f0d3c7e40128109cd19f75762644484a_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f0d3c7e40128109cd19f75762644484a_JaffaCakes118
Size

33KB
MD5

f0d3c7e40128109cd19f75762644484a
SHA1

5df7112a3f42ce5aee3d3514f312d2812b7d386d
SHA256

e6d2a4132c787825e4b5573983692249a372347d2723d7c49bc942a2e054da75
SHA512

bdfca1eb537ed6c9ba7642853dd759761c317784282b6c8a2a772667aed9a235856e0d6babe814e95b851c9d75e9b2db00fb262f92a9fca9086db8a2a5ce5c55
SSDEEP

768:Zpfg5uLicVOIYGcVPp7w1dWOhBRm+A9VOvlDbuV:ZptGcV/OkdWOhBwvzelvu

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f0d3c7e40128109cd19f75762644484a_JaffaCakes118

Files

f0d3c7e40128109cd19f75762644484a_JaffaCakes118
.exe windows:5 windows x86 arch:x86

2abce0616a12cc3482ddf09e08c743b3

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

comdlg32

WantArrows
dwLBSubclass
FindTextA
GetSaveFileNameA
Ssync_ANSI_UNICODE_Struct_For_WOW
PageSetupDlgA
ReplaceTextA
ChooseColorW
GetFileTitleA
ChooseColorA
FindTextW
PrintDlgExW
ChooseFontA
GetSaveFileNameW
LoadAlterBitmap
ReplaceTextW
GetFileTitleW
PrintDlgW
PrintDlgA
dwOKSubclass
GetOpenFileNameW
ChooseFontW
PrintDlgExA
GetOpenFileNameA
CommDlgExtendedError

samlib

SamSetInformationUser
SamGetMembersInGroup
SamOpenDomain
SamAddMemberToGroup
SamTestPrivateFunctionsUser
SamAddMemberToAlias
SamSetInformationDomain
SamCreateAliasInDomain
SamiChangeKeys
SamCreateUserInDomain
SamChangePasswordUser3
SamFreeMemory
SamLookupDomainInSamServer
SamEnumerateDomainsInSamServer
SamShutdownSamServer
SamCreateGroupInDomain
SamQueryInformationGroup
SamOpenUser
SamQueryDisplayInformation
SamRidToSid
SamTestPrivateFunctionsDomain
SamiSetBootKeyInformation
SamOpenAlias
SamConnect
SamSetMemberAttributesOfGroup

kernel32

CreateTimerQueue
lstrcmp
DeleteFileA
UTRegister
GetLocaleInfoW
GlobalAlloc
SetVolumeLabelA
FindNextVolumeA
SetPriorityClass
SetFileAttributesA
CreateFileW
LoadLibraryA
RtlCaptureStackBackTrace
GetThreadSelectorEntry
CreateDirectoryW
FreeLibrary
GetAtomNameA
IsValidLanguageGroup
RemoveDirectoryA
EnumUILanguagesW
OpenSemaphoreW
VirtualAlloc
lstrcatA
OutputDebugStringW
CopyFileExW
GetProfileIntA
OpenJobObjectA
SetCommState
OpenFile
GetConsoleAliasesW
SetComputerNameA
VerSetConditionMask
WaitNamedPipeA
GetFileAttributesW
EnumLanguageGroupLocalesW
SetThreadPriorityBoost
GetPriorityClass
WriteFileEx
GetMailslotInfo
GetFileAttributesExA
FindResourceW
GetACP
WritePrivateProfileStructW
GetOEMCP

msjtes40

DllMain
DllGetClassObject

Sections

.text
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 1024B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2abce0616a12cc3482ddf09e08c743b3

Headers

DLL Characteristics

File Characteristics

Imports

comdlg32

samlib

kernel32

msjtes40

Sections

.text Size: 24KB - Virtual size: 24KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: 4KB - Virtual size: 53KB

.rsrc Size: 1024B - Virtual size: 1024B

.reloc Size: 1024B - Virtual size: 1024B

.text
Size: 24KB - Virtual size: 24KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: 4KB - Virtual size: 53KB

.rsrc
Size: 1024B - Virtual size: 1024B

.reloc
Size: 1024B - Virtual size: 1024B