f97f1ffa2b133c4d70e776a536326c81_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

f97f1ffa2b133c4d70e776a536326c81_JaffaCakes118
Size

252KB
MD5

f97f1ffa2b133c4d70e776a536326c81
SHA1

98536e8d525ed46832999a00143f9b3db5e4855b
SHA256

52c71eaef2686cbd193799cf6f0533591f1af46ae3c098bf4f81c05f6fd395e8
SHA512

1ee43fc0e7f3ef062bc2fdf867e9cf6bac19b76c8d6d789bbc97fc1b35c7fb0571bff3cde0bd1026f2e2e1750077893360e0bb0f5975c3b441486e5fa3bcdc85
SSDEEP

6144:O/2FfttuLDPAVZTSuB6r64K/mNWCTe2TvBxxE9C1DbtY2:82xgrmZT8WZ/n/W1bt

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
f97f1ffa2b133c4d70e776a536326c81_JaffaCakes118

Files

f97f1ffa2b133c4d70e776a536326c81_JaffaCakes118
.dll windows:4 windows x86 arch:x86

301b7bdad33db221f374ac1e44e53b0c

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

__p__fmode
__set_app_type
_adjust_fdiv
_controlfp
_except_handler3
_exit
_ftol
_initterm
_purecall
_vsnwprintf
_wcmdln
_wcsdup
_wcsicmp
free
iswspace
memmove
setlocale
wcscmp
wcstod
_XcptFilter
__dllonexit

kernel32

HeapAlloc
HeapCreate
InterlockedIncrement
LoadLibraryW
MulDiv
MultiByteToWideChar
ResetEvent
SetEvent
SetUnhandledExceptionFilter
Sleep
WideCharToMultiByte
lstrcmpiW
lstrlenW
GlobalLock
GlobalFree
GetVersionExA
GetUserDefaultLCID
GetTickCount
GetStartupInfoW
GetModuleHandleA
GetModuleFileNameW
GetFileAttributesW
GetCurrentThreadId
GetCommandLineA
FormatMessageW
FindResourceW
ExitProcess
EnumTimeFormatsW
EnumDateFormatsW
CreateFileW
CreateEventW
GetVersion

advapi32

RegCloseKey
RegDeleteKeyW
RegOpenKeyExA
RegOpenKeyExW
RegQueryValueExA
RegQueryValueExW
RegSetValueExW
RegCreateKeyExW

ole32

StringFromCLSID
ReleaseStgMedium
ReadClassStg
OleUninitialize
OleRegGetUserType
OleInitialize
CreateILockBytesOnHGlobal
CoTaskMemFree
CLSIDFromString
StgCreateDocfileOnILockBytes

gdi32

Rectangle
RectVisible
PtVisible
GetTextMetricsW
GetTextExtentPoint32W
GetTextColor
GetStockObject
GetPaletteEntries
GetObjectW
GetDeviceCaps
GetBkColor
ScaleWindowExtEx
Escape
DeleteObject
EnumFontFamiliesExW
EnumFontFamiliesW
CreateSolidBrush
BitBlt
CreateCompatibleDC
CreateDCW
CreateFontIndirectW
CreateICW
SelectObject
SetBkMode
SetDCBrushColor
SetPixel
SetTextColor
TextOutW
DPtoLP
ExtTextOutW
CreatePen

user32

FillRect
GetCapture
CopyRect
AppendMenuW
WinHelpW
UpdateWindow
SetWindowLongW
SetRect
ScreenToClient
ReleaseCapture
RegisterWindowMessageW
RegisterClipboardFormatW
PtInRect
MsgWaitForMultipleObjects
LoadStringW
LoadBitmapW
IsChild
GetWindowLongW
GetDlgItem
GetDlgCtrlID
GetCursorPos
EnableWindow

shlwapi

PathFindFileNameW

comdlg32

CommDlgExtendedError
GetOpenFileNameW
GetSaveFileNameW
ChooseFontW

shell32

DragQueryFileW
SHGetSettings
SHGetSpecialFolderPathW
ShellAboutW
ShellExecuteExW
DragFinish

Exports

Exports

BindTexture
D3D9UnmapVertexBuffer
EnumFileInItemRelease
EnumImageFormatAttributeReset
EnumTvValueReset
GetCDInfo
GetExposureComp
GetFile
GetFileHeader
GraphicsUnmapResources
IsoTrackSetBootOptions
Memset2D
SetAllParamValueToAtCapture
StreamDestroy

Sections

.text
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

301b7bdad33db221f374ac1e44e53b0c

Headers

File Characteristics

Imports

msvcrt

kernel32

advapi32

ole32

gdi32

user32

shlwapi

comdlg32

shell32

Exports

Exports

Sections

.text Size: 168KB - Virtual size: 168KB

.data Size: 72KB - Virtual size: 108KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 168KB - Virtual size: 168KB

.data
Size: 72KB - Virtual size: 108KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 4KB