b07090972f1a5c9c00239e48aea99246_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b07090972f1a5c9c00239e48aea99246_JaffaCakes118
Size

60KB
MD5

b07090972f1a5c9c00239e48aea99246
SHA1

4588123bc0c525343a672243a79ae2faeeeb7b37
SHA256

a9392574a6dd0cbd1b0f157b776ed4cc07c382dd2381274e71c8e8410e0d5c2c
SHA512

c28d88f424bee1309fd2d6d39a1b95d9bf6303c35089ca3af1b39ef7559ca289fe4f15fb079e3d0b48682c6e1c787332c9dfc19cff8cb2df9fdd7311ca87db70
SSDEEP

768:u5kFD1aQ5/4MGDCbkKoPHHFXtTfbszX2il/4kEYch1iPI3E4oKZzRUp8oEW3oaD1:7FDAa4gvClXtqv/4kEy0Von8oEWpYE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b07090972f1a5c9c00239e48aea99246_JaffaCakes118

Files

b07090972f1a5c9c00239e48aea99246_JaffaCakes118
.dll windows:5 windows x86 arch:x86

4040086cd7da74e0d324ebf4ebda1eee

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

LoadCursorA
EmptyClipboard
GetAsyncKeyState
MessageBeep
InvalidateRect
CharLowerA
GetSysColorBrush
SetForegroundWindow
GetParent
DialogBoxParamA
CheckMenuRadioItem
SetDlgItemTextA
SetMenuItemInfoA
EndDialog
DestroyIcon
IsIconic
CloseClipboard
SetWindowPos
SetClassLongA
GetWindowDC
IsDlgButtonChecked
SendDlgItemMessageA
DestroyCursor
EnableMenuItem
TrackPopupMenu
CheckDlgButton
GetClipboardData
OpenClipboard
KillTimer
GetDlgItem
EnableWindow
SetFocus
GetWindowRect
FindWindowA
GetDlgItemTextA
CreatePopupMenu

langpand

_Strxfrm
_Nan
_FDnorm
_Strcoll
_LRteps
_Getcoll
_FSnan
_Inf
_Dtest
_FDtest
_LExp
_Cosh
_LPoly
_FExp
_LNan
_Mbrtowc
_FNan
_LXbig
_Rteps
_FSinh
_Getcvt
_Toupper
_Denorm
_Exp
_Stod
_FEps
_LSinh
_Dnorm

kernel32

GetProcAddress
GetTempPathA
VirtualFree
TerminateProcess
CopyFileA
ReadProcessMemory
GetModuleFileNameA
MulDiv
lstrlenW
CreateFileMappingA
CreateProcessA
WaitForSingleObject
WriteFile
GetComputerNameA
GlobalAlloc
GetCurrentThread
MapViewOfFile
GlobalUnlock
FindNextFileA
SetPriorityClass
ReadFile
ResumeThread
SetFileAttributesA
lstrcmpiA
CloseHandle
CreatePipe
VirtualAlloc
SetThreadPriority
VirtualProtectEx
VirtualQuery
WriteProcessMemory
GetStartupInfoA
FindFirstFileA
UnmapViewOfFile
SetFilePointer
WaitForMultipleObjects
WritePrivateProfileStringA
Sleep
FindClose
GetVersion
WideCharToMultiByte
SetEndOfFile
GlobalLock
LoadLibraryA
GetCurrentDirectoryA
GetModuleHandleA
SetCurrentDirectoryA
GetCurrentProcessId
CreateFileA
GetPriorityClass
OpenProcess
WritePrivateProfileStructA

msvcrt

realloc
toupper
gmtime
sprintf
free
malloc
strchr
mktime
div

imagehlp

CheckSumMappedFile
ImageRvaToSection

advapi32

RegCloseKey
RegCreateKeyExA
AdjustTokenPrivileges
OpenProcessToken

comdlg32

GetOpenFileNameA

Exports

Exports

AdsTypeToLdapTypeCopyGeneralizedTime
GetDomainDNSNameForDomain
CreateProcessNotify
DllClientCleanup
SdbCloseApphelpInformation
nw16prov
DllClientStartup

Sections

.text
Size: 50KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4040086cd7da74e0d324ebf4ebda1eee

Headers

File Characteristics

Imports

user32

langpand

kernel32

msvcrt

imagehlp

advapi32

comdlg32

Exports

Exports

Sections

.text Size: 50KB - Virtual size: 52KB

.rdata Size: 4KB - Virtual size: 4KB

.data Size: 3KB - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 50KB - Virtual size: 52KB

.rdata
Size: 4KB - Virtual size: 4KB

.data
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB