c87641ac5c59e22701b7700973ac4490_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

c87641ac5c59e22701b7700973ac4490_JaffaCakes118
Size

296KB
MD5

c87641ac5c59e22701b7700973ac4490
SHA1

5953bdc1b69134a8605612760873545456713648
SHA256

7e7de56a1ab046e0e33b7b2d5d8efaa8c86cb8db02ad858fb4d63366b88ec59e
SHA512

1c158673d11dd82fbefdb9a4f1f2fd518237139eeb5f5725860c0ab724f53c4d64e85600416ffe3eb6f2aa8f8ebfe7e9943cfa9cc3db5c7d0667fb3c4b4f3dc1
SSDEEP

6144:CGqzbozSEk5AAvU0albl5lULz4w7bnOaIaWjoWzYAOxjp+:CxX5AwIlxE37bnjImwYAOxjp+

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
c87641ac5c59e22701b7700973ac4490_JaffaCakes118

Files

c87641ac5c59e22701b7700973ac4490_JaffaCakes118
.dll windows:4 windows x86 arch:x86

842e4ae567e7da930835ab2af5c40147

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

TlsFree
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
SetErrorMode
GlobalFlags
WritePrivateProfileStringW
GetProcessVersion
RtlUnwind
GetCommandLineA
HeapAlloc
HeapFree
GetTimeZoneInformation
ExitProcess
TerminateProcess
RaiseException
CreateThread
ExitThread
HeapSize
HeapReAlloc
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GlobalHandle
GetEnvironmentStrings
GetEnvironmentStringsW
HeapDestroy
HeapCreate
VirtualFree
LCMapStringA
LCMapStringW
VirtualAlloc
IsBadWritePtr
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetACP
GetOEMCP
GetStringTypeA
GetStringTypeW
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
GlobalFree
TlsAlloc
LocalAlloc
GlobalUnlock
SetLastError
SuspendThread
SetThreadPriority
WaitForSingleObject
GetModuleHandleA
LoadLibraryA
FreeLibrary
GetVersion
lstrcatW
GlobalAddAtomW
GlobalFindAtomW
GetModuleHandleW
GlobalLock
lstrcmpW
GlobalAlloc
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
FileTimeToLocalFileTime
FileTimeToSystemTime
CloseHandle
GetFileTime
GetFileSize
GetFileAttributesW
lstrcmpiW
GetFullPathNameW
lstrcpynW
GetVolumeInformationW
FindFirstFileW
FindClose
GetProcAddress
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
GetCurrentProcess
DuplicateHandle
LocalFree
GetModuleFileNameW
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedDecrement
InterlockedIncrement
WaitCommEvent
GetExitCodeThread
SetEvent
SetCurrentDirectoryW
lstrcpyW
lstrlenW
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
ResumeThread
CancelIo
WriteFile
GetLastError
GetOverlappedResult
ClearCommError
ReadFile
EscapeCommFunction
GetCommState
CreateFileW
SetCommMask
SetupComm
PurgeComm
SetCommTimeouts
Sleep
CreateEventW
FreeEnvironmentStringsW

user32

EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuW
GetMenuState
LoadBitmapW
GetMenuCheckMarkDimensions
GetCursorPos
ValidateRect
GetActiveWindow
TranslateMessage
GetMessageW
SetCursor
ReleaseDC
GetDC
ClientToScreen
BeginPaint
EndPaint
UnregisterClassW
LoadStringW
GetClassNameW
PtInRect
LoadCursorW
GetSysColorBrush
DestroyMenu
SetWindowTextW
LoadIconW
MapWindowPoints
PeekMessageW
DispatchMessageW
GetFocus
SetFocus
AdjustWindowRectEx
CopyRect
IsWindowVisible
GetNextDlgTabItem
GetTopWindow
GetCapture
WinHelpW
GetClassInfoW
RegisterClassW
GetMenu
GetMenuItemCount
GetSubMenu
GetMenuItemID
GetDlgItem
GetWindowTextW
GetDlgCtrlID
GetKeyState
DefWindowProcW
DestroyWindow
CreateWindowExW
SetWindowsHookExW
CallNextHookEx
UnhookWindowsHookEx
GetPropW
CallWindowProcW
RemovePropW
GetMessageTime
GetMessagePos
GetForegroundWindow
SetForegroundWindow
GetWindow
SetWindowLongW
SetWindowPos
RegisterWindowMessageW
SystemParametersInfoW
IsIconic
GetWindowPlacement
GetWindowRect
PostQuitMessage
SendMessageW
PostMessageW
SetTimer
EnableWindow
GetSysColor
IsWindow
GetSystemMetrics
CharUpperW
wsprintfW
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongW
MessageBoxW
RedrawWindow
InvalidateRect
GetClientRect
ShowWindow
GrayStringW
DrawTextW
TabbedTextOutW
SetPropW

gdi32

SelectObject
GetStockObject
SetBkMode
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
SelectClipRgn
RestoreDC
DeleteObject
GetDeviceCaps
SaveDC
DeleteDC
CreateBitmap
GetObjectW
SetBkColor
SetTextColor
GetClipBox
Escape
ExtTextOutW
TextOutW
BitBlt
RectVisible
PtVisible
CreateCompatibleDC
CreateRectRgn
CreateCompatibleBitmap

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

RegEnumValueW
RegQueryInfoKeyW
RegOpenKeyExW
RegQueryValueExW
RegSetValueExW
RegCreateKeyExW
RegCloseKey

comctl32

ord17

Exports

Exports

OnModem
set_wndP

Sections

.text
Size: 112KB - Virtual size: 111KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 121KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 116KB - Virtual size: 116KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

842e4ae567e7da930835ab2af5c40147

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

comctl32

Exports

Exports

Sections

.text Size: 112KB - Virtual size: 111KB

.rdata Size: 24KB - Virtual size: 22KB

.data Size: 12KB - Virtual size: 121KB

.rsrc Size: 8KB - Virtual size: 7KB

.reloc Size: 20KB - Virtual size: 16KB

.text Size: 116KB - Virtual size: 116KB

.text
Size: 112KB - Virtual size: 111KB

.rdata
Size: 24KB - Virtual size: 22KB

.data
Size: 12KB - Virtual size: 121KB

.rsrc
Size: 8KB - Virtual size: 7KB

.reloc
Size: 20KB - Virtual size: 16KB

.text
Size: 116KB - Virtual size: 116KB