f5d497f30f0ccba626302e8de9c97159_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f5d497f30f0ccba626302e8de9c97159_JaffaCakes118
Size

240KB
MD5

f5d497f30f0ccba626302e8de9c97159
SHA1

956873e0ec83ca13a8a6023de13b9557cb9c107c
SHA256

57a122109eeb38a93a3d782b242314824a14b875b9cea3354b1b99c7f111b433
SHA512

457226a97b1fb4977bf45646c29aadc32be6cf4d16d820364a88734d75647239b4107d2d08f4555ef152cdd9887f278b9df014222c960c3c14045bb2872e7fc2
SSDEEP

6144:zhXY99S8QD/41B0jhK7eMmUh/6HCZYeCBJ5EB:z5zCqq1ZYvT

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f5d497f30f0ccba626302e8de9c97159_JaffaCakes118

Files

f5d497f30f0ccba626302e8de9c97159_JaffaCakes118
.dll windows:4 windows x86 arch:x86

67a1d93dfac674ebf0d814968e07743c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

gdi32

ExtTextOutW
GetBkColor
GetDeviceCaps
GetObjectW
GetPaletteEntries
GetStockObject
GetTextColor
GetTextExtentPoint32W
GetTextMetricsW
PtVisible
Escape
Rectangle
ScaleWindowExtEx
SelectObject
SetBkMode
SetDCBrushColor
SetPixel
SetTextColor
TextOutW
DeleteObject
DPtoLP
CreateCompatibleDC
CreateSolidBrush
CreatePen
CreateICW
CreateFontIndirectW
CreateDCW
RectVisible

shlwapi

PathFindFileNameW

user32

GetAsyncKeyState
GetDC
GetMonitorInfoW
GetNextDlgTabItem
LoadIconW
LoadMenuW
OffsetRect
EnableWindow
SendDlgItemMessageW
GetActiveWindow
SendMessageW
SetCursor
SetFocus
SetRect
UpdateWindow
WinHelpW
DefWindowProcW
CharToOemBuffA
CallNextHookEx
SendMessageTimeoutW
FindWindowW
PeekMessageW

advapi32

RegCreateKeyExW
RegDeleteKeyW
RegOpenKeyExA
RegOpenKeyExW
RegQueryValueExA
RegQueryValueExW
RegSetValueExW
RegCloseKey

shell32

ShellAboutW
SHGetSpecialFolderPathW
SHGetSettings
DragQueryFileW
DragFinish
ShellExecuteExW

msvcrt

memmove
__CxxFrameHandler
__dllonexit
__p__commode
__p__fmode
__set_app_type
__setusermatherr
__wgetmainargs
_adjust_fdiv
_c_exit
wcstod
wcslen
wcscoll
wcscmp
setlocale
_XcptFilter
exit
_wcsdup
_onexit
_initterm
_controlfp
_cexit

ole32

CLSIDFromString
CoTaskMemFree
CreateILockBytesOnHGlobal
OleInitialize
OleRegGetUserType
OleUninitialize
ReleaseStgMedium
StgCreateDocfileOnILockBytes
StringFromCLSID

comdlg32

ChooseFontW
CommDlgExtendedError
GetOpenFileNameW
GetSaveFileNameW

kernel32

LoadLibraryExA
InterlockedIncrement
HeapCreate
HeapAlloc
GlobalGetAtomNameW
GlobalFree
GlobalAlloc
GlobalAddAtomW
GetVersionExA
GetUserDefaultLCID
GetSystemTimeAsFileTime
GetShortPathNameW
GetModuleHandleA
GetLastError
GetDateFormatW
GetCurrentThreadId
LoadLibraryExW
LoadLibraryW
MulDiv
MultiByteToWideChar
SetThreadPriority
SetUnhandledExceptionFilter
lstrcmpW
lstrlenW
TerminateProcess
GetCommandLineA
ExitProcess
DeleteAtom
CreateFileW
CreateEventW
AddAtomW

Exports

Exports

D3D10ResourceGetMappedPitch
EnumFileInItemReset
GetPluggedDevice

Sections

.text
Size: 156KB - Virtual size: 156KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

67a1d93dfac674ebf0d814968e07743c

Headers

File Characteristics

Imports

gdi32

shlwapi

user32

advapi32

shell32

msvcrt

ole32

comdlg32

kernel32

Exports

Exports

Sections

.text Size: 156KB - Virtual size: 156KB

.data Size: 72KB - Virtual size: 120KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 156KB - Virtual size: 156KB

.data
Size: 72KB - Virtual size: 120KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 4KB