dab3683e8b7dc356faa74921b5acf510_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

dab3683e8b7dc356faa74921b5acf510_JaffaCakes118
Size

119KB
MD5

dab3683e8b7dc356faa74921b5acf510
SHA1

4661d27995ab96b52b1eb3a3a06238a8b05272a1
SHA256

12bcd7fc5dd5a0dcff7269c01762b4783b493dc8d8be1ec1774ad1efd0ea13f1
SHA512

7e9ae90227c8510010c84cc26314ca10ab8aa4c1b7cdb31cdfe29b6362e80e4576d1036bf3e1f595d289ee3f51866d4c113c803dcf04c5bc10cc67e4ec809f68
SSDEEP

3072:fxN0QRNxM5hRl6Tx3/mVkcZ0VxHHTe5/dM1:JNnR3ghRmgAVVzid

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dab3683e8b7dc356faa74921b5acf510_JaffaCakes118

Files

dab3683e8b7dc356faa74921b5acf510_JaffaCakes118
.dll windows:4 windows x86 arch:x86

33b4bf34ec64fa8c66584579c99f7da8

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryW
GlobalAlloc
GlobalSize
GetLastError
InitializeCriticalSection
DeleteCriticalSection
EnterCriticalSection
LeaveCriticalSection
WaitForSingleObject
SetThreadPriority
GetProcessHeap
lstrlenA
Sleep
DisableThreadLibraryCalls
lstrcmpiW
InterlockedCompareExchange
QueryPerformanceCounter
GetTickCount
GetCurrentThreadId
GetCurrentProcessId
GetSystemTimeAsFileTime
GetModuleFileNameW
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
ResetEvent
InitializeCriticalSectionAndSpinCount
OutputDebugStringA
MulDiv
SetEvent
CreateEventW
GlobalLock
GlobalUnlock
ExitThread
CreateThread
CloseHandle
LoadLibraryA
LCMapStringW
GetModuleHandleW
GetProcAddress
lstrlenW
InterlockedDecrement
InterlockedIncrement
LocalFree
LocalAlloc
VirtualProtect
VirtualFree
GetCommandLineA
InterlockedExchange
VirtualAlloc

user32

SendMessageW
LoadMenuW
GetSubMenu
GetMenuItemCount
DeleteMenu
RegisterClipboardFormatW
CreateWindowExW
EnableMenuItem
CheckMenuRadioItem
CreatePopupMenu
InsertMenuW
DestroyMenu
SetWindowTextW
GetWindowLongW
SetWindowPos
LoadCursorW
PostThreadMessageW
OffsetRect
GetSysColorBrush
InflateRect
DrawStateW
KillTimer
SetTimer
MsgWaitForMultipleObjects
WinHelpW
SetDlgItemTextW
FillRect
DrawEdge
SystemParametersInfoW
SetForegroundWindow
DestroyIcon
SetMenu
GetWindowRect
DrawMenuBar
IsWindow
ShowWindow
GetMenu
EndDeferWindowPos
MessageBoxW
LoadStringW
SetMenuDefaultItem
SetCursor
DestroyWindow
CreateMenu
TrackPopupMenu
MapWindowPoints
UpdateWindow
IsWindowVisible
SetWindowLongW
EnableWindow
GetSystemMetrics
GetClientRect
GetWindowTextW
GetParent
wsprintfW
GetDialogBaseUnits
GetDlgItemTextW
GetWindowTextLengthW
PostMessageW
PeekMessageW
GetMenuStringW
GetDlgItem
EndDialog
SendDlgItemMessageW
SetFocus
DrawFocusRect

advapi32

RegOpenKeyExA
RegOpenKeyExW
RegQueryValueExA
RegSetValueExW
RegQueryValueExW
RegCloseKey
RegEnumKeyExW
RegDeleteKeyW
RegNotifyChangeKeyValue
ConvertStringSidToSidW
RegCreateKeyExW
RegSetValueW
RegCreateKeyW

gdi32

GetTextExtentPointW
DeleteObject
CreateCompatibleDC
PatBlt
SelectObject
DeleteDC
CreateFontIndirectW

ole32

StringFromGUID2
CoMarshalInterThreadInterfaceInStream
CoGetInterfaceAndReleaseStream
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
ReleaseStgMedium
CoInitialize
CoCreateInstance
CoUninitialize

rpcrt4

RpcBindingVectorFree
RpcStringFreeW
RpcEpRegisterW
RpcServerRegisterIf2
RpcServerInqBindings
RpcServerUseProtseqW
RpcServerUnregisterIf

msvcr71

wcschr
memmove
_vsnwprintf
wcslen
_XcptFilter
free
_CxxThrowException
malloc
_callnewh
memset
_amsg_exit
memcpy
_initterm
_adjust_fdiv
__CppXcptFilter
_onexit
__dllonexit
_except_handler3

Sections

.text
Size: 104KB - Virtual size: 104KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.sxdata
Size: 512B - Virtual size: 8B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

33b4bf34ec64fa8c66584579c99f7da8

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

ole32

rpcrt4

msvcr71

Sections

.text Size: 104KB - Virtual size: 104KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 2KB - Virtual size: 36KB

.sxdata Size: 512B - Virtual size: 8B

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 104KB - Virtual size: 104KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 2KB - Virtual size: 36KB

.sxdata
Size: 512B - Virtual size: 8B

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 3KB