d30f25ea1b5e6738a333ca008fdb8401_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d30f25ea1b5e6738a333ca008fdb8401_JaffaCakes118
Size

193KB
MD5

d30f25ea1b5e6738a333ca008fdb8401
SHA1

48621d15bc4486165ff8cbd01294a348109761db
SHA256

b8b9ce686660d657ed0cde2f7e13051ba7aab085015f797e9d2470d11e952a92
SHA512

1d8eefa2834f2ba2ca6abe880d0f62551f50815268aa48765ebc26a4f6788546893a9bc038313f28b83bb5d4b15e65d06d299b7e87fb47e51181ddaf00ece6b5
SSDEEP

3072:mTOhDnsLRkyNTBzwSkjM+tGrnrnUOXhzM8Zf7ppmVYKeGFEkF2KwH9GhLGBNj42t:mmDgfNTBzwxjM/rHAaf7ptKFzdL6+mw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d30f25ea1b5e6738a333ca008fdb8401_JaffaCakes118

Files

d30f25ea1b5e6738a333ca008fdb8401_JaffaCakes118
.dll windows:5 windows x86 arch:x86

b6811aee1c81a4e9d2a666c71eed939a

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetProfileIntW
GetSystemTimeAdjustment
GetSystemWindowsDirectoryA
GetThreadSelectorEntry
GetUserDefaultLangID
GetVersion
GetWriteWatch
GlobalFindAtomA
GlobalFlags
GlobalReAlloc
GlobalUnfix
GlobalWire
HeapCompact
IsBadReadPtr
LoadModule
LocalAlloc
LocalFlags
LocalLock
LocalReAlloc
MapViewOfFileEx
Module32NextW
MoveFileExA
OpenWaitableTimerW
PeekConsoleInputA
Process32First
GetProcessVersion
ReadConsoleInputA
ReadConsoleOutputCharacterW
RemoveDirectoryA
ResumeThread
ScrollConsoleScreenBufferA
SetConsoleActiveScreenBuffer
SetConsoleTitleW
SetInformationJobObject
SetThreadLocale
SetTimeZoneInformation
SetUnhandledExceptionFilter
SetVolumeMountPointA
SizeofResource
UnlockFile
UnlockFileEx
UpdateResourceA
VerifyVersionInfoW
VirtualFree
VirtualProtect
VirtualProtectEx
WaitForSingleObject
WaitNamedPipeW
WritePrivateProfileSectionW
WritePrivateProfileStructW
GetProcessTimes
GetProcessIoCounters
GetPrivateProfileStringA
GetNumberOfConsoleInputEvents
GetNamedPipeHandleStateA
GetLastError
GetFileAttributesExW
GetExitCodeThread
GetEnvironmentStringsA
GetEnvironmentStrings
GetCurrentDirectoryA
GetConsoleTitleA
GetComputerNameExW
GetComputerNameA
FormatMessageW
FlushViewOfFile
FlushInstructionCache
FlushConsoleInputBuffer
VirtualAlloc
FindNextChangeNotification
FindFirstVolumeMountPointA
FindAtomW
FatalExit
ExpandEnvironmentStringsW
EscapeCommFunction
EraseTape
EnumSystemLanguageGroupsW
EnumSystemCodePagesA
EnumResourceTypesW
EnumResourceNamesA
EnumResourceLanguagesW
EnterCriticalSection
DefineDosDeviceA
CreateWaitableTimerW
CreateTimerQueue
CreateSemaphoreA
CreateIoCompletionPort
CreateFileMappingW
CreateEventA
CreateDirectoryW
CreateDirectoryA
ContinueDebugEvent
CompareFileTime
CancelIo
BeginUpdateResourceA
AddConsoleAliasW
GetWindowsDirectoryA
lstrlenA
lstrcpyA
CreateFileA
LoadLibraryW
GetProcAddress
ExitProcess
PulseEvent

