fb6dd15ad9df19e9b6e8776fb4ff4d38_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fb6dd15ad9df19e9b6e8776fb4ff4d38_JaffaCakes118
Size

37KB
MD5

fb6dd15ad9df19e9b6e8776fb4ff4d38
SHA1

e4f06810f64a0c971bdfc0107f81c98ae0db6d43
SHA256

bc8a2ceebf6aa0320f2723c7fddca89b1dfeb89031bda18a4de81df1006bd399
SHA512

32bde8f295f4f294c53565979f28027ab22202ae780799e28f9975ea5e1558605102c15d51edcce65428bfc79de995152cc18678a5c72476dfd121c778b55688
SSDEEP

768:HCs1tJBYNy9AqBtTbY3OOOOOOOI27D7ztpRynqDs:Hr1B4y5TyGXxpRyqDs

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fb6dd15ad9df19e9b6e8776fb4ff4d38_JaffaCakes118

Files

fb6dd15ad9df19e9b6e8776fb4ff4d38_JaffaCakes118
.dll windows:4 windows x86 arch:x86

3e113c85a17d4de8011e1faa1677c678

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CompareStringA
ExitProcess
FlushFileBuffers
GetACP
GetCommandLineA
GetModuleHandleA
GetOEMCP
GetStartupInfoA
GetVersion
HeapAlloc
LoadLibraryA
LocalAlloc
MultiByteToWideChar
RtlUnwind
SetLastError
SetUnhandledExceptionFilter
UnmapViewOfFile
VirtualAlloc
VirtualFree
WriteFile
lstrcmpA
lstrcpyA
lstrcpynA
lstrlenA

msvcrt

wcslen
time
setlocale
exit
__set_app_type
__p__commode
__getmainargs

ole32

StringFromGUID2
RegisterDragDrop
OleUninitialize
CLSIDFromString
CoCreateInstance
CoGetMalloc
CoGetObject
CoInitialize
CoTaskMemAlloc
CoTaskMemFree
CoUninitialize
DoDragDrop
OleQueryCreateFromData
OleGetIconOfClass

ntdll

RtlNtStatusToDosError
RtlLeaveCriticalSection
RtlInitUnicodeString
NtClose
NtEnumerateKey
NtMakeTemporaryObject
NtQueryDefaultLocale
NtSetEvent
NtSetValueKey
RtlCopyLuid
RtlCopyUnicodeString
RtlEnterCriticalSection
RtlFreeSid
RtlInitString

shlwapi

PathAppendW
PathIsPrefixW
PathIsUNCServerShareW
PathIsUNCW
StrCpyNW
StrDupW
StrRChrW
PathAddBackslashW

comdlg32

GetOpenFileNameA
GetFileTitleW
ChooseFontW
ChooseFontA
PrintDlgW
PageSetupDlgA

comctl32

ImageList_DrawEx
CreatePropertySheetPageW
ImageList_AddMasked

winmm

mmTaskCreate
mixerGetDevCapsW
mixerGetControlDetailsW
mixerGetControlDetailsA
mixerOpen

oleaut32

RevokeActiveObject
RegisterTypeLib
OleTranslateColor
OleLoadPicturePath
OleIconToCursor
GetErrorInfo
SysFreeString
SysReAllocString
VarBstrCmp
VarBstrCat
SysStringLen
SafeArrayAllocData

user32

OffsetRect
SetFocus
ShowScrollBar
IsCharUpperA
LoadAcceleratorsW
CreateDialogParamA
CreateIconFromResourceEx
DispatchMessageA
EnableWindow
GetMenu
GetMessageA

Sections

.text
Size: 9KB - Virtual size: 9KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 21KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

3e113c85a17d4de8011e1faa1677c678

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

msvcrt

ole32

ntdll

shlwapi

comdlg32

comctl32

winmm

oleaut32

user32

Sections

.text Size: 9KB - Virtual size: 9KB

.data Size: 6KB - Virtual size: 5KB

.rsrc Size: 21KB - Virtual size: 20KB

.text
Size: 9KB - Virtual size: 9KB

.data
Size: 6KB - Virtual size: 5KB

.rsrc
Size: 21KB - Virtual size: 20KB