d14377cc86a08bbf32f4e56ea348fcaf_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

d14377cc86a08bbf32f4e56ea348fcaf_JaffaCakes118
Size

201KB
MD5

d14377cc86a08bbf32f4e56ea348fcaf
SHA1

e451ed820ea045645cbbf0b408de10d2604d6628
SHA256

1de9415792828cfc9df4cb96b5580cdde73abd6b7f6d04dd6d0d1bcb1dc2140c
SHA512

dcca26de84d0a9a890884dc9989fb5197816973e6cdf51141e2dc61f488b8f9f667a22268c49c6adc63f8d91f0becaee28be78c9e1c08bae35329fc3c582dee3
SSDEEP

6144:zEl7zQvqt4bkSbcC48mwHcFWnQOQ5WvSJ90ycNMrc457bvs:wNzHTM+YQr2+ncNMvI

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
d14377cc86a08bbf32f4e56ea348fcaf_JaffaCakes118

Files

d14377cc86a08bbf32f4e56ea348fcaf_JaffaCakes118
.dll windows:4 windows x86 arch:x86

c6aa5e58cf3ddc30d94d8b2800d742d6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ntdll

atol
wcscpy
atoi
wcscat
sprintf
_wcsnicmp
_wtol
_chkstk
mbstowcs
wcscmp
memchr
wcslen
_wcsicmp

kernel32

DisableThreadLibraryCalls
FreeLibrary
LoadLibraryW
GetSystemDirectoryW
GlobalFree
GlobalReAlloc
GlobalUnlock
GetLastError
GlobalLock
GlobalAlloc
SetLastError
GetCurrentThreadId
lstrcmpiW
InitializeCriticalSection
MultiByteToWideChar
ExitThread
CreateThread
CloseHandle
WideCharToMultiByte
EnterCriticalSection
LeaveCriticalSection
MulDiv
GetUserDefaultLangID
GetLocalTime
FindClose
FindNextFileW
DeleteFileW
FindFirstFileW
CreateDirectoryW
SetEndOfFile
CreateFileW
FlushFileBuffers
WriteFile
DeviceIoControl
SetCommTimeouts
GetCommTimeouts
Sleep
ReadFile
GetFileSize
GetComputerNameW
SetFilePointer
GetProcAddress

advapi32

RegFlushKey
RegDeleteKeyW
RegCreateKeyExW
RegSetValueExW
RegQueryValueExW
RegEnumKeyExW
RegCloseKey
RegEnumKeyW
RegOpenKeyW
RegQueryInfoKeyW

user32

GetDlgItem
LoadStringW
MessageBoxW
wsprintfW
CharUpperBuffW
AttachThreadInput
GetWindowThreadProcessId
GetDesktopWindow
DialogBoxParamW
SendDlgItemMessageW
GetDC
TranslateMessage
SetDlgItemTextW
SetWindowLongW
SetForegroundWindow
EndDialog
GetDlgItemTextW
GetWindowLongW
SetWindowsHookExW
RegisterWindowMessageW
UnhookWindowsHookEx
PostMessageW
CallNextHookEx
KillTimer
SetTimer
SendMessageW
InvalidateRect
SetFocus
SetWindowPos
GetForegroundWindow
WinHelpW
ReleaseDC
EnableWindow
wvsprintfW
MessageBeep
GetWindowRect
GetSystemMetrics
ShowWindow
IsWindow
UpdateWindow
CreateDialogParamW
DestroyWindow
IsWindowVisible
DestroyIcon
EndPaint
DrawIcon
BeginPaint
LoadIconW
SetWindowTextW
DispatchMessageW
IsDialogMessageW
PeekMessageW

spoolss

GetJobW
OpenPrinterW
ClosePrinter
SetJobW

wsock32

gethostname
inet_addr
socket
gethostbyname
connect
WSACleanup
ntohl
ioctlsocket
WSAStartup
sendto
htons
setsockopt
inet_ntoa
bind
recv
getservbyname
closesocket
WSASetBlockingHook
WSAGetLastError
recvfrom
WSACancelBlockingCall
send

gdi32

GetDeviceCaps
CreateFontIndirectW
DeleteObject

msvcrt

__mb_cur_max
_isctype
_pctype

Exports

Exports

DllEntryPoint
InitializePrintMonitor

Sections

.text
Size: 27KB - Virtual size: 26KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.edata
Size: 512B - Virtual size: 110B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 1024B - Virtual size: 944B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 167KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

c6aa5e58cf3ddc30d94d8b2800d742d6

Headers

File Characteristics

Imports

ntdll

kernel32

advapi32

user32

spoolss

wsock32

gdi32

msvcrt

Exports

Exports

Sections

.text Size: 27KB - Virtual size: 26KB

.data Size: 1024B - Virtual size: 4KB

.edata Size: 512B - Virtual size: 110B

.rsrc Size: 1024B - Virtual size: 944B

.reloc Size: 2KB - Virtual size: 2KB

.text Size: 167KB - Virtual size: 168KB

.text
Size: 27KB - Virtual size: 26KB

.data
Size: 1024B - Virtual size: 4KB

.edata
Size: 512B - Virtual size: 110B

.rsrc
Size: 1024B - Virtual size: 944B

.reloc
Size: 2KB - Virtual size: 2KB

.text
Size: 167KB - Virtual size: 168KB