ole32

OleCreate
OleCreateFromDataEx
OleCreateFromFileEx
OleCreateLink
OleCreateLinkEx
OleInitialize
OleInitializeWOW
OleIsRunning
OleLoad
OleLoadFromStream
OleMetafilePictFromIconAndLabel
OleRegEnumFormatEtc
OleRun
OleSetClipboard
OpenOrCreateStream
PropStgNameToFmtId
PropVariantCopy
ReadClassStm
ReadFmtUserTypeStg
ReadStringStream
RegisterDragDrop
SNB_UserMarshal
STGMEDIUM_UserFree
STGMEDIUM_UserSize
STGMEDIUM_UserUnmarshal
StgCreateDocfile
StgIsStorageILockBytes
StgOpenStorage
StgOpenStorageEx
UpdateDCOMSettings
UtGetDvtd32Info
WriteClassStg
IsEqualGUID
IIDFromString
HWND_UserMarshal
HPALETTE_UserMarshal
HPALETTE_UserFree
HMETAFILE_UserMarshal
HMETAFILEPICT_UserSize
HMETAFILEPICT_UserFree
HMENU_UserMarshal
HGLOBAL_UserUnmarshal
HGLOBAL_UserMarshal
HENHMETAFILE_UserUnmarshal
HENHMETAFILE_UserSize
HDC_UserUnmarshal
HDC_UserMarshal
HBITMAP_UserUnmarshal
HBITMAP_UserMarshal
HBITMAP_UserFree
HACCEL_UserSize
GetDocumentBitStg
GetConvertStg
FmtIdToPropStgName
EnableHookObject
CreateObjrefMoniker
CreateDataCache
CoUnmarshalInterface
CoUnloadingWOW
CoTaskMemFree
CoSwitchCallContext
CoResumeClassObjects
CoReleaseMarshalData
CoRegisterMessageFilter
CoRegisterMallocSpy
CoReactivateObject
CoQueryReleaseObject
CoMarshalInterface
CoLockObjectExternal
CoInstall
CoInitializeWOW
CoImpersonateClient
CoGetObjectContext
CoGetMarshalSizeMax
CoGetMalloc
CoGetApartmentID
CoFreeUnusedLibraries
CoFreeLibrary
CoFileTimeToDosDateTime
CoDisableCallCancellation
CoCreateObjectInContext
CoCreateInstanceEx
CoCancelCall
CoAddRefServerProcess
CLIPFORMAT_UserUnmarshal
CoQueryClientBlanket

comctl32

CreatePropertySheetPageA
CreatePropertySheetPageW
CreateStatusWindow
ord6
CreateStatusWindowW
ord7
CreateToolbarEx
ord16
DestroyPropertySheetPage
ord15
DrawStatusText
ord5
DrawStatusTextW
FlatSB_EnableScrollBar
FlatSB_GetScrollPos
FlatSB_GetScrollProp
FlatSB_GetScrollRange
FlatSB_SetScrollInfo
FlatSB_SetScrollRange
GetMUILanguage
ImageList_AddMasked
ImageList_Create
ImageList_DragMove
ImageList_DragShowNolock
ImageList_Draw
ImageList_DrawIndirect
ImageList_GetBkColor
ImageList_GetDragImage
ImageList_GetIcon
ImageList_GetIconSize
ImageList_GetImageInfo
ImageList_GetImageRect
ImageList_LoadImageA
ImageList_Merge
ImageList_Read
ImageList_Remove
ImageList_ReplaceIcon
ImageList_SetBkColor
ImageList_SetFilter
ImageList_SetIconSize
ImageList_SetImageCount
ImageList_SetOverlayImage
ImageList_Write
ord17
InitCommonControlsEx
InitializeFlatSB
ord14
ord13
ord2
PropertySheetW
ord3
UninitializeFlatSB
CreatePropertySheetPage

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text5
Size: 178KB - Virtual size: 177KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 244B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tex5t2
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

b6811aee1c81a4e9d2a666c71eed939a

Headers

File Characteristics

Imports

kernel32

ole32

comctl32

Sections

.text Size: 9KB - Virtual size: 8KB

.text5 Size: 178KB - Virtual size: 177KB

.data Size: 512B - Virtual size: 244B

.tex5t2 Size: 1KB - Virtual size: 1KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 9KB - Virtual size: 8KB

.text5
Size: 178KB - Virtual size: 177KB

.data
Size: 512B - Virtual size: 244B

.tex5t2
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 2KB - Virtual size: 1KB