e107c7abd4ca9a574caaece2bcd49858_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

e107c7abd4ca9a574caaece2bcd49858_JaffaCakes118
Size

248KB
MD5

e107c7abd4ca9a574caaece2bcd49858
SHA1

64c6f6313311b60d5244f6b5b4be691b1693c3ad
SHA256

44823067a9e2f8ccb231fca1e7afc0acbcde96b5346f2986993df40cf9502e2f
SHA512

cd9f726d1671ca652b39c0772fc95cf12043fa97b10429980ecff1ad7efc11f5a0160f950652ae193fae80efa5053d84ddc46c2510bbe7e64a0d5b7517ec6ca0
SSDEEP

6144:5eWa4G1AQYD5BghIzekts9/vlGQ8xcj27jJa4n/btmBOqn:5BG1JYfghIzHt6/dGO2JamWO

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
e107c7abd4ca9a574caaece2bcd49858_JaffaCakes118

Files

e107c7abd4ca9a574caaece2bcd49858_JaffaCakes118
.dll windows:4 windows x86 arch:x86

301b7bdad33db221f374ac1e44e53b0c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

__p__fmode
__set_app_type
_adjust_fdiv
_controlfp
_except_handler3
_exit
_ftol
_initterm
_purecall
_vsnwprintf
_wcmdln
_wcsdup
_wcsicmp
free
iswspace
memmove
setlocale
wcscmp
wcstod
_XcptFilter
__dllonexit

kernel32

HeapAlloc
HeapCreate
InterlockedIncrement
LoadLibraryW
MulDiv
MultiByteToWideChar
ResetEvent
SetEvent
SetUnhandledExceptionFilter
Sleep
WideCharToMultiByte
lstrcmpiW
lstrlenW
GlobalLock
GlobalFree
GetVersionExA
GetUserDefaultLCID
GetTickCount
GetStartupInfoW
GetModuleHandleA
GetModuleFileNameW
GetFileAttributesW
GetCurrentThreadId
GetCommandLineA
FormatMessageW
FindResourceW
ExitProcess
EnumTimeFormatsW
EnumDateFormatsW
CreateFileW
CreateEventW
GetVersion

advapi32

RegCloseKey
RegDeleteKeyW
RegOpenKeyExA
RegOpenKeyExW
RegQueryValueExA
RegQueryValueExW
RegSetValueExW
RegCreateKeyExW

ole32

StringFromCLSID
ReleaseStgMedium
ReadClassStg
OleUninitialize
OleRegGetUserType
OleInitialize
CreateILockBytesOnHGlobal
CoTaskMemFree
CLSIDFromString
StgCreateDocfileOnILockBytes

gdi32

Rectangle
RectVisible
PtVisible
GetTextMetricsW
GetTextExtentPoint32W
GetTextColor
GetStockObject
GetPaletteEntries
GetObjectW
GetDeviceCaps
GetBkColor
ScaleWindowExtEx
Escape
DeleteObject
EnumFontFamiliesExW
EnumFontFamiliesW
CreateSolidBrush
BitBlt
CreateCompatibleDC
CreateDCW
CreateFontIndirectW
CreateICW
SelectObject
SetBkMode
SetDCBrushColor
SetPixel
SetTextColor
TextOutW
DPtoLP
ExtTextOutW
CreatePen

user32

FillRect
GetCapture
CopyRect
AppendMenuW
WinHelpW
UpdateWindow
SetWindowLongW
SetRect
ScreenToClient
ReleaseCapture
RegisterWindowMessageW
RegisterClipboardFormatW
PtInRect
MsgWaitForMultipleObjects
LoadStringW
LoadBitmapW
IsChild
GetWindowLongW
GetDlgItem
GetDlgCtrlID
GetCursorPos
EnableWindow

shlwapi

PathFindFileNameW

comdlg32

CommDlgExtendedError
GetOpenFileNameW
GetSaveFileNameW
ChooseFontW

shell32

DragQueryFileW
SHGetSettings
SHGetSpecialFolderPathW
ShellAboutW
ShellExecuteExW
DragFinish

Exports

Exports

EnumExposureCompReset
FreeArray
Memcpy2DFromArray
ThreadSynchronize

Sections

.text
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

301b7bdad33db221f374ac1e44e53b0c

Headers

File Characteristics

Imports

msvcrt

kernel32

advapi32

ole32

gdi32

user32

shlwapi

comdlg32

shell32

Exports

Exports

Sections

.text Size: 164KB - Virtual size: 164KB

.data Size: 72KB - Virtual size: 112KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 164KB - Virtual size: 164KB

.data
Size: 72KB - Virtual size: 112KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 4KB