c7ac5b3c91708c91e7abd2174f60a3f2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c7ac5b3c91708c91e7abd2174f60a3f2_JaffaCakes118
Size

84KB
MD5

c7ac5b3c91708c91e7abd2174f60a3f2
SHA1

3d213186883ca01e6523d81a9d0cba4324894537
SHA256

1743d43c5cd5d43cefcda223daa5695f35c6f2f98afc6495203321ba03d89be5
SHA512

0d74fdfedac4f562c8b65e61d69b9cb3fb608f84a42a6a40f9bde3aec4457062a9bdfaa47fd54e0125fc0d8d28b3eca68cae67f4c8c5dc1bd9445110195d6053
SSDEEP

1536:PmVMxM7BIXKD3Mvk8eogsL58x12pKX5y5gFuTs/sWdrdrLZmuEV:SICMvk8cIE2w5y5gFu6dX4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c7ac5b3c91708c91e7abd2174f60a3f2_JaffaCakes118

Files

c7ac5b3c91708c91e7abd2174f60a3f2_JaffaCakes118
.dll windows:4 windows x86 arch:x86

5df8589dd20bea07e4e32568da3ab990

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

QueryPerformanceFrequency
HeapDestroy
GetVolumeNameForVolumeMountPointW
WaitNamedPipeA
GetSystemPowerStatus
GetCurrentThreadId
RemoveDirectoryA
SetEvent
GetEnvironmentStrings
GetLocaleInfoA
GetFileSize
GetSystemDirectoryW
SetConsoleMode
lstrcmpiA
GetConsoleCP
VerifyVersionInfoW
GetSystemWow64DirectoryW
EnumResourceLanguagesA
ClearCommBreak
WaitNamedPipeW
GetConsoleMode
FlushViewOfFile
FindResourceExA
FindAtomW
SetCommState
LCMapStringA
SwitchToThread
OpenProcess
ExitProcess
ReadConsoleInputA
FindCloseChangeNotification
SetTimeZoneInformation
GetCPInfo
ConnectNamedPipe
VerLanguageNameW
GetModuleFileNameA
ReleaseSemaphore
MapViewOfFileEx
OpenSemaphoreW
GetNumberFormatW
DeviceIoControl
GetCommandLineW
GetConsoleScreenBufferInfo
IsBadHugeWritePtr
lstrlenW
InterlockedExchange
InterlockedCompareExchange
GetSystemDirectoryA
CreateFileA
GetProcAddress
InterlockedIncrement
LoadLibraryA
CreateMutexA
GetVolumeInformationA
Sleep
WaitForSingleObject
GetLastError
HeapAlloc
lstrlenA
MapViewOfFile
GetTickCount
GetProfileStringW

user32

CopyRect
CheckDlgButton
GetDlgItemTextW
WaitForInputIdle
CreateCursor
SendMessageTimeoutW
GetScrollBarInfo
EndDeferWindowPos
RemovePropA
GetAncestor
CharLowerBuffA
GetMenuItemInfoA
WindowFromPoint
GetDlgItemInt
LoadIconA
CheckMenuItem
MapDialogRect
GetUpdateRgn
GetScrollPos
GetActiveWindow
OpenDesktopA
UnregisterHotKey
BeginPaint
FindWindowExA
MessageBoxExW
SetWindowRgn
ShowWindow
ModifyMenuW
LoadImageA
GetWindowWord
GetUserObjectInformationA
GetClassInfoA
WaitMessage
CreateIconFromResourceEx
PeekMessageW
TranslateMessage
SetWindowsHookExA
RegisterWindowMessageA
GetParent
PostMessageA
SetWinEventHook
FindWindowA
DestroyWindow
GetClassNameA
SendMessageA
CallNextHookEx
RegisterClassExA
SetTimer
DefWindowProcA
GetShellWindow

advapi32

RegSetValueExA
RegCloseKey
GetSecurityDescriptorSacl
RegOpenKeyExA
RegQueryValueExA
GetUserNameW
ImpersonateAnonymousToken
RegDeleteKeyA
CheckTokenMembership
ChangeServiceConfig2W
QueryServiceConfigW
CreateProcessAsUserA
NotifyBootConfigStatus
ReportEventA
RegEnumKeyExW
ElfReportEventW
CredGetSessionTypes
RegLoadKeyW
DuplicateTokenEx
RegDisablePredefinedCache
RegisterServiceCtrlHandlerW

shell32

SHOpenFolderAndSelectItems
SHSetLocalizedName
SHBrowseForFolderW
SHGetFolderPathA

gdi32

GetFontResourceInfoW
DeleteEnhMetaFile
CreateBitmap
CreateRectRgnIndirect
GetBkColor
Polygon
CloseMetaFile
CreateFontA
SetDIBits
SelectObject
SetICMMode
GetNearestColor
BeginPath
GetTextExtentPoint32A
EnumFontsA
SetBitmapDimensionEx
GetTextFaceA
AbortDoc
GetMetaFileBitsEx
GetTextExtentPoint32W
SetDIBColorTable
CreateEllipticRgnIndirect
ExtTextOutW

Exports

Exports

WinPadServices

Sections

.text
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5df8589dd20bea07e4e32568da3ab990

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

gdi32

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 57KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 8KB - Virtual size: 6KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 60KB - Virtual size: 57KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 8KB - Virtual size: 6KB

.reloc
Size: 4KB - Virtual size: 2KB