ef32a1f7c615115caa98e81d30fd7f72_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

ef32a1f7c615115caa98e81d30fd7f72_JaffaCakes118
Size

84KB
MD5

ef32a1f7c615115caa98e81d30fd7f72
SHA1

6bb957990eb1559d0ee98c7e8a13c9f2f8ad359d
SHA256

ab7b9a0d139f8a3b96524a2f05d15256a048027d83f1d49eafabaac886b33458
SHA512

37c2ca9caf9d8b1f554a38bc50094d0a657e37617d74c3d26e413f5b6b375f5ecd2c64732dd78d77056f8a76d7102db4c28a1f0fa3b8232c0138437bf5dc2df1
SSDEEP

1536:WrzM96ie2oI6aqjh1WOrDtK0bGdEWtSU8AhM4hRv2SCAjDt21F+B:v6vaqjh1WMtxGdEWtSU8mjhRv2SCAHt2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
ef32a1f7c615115caa98e81d30fd7f72_JaffaCakes118

Files

ef32a1f7c615115caa98e81d30fd7f72_JaffaCakes118
.dll windows:4 windows x86 arch:x86

8a234108816b5d8e18bcd2df375f6584

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapUnlock
CreateMutexA
CreateProcessW
GetCommMask
PostQueuedCompletionStatus
GetStringTypeExA
GetCurrentProcess
ReadFileEx
LocalHandle
DeleteCriticalSection
DeleteTimerQueueTimer
VirtualFree
FindFirstChangeNotificationA
GetModuleHandleW
HeapLock
CreateRemoteThread
IsBadStringPtrW
MapViewOfFileEx
ConvertDefaultLocale
WriteConsoleInputA
CreateFileW
GetBinaryTypeA
SetCommBreak
DeleteTimerQueue
GetCommandLineA
TerminateProcess
SetNamedPipeHandleState
FillConsoleOutputCharacterW
FindResourceExW
SystemTimeToFileTime
SetConsoleCtrlHandler
SetStdHandle
FreeConsole
GetCurrentDirectoryA
LocalFileTimeToFileTime
GetFileTime
ReleaseSemaphore
FindNextChangeNotification
FormatMessageA
LockFile
GetNumberOfConsoleInputEvents
HeapReAlloc
GetSystemPowerStatus
RemoveDirectoryA
GlobalFindAtomW
DeleteFileA
OpenEventW
SetConsoleTitleA
WriteProfileStringW
LocalLock
EnumResourceLanguagesW
GetProfileIntA
VerSetConditionMask
GetLogicalDriveStringsA
HeapSetInformation
IsBadReadPtr
GetCurrencyFormatA
ClearCommBreak
UnregisterWait
MoveFileExW
BackupWrite
QueueUserWorkItem
IsBadStringPtrA
GetEnvironmentVariableW
FindFirstChangeNotificationW
FindResourceExA
CopyFileA
InterlockedIncrement
ExitProcess
CreateEventA
GetModuleHandleA
GetSystemTimeAsFileTime
InterlockedDecrement
CloseHandle
LeaveCriticalSection
CreateFileMappingA
VirtualProtect
GetProcessHeap
SetLastError
InterlockedCompareExchange
SetEvent
OpenEventA
EnterCriticalSection
GetProcAddress
CreateEventW
LoadLibraryA

user32

SetForegroundWindow
CreateMenu
CreateAcceleratorTableA
GetMenuStringA
DestroyWindow
DrawFrameControl
GetTopWindow
ReuseDDElParam
CheckRadioButton
LoadMenuW
LoadBitmapA
GetFocus
FrameRect
GetClassInfoExW
DestroyIcon
GetComboBoxInfo
GetMessageW
RegisterWindowMessageA
GetDialogBaseUnits
EnumChildWindows
SendInput
FindWindowExW
CreateIcon
ChangeMenuA
UnregisterClassW
OpenDesktopA
GetWindowRgn
GetProcessDefaultLayout
IsWindow
ShowCaret
GetMonitorInfoA
MapDialogRect
ModifyMenuA
ToAsciiEx
WinHelpW
SetSysColors
MessageBeep
SetScrollPos
GetCaretPos
DefMDIChildProcA
GetUserObjectInformationW
ChildWindowFromPointEx
LoadStringA
SetParent
EnumThreadWindows
MessageBoxExW
ScrollDC
OemToCharBuffA
SetRectEmpty
BeginPaint
GetMenuStringW
CreateIconFromResourceEx
FillRect
SendNotifyMessageW
GetUpdateRect
TranslateAcceleratorW
FreeDDElParam
InternalGetWindowText
MapWindowPoints
GetWindowLongA
InsertMenuW
SwitchToThisWindow
PtInRect
GetMenuItemRect
EnableScrollBar
GetParent
DrawIcon
ScrollWindow
WaitForInputIdle
ChangeDisplaySettingsA
RedrawWindow
GetSubMenu
GetScrollInfo
AdjustWindowRectEx
LoadCursorW
InvalidateRgn
DrawTextW
DrawTextExA
MonitorFromWindow
DestroyCaret
InsertMenuItemA
wvsprintfW
DialogBoxIndirectParamW
GetIconInfo
GetClassInfoExA
CheckMenuRadioItem
SetPropA
UnionRect
GetDCEx
CreateDialogIndirectParamW
OpenDesktopW
GetClassNameA
KillTimer
CallNextHookEx
LoadIconA
MapVirtualKeyExW

shlwapi

PathCommonPrefixW
StrStrA
PathRemoveFileSpecW
PathUndecorateW
PathFindFileNameA
PathFileExistsW
SHRegSetPathW
PathQuoteSpacesW
SHCreateShellPalette
PathSkipRootW
PathGetDriveNumberW
PathStripPathW
PathCompactPathW
PathFindExtensionW
StrTrimW
PathBuildRootW
PathIsNetworkPathW
StrDupW
StrCmpIW
UrlCanonicalizeW
StrToIntExW
PathRenameExtensionW
AssocQueryStringW

shell32

SHGetSpecialFolderPathA
DragAcceptFiles
DragFinish
SHPathPrepareForWriteW
SHAppBarMessage

gdi32

CreateDCW
PtVisible
GetMapMode
GetPixelFormat
GetCharABCWidthsA
GetViewportOrgEx
GetRegionData
GetNearestColor
ExtTextOutA
ResizePalette
SetROP2
SetRectRgn
GetGlyphOutlineW
AddFontResourceW
CloseFigure
GetPaletteEntries
CreateDIBSection
EndPath
SelectPalette
CreateDIBPatternBrushPt
DeleteEnhMetaFile
AbortDoc
SetMiterLimit
SetPolyFillMode
CreateBrushIndirect
SetTextCharacterExtra
SetGraphicsMode
PolyBezierTo
GetLayout
SetViewportExtEx
GetRgnBox
CreateRectRgnIndirect
GetDCOrgEx
Arc
GetGraphicsMode
PlayEnhMetaFileRecord
LPtoDP
CreateCompatibleDC
StartDocW
GetBitmapBits

Exports

Exports

CPlApplet

Sections

.text
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8a234108816b5d8e18bcd2df375f6584

Headers

File Characteristics

Imports

kernel32

user32

shlwapi

shell32

gdi32

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 58KB

.rdata Size: 8KB - Virtual size: 6KB

.data Size: 8KB - Virtual size: 6KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 60KB - Virtual size: 58KB

.rdata
Size: 8KB - Virtual size: 6KB

.data
Size: 8KB - Virtual size: 6KB

.reloc
Size: 4KB - Virtual size: 2KB