b045e0ebce6450b635b7e4a168efeb76_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

b045e0ebce6450b635b7e4a168efeb76_JaffaCakes118
Size

405KB
MD5

b045e0ebce6450b635b7e4a168efeb76
SHA1

0e1cd251f1b83d2fbaa58404d25e495107b0fe89
SHA256

d9500422dadbe18dfe39912546e2d22719fa4576f8290a89521e15e8569cc248
SHA512

0fbe9870432ad09a478ea3f038938bb708fea9c0da77d07c1b6597ddacd696873cce4e62f6ba732fcbcc78798fc48466a5d31336d19f9643f7bd73b3f33f4525
SSDEEP

6144:KKOMYKnEwV/+LYwIOMMVf9T2U8DwjyCi8jicSnWueeJiQ2t5cRyKeZ0:CwV/NV0NAFlCi8uZpet8s0

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b045e0ebce6450b635b7e4a168efeb76_JaffaCakes118

Files

b045e0ebce6450b635b7e4a168efeb76_JaffaCakes118
.dll windows:5 windows x86 arch:x86

47068a0142e4d3cce4d4d67d6ff76cef

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

_wtol
_wsplitpath
_CxxThrowException
??2@YAPAXI@Z
malloc
realloc
__CxxFrameHandler
wcstok
??3@YAXPAX@Z
vswprintf
??1type_info@@UAE@XZ
_except_handler3
?terminate@@YAXXZ
_adjust_fdiv
_initterm
free
_purecall
_wopen
strlen
_errno
_snwprintf
wcscmp
_close
_wtoi
wcscat
wcslen
wcschr
wcscpy
_write

iphlpapi

GetAdaptersInfo
GetIpAddrTable

winmm

mixerGetControlDetailsA
timeGetTime

ole32

CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc
CoCreateInstance
OleRegEnumVerbs
OleRegGetUserType
OleRegGetMiscStatus
CreateDataAdviseHolder
OleLoadFromStream
WriteClassStm
OleSaveToStream
CreateOleAdviseHolder

gdi32

CreatePen
SetViewportOrgEx
SetWindowOrgEx
SetMapMode
CreateBrushIndirect
CreateCompatibleDC
SaveDC
DeleteObject
ExtCreatePen
LPtoDP
GetDeviceCaps
CreateDCW
CreateRectRgnIndirect
GetPixel
DeleteMetaFile
CloseMetaFile
SetWindowExtEx
CreateMetaFileW
DeleteDC
RestoreDC
CreateCompatibleBitmap
Rectangle
BitBlt
SetTextAlign
GetStockObject
TextOutW

user32

CallWindowProcW
GetWindowLongW
SetWindowLongW
IntersectRect
EqualRect
OffsetRect
LoadBitmapA
LoadIconA
SetWindowRgn
RegisterClassExA
SetTimer
GetDC
GetClipboardOwner
ReleaseDC
UnionRect
PtInRect
GetDoubleClickTime
SetFocus
DefWindowProcW
DestroyWindow
TranslateMessage
MapVirtualKeyW
GetWindowRect
DefWindowProcA
GetParent
CreateWindowExA
GetForegroundWindow
ShowWindow
GetCursor
GetProcessDefaultLayout
GetActiveWindow
CreateWindowExW
GetClassInfoExW
LoadCursorW
LoadCursorA
SendMessageA
wsprintfW
RegisterClassExW
GetFocus
IsChild
BeginPaint
GetClipboardViewer
EndPaint
wsprintfA
GetCaretBlinkTime
UnregisterClassA
CharNextW
KillTimer
PostMessageW
GetClientRect
MoveWindow
InvalidateRect
DestroyAcceleratorTable
GetCapture
GetSysColor
GetKeyState
LoadStringW
SetWindowPos
IsWindow

kernel32

OutputDebugStringW
SetCurrentDirectoryA
GetSystemDirectoryW
GetThreadLocale
LCMapStringW
CreateEventW
SetFilePointer
CreateThread
FindClose
GetAtomNameA
GetModuleHandleA
GetComputerNameExW
SetEvent
WideCharToMultiByte
CreateMutexW
WaitForSingleObject
GetVersionExA
CloseHandle
ExitThread
GetACP
VirtualAlloc
VirtualFree
LoadLibraryA
HeapAlloc
GetCurrentThreadId
GetCurrentProcess
FlushInstructionCache
GlobalAlloc
GlobalLock
GetStdHandle
FindResourceA
GetCommandLineW
GlobalUnlock
GetShortPathNameW
LoadLibraryExW
GetLastError
FindResourceW
GetComputerNameW
ReadFile
LoadResource
SizeofResource
lstrlenA
LoadLibraryW
FindAtomA
GetStartupInfoA
FindResourceExW
GetProcAddress
DebugBreak
Sleep
CreateProcessW
IsDebuggerPresent
SetLastError
GetTickCount
GlobalMemoryStatusEx
LocalAlloc
LocalFree
GetSystemDefaultLangID
GetVersion
AreFileApisANSI
QueryPerformanceCounter
GetCurrentProcessId
GetSystemTimeAsFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
HeapFree
GetProcessHeap
OutputDebugStringA
InterlockedCompareExchange
OpenSemaphoreA
HeapCreate
FreeLibrary
DisableThreadLibraryCalls
GetModuleFileNameW
GetUserDefaultLCID
lstrcatW
HeapDestroy
TlsSetValue
lstrcpynW
lstrcmpiW
FindResourceExA
GetConsoleCP
DeleteCriticalSection
InitializeCriticalSection
GetSystemDefaultLCID
lstrcpyW
MultiByteToWideChar
lstrlenW
EnterCriticalSection
LeaveCriticalSection
TlsAlloc
GlobalFree
DeleteFileA
GetLogicalDrives
CreateSemaphoreA
GetConsoleOutputCP
InterlockedDecrement
InterlockedIncrement

advapi32

CryptHashData
RegDeleteValueW
RegCloseKey
RegCreateKeyExW
RegEnumValueA
RegOpenKeyExW
RegSetValueExW
RegQueryInfoKeyW
RegEnumValueW
RegOpenKeyExA
RegEnumKeyExA
RegEnumKeyExW
RegQueryValueExW
CryptReleaseContext
CryptAcquireContextW
CryptCreateHash
RegDeleteKeyW
CryptGetHashParam
CryptDestroyHash

secur32

GetUserNameExW

msvcp60

??0_Lockit@std@@QAE@XZ
??1_Lockit@std@@QAE@XZ

Sections

.text
Size: 98KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 269KB - Virtual size: 273KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.bss
Size: - Virtual size: 77KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tls
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 30KB - Virtual size: 30KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

47068a0142e4d3cce4d4d67d6ff76cef

Headers

DLL Characteristics

File Characteristics

Imports

msvcrt

iphlpapi

winmm

ole32

gdi32

user32

kernel32

advapi32

secur32

msvcp60

Sections

.text Size: 98KB - Virtual size: 96KB

.data Size: 269KB - Virtual size: 273KB

.bss Size: - Virtual size: 77KB

.tls Size: 1KB - Virtual size: 1KB

.rsrc Size: 30KB - Virtual size: 30KB

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 98KB - Virtual size: 96KB

.data
Size: 269KB - Virtual size: 273KB

.bss
Size: - Virtual size: 77KB

.tls
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 30KB - Virtual size: 30KB

.reloc
Size: 5KB - Virtual size: 4KB