuleFileNameW
FindNextFileW
GetCurrentProcess
GetFileSize
FindFirstFileW
lstrlenA

user32

DefWindowProcW
CharNextW
GetMessagePos
LoadCursorW
LoadBitmapW
IsWindowVisible
GetSystemMetrics
IsWindow
CloseClipboard
CheckDlgButton
PostQuitMessage
OpenClipboard
SystemParametersInfoW
PeekMessageW
GetSysColor
DispatchMessageW
CharPrevW
EndDialog
ExitWindowsEx
AppendMenuW
TrackPopupMenu
SetWindowTextW
IsWindowEnabled
GetClassInfoW
GetSystemMenu
SetDlgItemTextW
wsprintfA
GetDlgItemTextW
GetWindowRect
SetClassLongW
LoadImageW
MessageBoxIndirectW
SetWindowPos
CharNextA
CharUpperW
DestroyWindow
EmptyClipboard
SendMessageW
CallWindowProcW
ScreenToClient
EndPaint
CreateDialogParamW
GetWindowLongW
SetWindowLongW
FindWindowExW
ShowWindow
wsprintfW
EnableMenuItem
DialogBoxParamW
SetTimer
RegisterClassW
GetDC
CreateWindowExW
FillRect
SendMessageTimeoutW
EnableWindow
SetClipboardData
SetForegroundWindow
InvalidateRect
BeginPaint
CreatePopupMenu
GetClientRect
DrawTextW
SetCursor
GetDlgItem

gdi32

CreateFontIndirectW
SetBkColor
SelectObject
SetBkMode
GetDeviceCaps
CreateBrushIndirect
DeleteObject
SetTextColor

advapi32

RegEnumValueW
RegDeleteValueW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegEnumKeyW
RegCloseKey
RegDeleteKeyW
RegQueryValueExW

shell32

ShellExecuteW
SHGetFileInfoW
SHGetPathFromIDListW
SHFileOperationW
SHBrowseForFolderW
SHGetSpecialFolderLocation

ole32

OleUninitialize
CoCreateInstance
CoTaskMemFree
OleInitialize

comctl32

ImageList_AddMasked
ImageList_Destroy
ord17
ImageList_Create

version

VerQueryValueW
GetFileVersionInfoW
GetFileVersionInfoSizeW

secur32

QuerySecurityPackageInfoA

wldap32

ord13

Sections

.text
Size: 122KB - Virtual size: 122KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.xyue
Size: 512B - Virtual size: 135B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 642KB - Virtual size: 642KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 144KB - Virtual size: 883KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

35e957acd78709d0407b0f7e5604dab1

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

comctl32

version

secur32

wldap32

Sections

.text Size: 122KB - Virtual size: 122KB

.xyue Size: 512B - Virtual size: 135B

.rdata Size: 642KB - Virtual size: 642KB

.data Size: 144KB - Virtual size: 883KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 122KB - Virtual size: 122KB

.xyue
Size: 512B - Virtual size: 135B

.rdata
Size: 642KB - Virtual size: 642KB

.data
Size: 144KB - Virtual size: 883KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 5KB - Virtual size: 4KB