b78578521ca6bb08ae5c5d2c522360a1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

b78578521ca6bb08ae5c5d2c522360a1_JaffaCakes118
Size

38KB
MD5

b78578521ca6bb08ae5c5d2c522360a1
SHA1

d133d4cfc2a789b3608c1d4112ef11e00d02a3b0
SHA256

0e8f6d68e76d01f997fb23ef6a20a741f6f7b0ed21504000fa977c00add33704
SHA512

13a8398602edf29674f14a3445245d29614928e9edd9bfdefb7f59d44ffcb91b8f305175f3f5daa0a96f8161c72da3c7f2c347a44e8d4e405b7bd5b08dd9c448
SSDEEP

768:OmCllOY5JNEr43eoXTbY3OOOOOOOI27D7ztpRynqDs:5yt+roXTyGXxpRyqDs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
b78578521ca6bb08ae5c5d2c522360a1_JaffaCakes118

Files

b78578521ca6bb08ae5c5d2c522360a1_JaffaCakes118
.dll windows:4 windows x86 arch:x86

3e113c85a17d4de8011e1faa1677c678

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CompareStringA
ExitProcess
FlushFileBuffers
GetACP
GetCommandLineA
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GetVersion
HeapAlloc
LoadLibraryA
LocalAlloc
MultiByteToWideChar
RtlUnwind
SetLastError
SetUnhandledExceptionFilter
UnmapViewOfFile
VirtualAlloc
VirtualFree
WriteFile
lstrcmpA
lstrcpyA
lstrcpynA
lstrlenA

msvcrt

wcslen
time
setlocale
exit
__set_app_type
__p__commode
__getmainargs

ole32

StringFromGUID2
RegisterDragDrop
OleUninitialize
CLSIDFromString
CoCreateInstance
CoGetMalloc
CoGetObject
CoInitialize
CoTaskMemAlloc
CoTaskMemFree
CoUninitialize
DoDragDrop
OleQueryCreateFromData
OleGetIconOfClass

ntdll

RtlNtStatusToDosError
RtlLeaveCriticalSection
RtlInitUnicodeString
NtClose
NtEnumerateKey
NtMakeTemporaryObject
NtQueryDefaultLocale
NtSetEvent
NtSetValueKey
RtlCopyLuid
RtlCopyUnicodeString
RtlEnterCriticalSection
RtlFreeSid
RtlInitString

shlwapi

PathAppendW
PathIsPrefixW
PathIsUNCServerShareW
PathIsUNCW
StrCpyNW
StrDupW
StrRChrW
PathAddBackslashW

comdlg32

GetOpenFileNameA
GetFileTitleW
ChooseFontW
ChooseFontA
PrintDlgW
PageSetupDlgA

comctl32

ImageList_DrawEx
CreatePropertySheetPageW
ImageList_AddMasked

winmm

mmTaskCreate
mixerGetDevCapsW
mixerGetControlDetailsW
mixerGetControlDetailsA
mixerOpen

oleaut32

RevokeActiveObject
RegisterTypeLib
OleTranslateColor
OleLoadPicturePath
OleIconToCursor
GetErrorInfo
SysFreeString
SysReAllocString
VarBstrCmp
VarBstrCat
SysStringLen
SafeArrayAllocData

user32

OffsetRect
SetFocus
ShowScrollBar
IsCharUpperA
LoadAcceleratorsW
CreateDialogParamA
CreateIconFromResourceEx
DispatchMessageA
EnableWindow
GetMenu
GetMessageA

Sections

.text
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3e113c85a17d4de8011e1faa1677c678

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

ole32

ntdll

shlwapi

comdlg32

comctl32

winmm

oleaut32

user32

Sections

.text Size: 10KB - Virtual size: 9KB

.data Size: 6KB - Virtual size: 5KB

.rsrc Size: 21KB - Virtual size: 20KB

.text
Size: 10KB - Virtual size: 9KB

.data
Size: 6KB - Virtual size: 5KB

.rsrc
Size: 21KB - Virtual size: 20KB