dae5deac5eaf96250da1c2cfc4b1d8e2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

dae5deac5eaf96250da1c2cfc4b1d8e2_JaffaCakes118
Size

55KB
MD5

dae5deac5eaf96250da1c2cfc4b1d8e2
SHA1

6c92447d12087e1b7cc7ca95d05aaf0f72e3adc9
SHA256

e6125e2bbb6250041dbcab680c8fa243d9e2159788dba6648bbd5da092c21299
SHA512

ebd73ae82ccbd88cedd7d2e358ac8896ea3ce30b58c21b8a4d1373cea103566099f55cdc49a7bc687da3e9bf65efded4f06a35ea40f95f016a222790f3788a41
SSDEEP

1536:vEqCAxAOIfOc4KuWvKJm73K9vmvPueofndo:8ExAFfYKu0qM1avd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
dae5deac5eaf96250da1c2cfc4b1d8e2_JaffaCakes118

Files

dae5deac5eaf96250da1c2cfc4b1d8e2_JaffaCakes118
.dll windows:5 windows x86 arch:x86

e08ccf6a76329a187cd14923af3181f0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

ole32

CoTaskMemFree
WriteFmtUserTypeStg
OleFlushClipboard
CreateItemMoniker
ProgIDFromCLSID

user32

GetDC
PackDDElParam
IsWindowVisible
GetDlgItem
EnumThreadWindows
RemoveMenu
RedrawWindow
FreeDDElParam

gdi32

SetViewportOrgEx
SetStretchBltMode
CreatePolygonRgn
GetSystemPaletteEntries
GetDeviceCaps
SetTextAlign
RoundRect
GetCharWidthA
CreateFontA
EndDoc
SetBkColor
GetClipRgn

mcd3wmdm

CtfImmIsCiceroEnabled
PathIsSlowA
ImmGetCandidateListCountA
SdbReadBYTETag
CtfImmSetCiceroStartInThread
DAD_AutoScroll
CtfImmIsTextFrameServiceDisabled
SdbGetDatabaseID
ExtractIconResInfoA
Activate_RunDLL
CtfAImmActivate
CtfImmIsCiceroStartedInThread
PathCleanupSpec
Options_RunDLLA
ImmDisableIME
DllGetVersion
ImmWINNLSEnableIME
ImmGetCompositionFontA
ImmGetConversionStatus
ImmIsUIMessageA
ImmPenAuxInput
FreeIconList
SdbFreeFlagInfo
RestartDialog
ImmDisableIme
ImmSetStatusWindowPos
RestartDialogEx

msvcrt

memmove
__getmainargs
__setusermatherr

advapi32

CryptReleaseContext
GetLengthSid
MapGenericMask
GetAclInformation
AllocateAndInitializeSid

kernel32

CreateThread
UnhandledExceptionFilter
SetUnhandledExceptionFilter
SetThreadPriority
GetModuleHandleA
IsDBCSLeadByteEx
CreateFileMappingA
UnmapViewOfFile
VirtualQueryEx
RaiseException
MapViewOfFile
WriteFile
GetCurrentThread
GetVolumeInformationA
WaitForMultipleObjects
IsProcessorFeaturePresent

Exports

Exports

CreateProcessNotify
mstsddin

Sections

.text
Size: 35KB - Virtual size: 36KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 14KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e08ccf6a76329a187cd14923af3181f0

Headers

File Characteristics

Imports

ole32

user32

gdi32

mcd3wmdm

msvcrt

advapi32

kernel32

Exports

Exports

Sections

.text Size: 35KB - Virtual size: 36KB

.rdata Size: 2KB - Virtual size: 4KB

.data Size: 14KB - Virtual size: 16KB

.rsrc Size: 1KB - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 35KB - Virtual size: 36KB

.rdata
Size: 2KB - Virtual size: 4KB

.data
Size: 14KB - Virtual size: 16KB

.rsrc
Size: 1KB - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB