ef2c2d8464adbbc2c08bc5061bd9116d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

ef2c2d8464adbbc2c08bc5061bd9116d_JaffaCakes118
Size

84KB
MD5

ef2c2d8464adbbc2c08bc5061bd9116d
SHA1

bcb32e2065ab5bce9bf9c7ed39f31ff8df0af2ab
SHA256

2188b9badfed0ab3b6e814a8f71747d7bec3906c7214b40dadf22064bfdd8e4d
SHA512

f403d80f02790d9f32c090a550e53418fe85ac07b932c644db33473472405ab82467edb2917ead18cacb3c0f67e8836184123531915e5a0c4c584c152e67301a
SSDEEP

1536:NQ6LwPviWE0W1PhJfzTRfHuhckiw6ATr2OZtd:u6LwPE0W1PzVfHuCkiwlRZtd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ef2c2d8464adbbc2c08bc5061bd9116d_JaffaCakes118

Files

ef2c2d8464adbbc2c08bc5061bd9116d_JaffaCakes118
.dll windows:4 windows x86 arch:x86

3dee164b0d0560a1c1c16158afce2742

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CompareFileTime
GetProfileIntW
SetConsoleMode
GetVolumeNameForVolumeMountPointW
GetOverlappedResult
FindAtomW
GetSystemWow64DirectoryW
ClearCommError
GetLocaleInfoA
FormatMessageW
FindAtomA
lstrcmpW
CreateActCtxW
CompareStringW
MultiByteToWideChar
GlobalFindAtomW
GetConsoleOutputCP
GetFullPathNameW
IsValidCodePage
FindVolumeMountPointClose
ReadFile
CreateIoCompletionPort
GetThreadTimes
DeviceIoControl
FindResourceExA
GetCommProperties
WideCharToMultiByte
DnsHostnameToComputerNameW
IsBadCodePtr
EnumResourceLanguagesW
GlobalDeleteAtom
LocalUnlock
ReplaceFileW
CreateMailslotA
LockFile
GetFileAttributesExA
FindResourceExW
GetSystemTime
FlushViewOfFile
ConnectNamedPipe
WinExec
GetNumberFormatW
ConvertDefaultLocale
UnregisterWaitEx
OpenThread
DeleteTimerQueueTimer
GetTempPathA
CopyFileW
GetStartupInfoW
lstrcpyW
CancelIo
WaitCommEvent
ReadProcessMemory
CreateConsoleScreenBuffer
EnumResourceNamesA
GetVolumeInformationW
GetShortPathNameW
ReadConsoleA
FindNextVolumeMountPointW
RegisterWaitForSingleObject
QueueUserAPC
MoveFileExA
WaitForMultipleObjectsEx
LocalLock
FindFirstChangeNotificationA
GlobalAddAtomW
MoveFileW
GetWindowsDirectoryA
RegisterWaitForSingleObjectEx
SearchPathA
GetComputerNameW
SetCurrentDirectoryW
FindResourceW
SetHandleCount
GetCurrentProcess
InterlockedCompareExchange
CreateFileA
InterlockedDecrement
GetTickCount
lstrlenA
InterlockedExchange
InterlockedIncrement
WriteFile
GetComputerNameA
SetLastError
GetProcessHeap
GetVolumeInformationA
CopyFileA
LeaveCriticalSection
HeapAlloc
VirtualProtect
EnterCriticalSection
GetProcAddress
SetEvent
GetModuleFileNameA
VirtualQuery
LoadLibraryA
CreateFileMappingA
UnmapViewOfFile
CreateEventA
SetupComm

ole32

OleSetMenuDescriptor
StgOpenStorageEx
SetConvertStg
MkParseDisplayName
PropVariantCopy
CoGetClassObject
CoFreeUnusedLibraries
CoCreateGuid
CoFreeUnusedLibrariesEx
CreateGenericComposite
CoGetCallContext
CoAddRefServerProcess
CoWaitForMultipleHandles
CoTaskMemAlloc
CoInitialize
CoTaskMemFree

user32

DrawIcon
TrackPopupMenuEx
CreateIconIndirect
GetMenuState
SetRectEmpty
DrawTextExW
SetThreadDesktop
CharNextW
CheckMenuRadioItem
ShowOwnedPopups
PackDDElParam
MapDialogRect
TranslateMDISysAccel
ShowWindowAsync
GetClassInfoW
ReplyMessage
LoadBitmapW
MonitorFromRect
FrameRect
TrackPopupMenu
GetFocus
CopyImage
DialogBoxIndirectParamA
GetWindowLongA
GetWindowRect
SetRect
DrawFrameControl
UnregisterHotKey
GetCaretPos
DialogBoxIndirectParamW
UnionRect
DrawAnimatedRects
CheckDlgButton
GetMessageTime
IsWindowEnabled
ScrollWindow
GetWindowLongW
OemToCharA
wvsprintfA
EndDeferWindowPos
GrayStringW
WinHelpA
SendMessageTimeoutA
SetDlgItemTextW
MsgWaitForMultipleObjectsEx
TrackMouseEvent
GetParent
LoadAcceleratorsW
GetSysColor
CharLowerA
RemoveMenu
LockWindowUpdate
GetMenuItemCount
EnumDesktopsW
IsWindow
CharUpperBuffA
PeekMessageW
CopyIcon
PostMessageA
GetDoubleClickTime
GetUserObjectInformationW
DrawEdge
SetScrollPos
GetMessageExtraInfo
MsgWaitForMultipleObjects
CallNextHookEx
UnhookWindowsHookEx
GetClassNameA
GetScrollPos

shlwapi

PathRemoveArgsW
SHRegSetUSValueW
PathCommonPrefixW
PathIsPrefixW
StrCmpNIA
SHDeleteKeyW
PathParseIconLocationW
wnsprintfW
PathRemoveFileSpecA
SHRegGetUSValueW
StrRChrW
PathFindFileNameA
PathStripToRootW
SHRegGetValueW
PathSkipRootW
PathRenameExtensionW
PathAppendA
PathAddBackslashA
StrCpyW
StrStrIA
StrStrIW
PathGetDriveNumberW

shell32

ShellExecuteExW
DragFinish
ExtractIconExA
SHCreateDirectoryExW
ShellExecuteExA
SHBrowseForFolderA

gdi32

PolyBezierTo
EndPath
SetAbortProc
UpdateColors
GetTextAlign
WidenPath
PathToRegion
GetPath
GetTextExtentPointA
CreateBitmap
CreateMetaFileA
Ellipse
GetTextExtentPoint32W
GetCurrentObject
SetBkColor
PolylineTo
CreateDIBitmap
AbortDoc
CreateICA
GetRegionData
CopyEnhMetaFileA
GetClipRgn
DeleteEnhMetaFile
GetCharWidthW
CreateFontA
DescribePixelFormat
GetCharWidth32W
GetBkColor
BitBlt
GetBrushOrgEx
MoveToEx
SetRectRgn
GetPolyFillMode
PolyBezier
AbortPath
SelectPalette
GetWinMetaFileBits
CreateDIBSection
TranslateCharsetInfo
GetNearestPaletteIndex
SetBitmapBits
RoundRect
SetTextAlign
CreatePatternBrush
GetTextMetricsW

Exports

Exports

CPlApplet

Sections

.text
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3dee164b0d0560a1c1c16158afce2742

Headers

File Characteristics

Imports

kernel32

ole32

user32

shlwapi

shell32

gdi32

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 57KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 8KB - Virtual size: 5KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 60KB - Virtual size: 57KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 8KB - Virtual size: 5KB

.reloc
Size: 4KB - Virtual size: 2KB