da7080855a15e1eac7b82d33956f891a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

da7080855a15e1eac7b82d33956f891a_JaffaCakes118
Size

306KB
MD5

da7080855a15e1eac7b82d33956f891a
SHA1

42ba60a6c3b13fd179bcf53e7427211010d7f700
SHA256

3ed9e1e3e8f16f0267bb0c2cc61bc30f017747abc61259091ab7268bf0cd60d7
SHA512

d21416887c53e5f8c5ae238c16c76de24f76d915a5507f04314cc742265ceaa6d230771b7df64005c7dff2d4697a4488d4ddd60dc75749a892a0aab1398d8d67
SSDEEP

6144:nJIDmPH0xLMk8iEzIoeev3OEk6Plz0tDTfkuwtIqlJW7OL/10t9/Rdzdoa1O569k:z0xQmer0tZno2T8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
da7080855a15e1eac7b82d33956f891a_JaffaCakes118

Files

da7080855a15e1eac7b82d33956f891a_JaffaCakes118
.dll windows:4 windows x86 arch:x86

677f17fe22f4e060a0049b9bc8e45f56

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

gdi32

SetBkMode
SetGraphicsMode
SetTextColor
ModifyWorldTransform
SelectObject
GetStockObject
GetObjectA
SaveDC
RestoreDC
SetWindowOrgEx
GetDeviceCaps
DeleteObject
DeleteDC
DPtoLP
CreateSolidBrush
CreateFontIndirectA
CreateCompatibleDC
BitBlt
CreateCompatibleBitmap
SetViewportOrgEx

shell32

ShellExecuteA

ddraw

DirectDrawCreateEx
DDGetAttachedSurfaceLcl

oleaut32

SysFreeString
LoadRegTypeLi
LoadTypeLi
OleCreateFontIndirect
SysAllocString
SysAllocStringLen
SysStringByteLen
SysStringLen
VarUI4FromStr
VariantClear
VariantInit

comctl32

ord17

user32

RedrawWindow
PtInRect
MessageBoxA
MapDialogRect
LoadStringA
LoadCursorA
IsWindow
IsChild
InvalidateRgn
InvalidateRect
GetWindowTextLengthA
GetWindowTextA
GetWindowRect
GetWindowLongA
GetWindow
GetSysColor
GetParent
GetFocus
GetDlgItem
RegisterClassExA
GetDesktopWindow
GetDC
GetCursorPos
GetClientRect
GetClassNameA
GetClassInfoExA
GetActiveWindow
FillRect
EndPaint
EndDialog
EnableWindow
DialogBoxIndirectParamA
DestroyWindow
DestroyAcceleratorTable
DefWindowProcA
CreateWindowExA
CreateAcceleratorTableA
CharNextA
CallWindowProcA
BeginPaint
ReleaseCapture
ReleaseDC
SendMessageA
SetCapture
SetCursor
SetFocus
SetWindowContextHelpId
SetWindowLongA
SetWindowPos
SetWindowTextA
UnregisterClassA
GetDlgCtrlID
wsprintfA
RegisterWindowMessageA

advapi32

RegCloseKey
RegDeleteKeyA
RegSetValueExA
RegQueryValueExA
RegQueryInfoKeyA
RegOpenKeyExA
RegEnumKeyExA
RegDeleteValueA
RegCreateKeyExA

kernel32

QueryPerformanceCounter
MultiByteToWideChar
RaiseException
SetLastError
MulDiv
LockResource
LoadResource
LoadLibraryExA
LoadLibraryA
LeaveCriticalSection
SizeofResource
IsDBCSLeadByte
InterlockedIncrement
InterlockedExchange
InterlockedDecrement
InterlockedCompareExchange
InitializeCriticalSection
HeapFree
HeapAlloc
GlobalUnlock
GlobalLock
GlobalHandle
GlobalFree
GlobalAlloc
GetVersionExA
GetTickCount
GetThreadLocale
GetSystemTimeAsFileTime
GetProcessPriorityBoost
GetProcessHeap
GetProcAddress
GetModuleHandleA
GetModuleFileNameA
GetLocaleInfoA
GetLastError
GetCurrentThreadId
GetCurrentProcessId
GetCurrentProcess
GetACP
FreeLibrary
FlushInstructionCache
FindResourceA
ExitProcess
EnterCriticalSection
DisableThreadLibraryCalls
DeleteCriticalSection
VirtualAlloc
VirtualFree
VirtualProtect
WideCharToMultiByte
lstrcmpA
lstrcmpiA
lstrcpynA
lstrlenA
lstrlenW
IsProcessorFeaturePresent

ole32

CLSIDFromProgID
CLSIDFromString
CoCreateInstance
CoGetClassObject
CoTaskMemAlloc
CoTaskMemFree
CoTaskMemRealloc
CreateStreamOnHGlobal
OleInitialize
OleLockRunning
OleUninitialize
StringFromGUID2

Exports

Exports

CreateCubeTextureFromFileA
MatrixInverse
PreprocessShaderFromFileA
QuaternionLn

Sections

.text
Size: 57KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 130KB - Virtual size: 129KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 29KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 85KB - Virtual size: 84KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 3KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

677f17fe22f4e060a0049b9bc8e45f56

Headers

DLL Characteristics

File Characteristics

Imports

gdi32

shell32

ddraw

oleaut32

comctl32

user32

advapi32

kernel32

ole32

Exports

Exports

Sections

.text Size: 57KB - Virtual size: 56KB

.rdata Size: 130KB - Virtual size: 129KB

.data Size: 29KB - Virtual size: 29KB

.rsrc Size: 85KB - Virtual size: 84KB

.reloc Size: 3KB - Virtual size: 3KB

.text
Size: 57KB - Virtual size: 56KB

.rdata
Size: 130KB - Virtual size: 129KB

.data
Size: 29KB - Virtual size: 29KB

.rsrc
Size: 85KB - Virtual size: 84KB

.reloc
Size: 3KB - Virtual size: 3KB