bf8624dd749fcd34042da56f412c3e21_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

bf8624dd749fcd34042da56f412c3e21_JaffaCakes118
Size

384KB
MD5

bf8624dd749fcd34042da56f412c3e21
SHA1

4b9f939c342af6fcd7eb02a6fb5aced062b0c7ef
SHA256

1298994ddf1de1c9876ad886b613ac8668d1d9d805123bfe63d60dc92ae1b538
SHA512

43914e3cc5a822d434859d47147a40e72ab562a4f07aca16d8ed7b7660a3ae60fdaba3d855338067e481bb2acd8db9e258e437a3e5ea73f44d09d7395b0f431c
SSDEEP

6144:yOrNKQjNQnWqJolkFucBm1fXr9ICcYerKJbYm3IyUEVH95UYfb:y4NKQjNQfqOuEm1fXncdrKJbJgKvUYf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
bf8624dd749fcd34042da56f412c3e21_JaffaCakes118

Files

bf8624dd749fcd34042da56f412c3e21_JaffaCakes118
.dll windows:4 windows x86 arch:x86

8b2c18b411d31cbef33f61e5be07509a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\SVN\v2.2\install\build\MSVC.2005\Tool\GMSkin\release_static2\MyNsisSkin.pdb

Imports

msimg32

TransparentBlt
AlphaBlend

kernel32

DosDateTimeToFileTime
CreateDirectoryW
GetCurrentDirectoryW
SetFileTime
WriteFile
SetEndOfFile
GetLastError
GetFileTime
WriteConsoleA
SetEnvironmentVariableA
CompareStringW
CompareStringA
FlushFileBuffers
GetConsoleMode
GetConsoleCP
SetStdHandle
GetTimeZoneInformation
GetLocaleInfoW
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
GetDateFormatA
GetTimeFormatA
GetStringTypeW
GetStringTypeA
LCMapStringW
SystemTimeToFileTime
InitializeCriticalSection
LoadLibraryA
InterlockedExchange
FreeLibrary
SetConsoleCtrlHandler
GetSystemTimeAsFileTime
GetCurrentProcessId
GetTickCount
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
SetHandleCount
GetModuleFileNameA
GetStdHandle
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
VirtualAlloc
EnterCriticalSection
FatalAppExitA
LeaveCriticalSection
DeleteCriticalSection
VirtualFree
GetCurrentProcess
DuplicateHandle
GetFileType
SetFilePointer
WideCharToMultiByte
lstrcpyW
GetCurrentThreadId
MulDiv
lstrcatW
CreateFileW
GetFileSize
CreateFileA
ReadFile
CloseHandle
MultiByteToWideChar
lstrcmpiW
DisableThreadLibraryCalls
GetConsoleOutputCP
WriteConsoleW
LCMapStringA
HeapCreate
HeapDestroy
RaiseException
RtlUnwind
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
HeapReAlloc
HeapAlloc
GetCommandLineA
GetVersionExA
GetProcessHeap
GetModuleHandleA
GetProcAddress
TlsGetValue
TlsAlloc
TlsSetValue
TlsFree
InterlockedIncrement
SetLastError
InterlockedDecrement
GetCurrentThread
Sleep
HeapSize
ExitProcess

user32

ScreenToClient
ClientToScreen
UpdateWindow
SetWindowsHookExW
CallNextHookEx
UnhookWindowsHookEx
SetWindowTextW
CharNextW
InvalidateRect
EnumChildWindows
SetCapture
ReleaseCapture
ShowWindow
SetWindowRgn
OffsetRect
wsprintfW
GetSystemMetrics
SetWindowPos
GetSystemMenu
GetMenuItemInfoW
PostMessageW
PtInRect
SetTimer
GetClassNameW
GetParent
MapWindowPoints
SetPropW
CallWindowProcW
GetPropW
DefWindowProcW
GetClientRect
GetWindowRect
IsWindow
GetWindowLongW
LoadCursorW
SetCursor
TrackMouseEvent
BeginPaint
EndPaint
IsWindowEnabled
GetWindowTextW
SendMessageW
DrawTextW
SetWindowLongW
GetCursorPos
KillTimer

gdi32

CreatePen
SetStretchBltMode
StretchBlt
CreateFontIndirectW
CreateDIBSection
SetBkColor
CreateSolidBrush
CreateRoundRectRgn
RoundRect
GetStockObject
GetObjectW
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
DeleteDC
SetBkMode
SetTextColor
BitBlt
DeleteObject

oleaut32

SysFreeString

Exports

Exports

AddShowImage
AddShowImageFromFile
AddShowText
ClearAllShow
DelShowImage
DelShowText
InitSkin
SetBkImage
SetBtnImage
SetCloseBtnImage
SetEditBkColor
SetProgressBKImage
SetProgressImage
SetProgressTextWindow
SetTextClr
SetWindowID
SlideOff
SlideOn

Sections

.text
Size: 260KB - Virtual size: 258KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 34KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 744B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.rmnet
Size: 60KB - Virtual size: 60KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

8b2c18b411d31cbef33f61e5be07509a

Headers

File Characteristics

PDB Paths

Imports

msimg32

kernel32

user32

gdi32

oleaut32

Exports

Exports

Sections

.text Size: 260KB - Virtual size: 258KB

.rdata Size: 36KB - Virtual size: 34KB

.data Size: 8KB - Virtual size: 13KB

.rsrc Size: 4KB - Virtual size: 744B

.reloc Size: 12KB - Virtual size: 9KB

.rmnet Size: 60KB - Virtual size: 60KB

.text
Size: 260KB - Virtual size: 258KB

.rdata
Size: 36KB - Virtual size: 34KB

.data
Size: 8KB - Virtual size: 13KB

.rsrc
Size: 4KB - Virtual size: 744B

.reloc
Size: 12KB - Virtual size: 9KB

.rmnet
Size: 60KB - Virtual size: 60KB