fc74c77df7ff2b4c4249463ff2bcdb02_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

fc74c77df7ff2b4c4249463ff2bcdb02_JaffaCakes118
Size

252KB
MD5

fc74c77df7ff2b4c4249463ff2bcdb02
SHA1

37d85ee82dbde134900c5c50a8d266b6956024cb
SHA256

65fae3c9d8fac1386f9089e6c825c84a97173047c9edd63e977bfa25df6d22c1
SHA512

0942da438e33b7d636cd6828db0a817971c073aa856f5a07839b2a83e0b1dd5b9bb36d37ab27ad572119829702e7351789b343e9e4953da95645d394c8c78b16
SSDEEP

6144:232kkBx67cqddCOTgfzPTjasLEz8gY5EA6FFe7f:2bk367cqiOE7n3LEz8EBF4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
fc74c77df7ff2b4c4249463ff2bcdb02_JaffaCakes118

Files

fc74c77df7ff2b4c4249463ff2bcdb02_JaffaCakes118
.dll windows:4 windows x86 arch:x86

ff3b290bb0e3f54c22a6bd8fa649b35b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegCloseKey
RegCreateKeyExW
RegDeleteKeyW
RegOpenKeyExA
RegOpenKeyExW
RegQueryValueExA
RegQueryValueExW
RegSetValueExW

ole32

StringFromCLSID
StgCreateDocfileOnILockBytes
ReleaseStgMedium
OleUninitialize
OleRegGetUserType
OleInitialize
IsEqualGUID
CreateILockBytesOnHGlobal
CLSIDFromString

gdi32

TextOutW
SetTextColor
SetDCBrushColor
SetBkMode
SelectObject
ScaleWindowExtEx
Rectangle
RectVisible
PtVisible
GetTextMetricsW
CreateCompatibleDC
CreateDCW
CreateFontIndirectW
CreateICW
CreatePen
CreateSolidBrush
DPtoLP
DeleteObject
Escape
ExtTextOutW
GetBkColor
GetDeviceCaps
GetObjectW
GetPaletteEntries
GetStockObject
GetTextColor
GetTextExtentPoint32W

comdlg32

ChooseFontW
GetOpenFileNameW
GetSaveFileNameW
CommDlgExtendedError

shell32

DragFinish
DragQueryFileW
SHGetSettings
SHGetSpecialFolderPathW
ShellAboutW
ShellExecuteExW

msvcrt

memmove
exit
_wcsdup
_onexit
_initterm
_controlfp
_cexit
setlocale
__wgetmainargs
__setusermatherr
__set_app_type
__p__fmode
__p__commode
__dllonexit
__CxxFrameHandler
_XcptFilter
wcscmp
wcscoll
wcstod
_adjust_fdiv
_c_exit

shlwapi

PathFindFileNameW

kernel32

GetCurrentThreadId
GetDateFormatW
GetLastError
GetModuleHandleA
GetSystemTimeAsFileTime
GetUserDefaultLCID
GetVersionExA
GlobalAddAtomW
GlobalAlloc
GetCommandLineA
ExitProcess
DeleteAtom
GlobalFree
CreateFileW
CreateEventW
AddAtomW
GlobalGetAtomNameW
HeapAlloc
HeapCreate
InterlockedIncrement
LoadLibraryExA
LoadLibraryExW
LoadLibraryW
MulDiv
MultiByteToWideChar
SetThreadPriority
SetUnhandledExceptionFilter
TerminateProcess
lstrlenW
lstrcmpW

user32

DefWindowProcW
CharToOemBuffA
CallNextHookEx
EnableWindow
FindWindowW
GetActiveWindow
GetDC
GetMonitorInfoW
LoadIconW
LoadMenuW
OffsetRect
PeekMessageW
SendDlgItemMessageW
SendMessageTimeoutW
SendMessageW
SetCursor
SetFocus
SetRect
UpdateWindow
WinHelpW
GetNextDlgTabItem

Exports

Exports

BindTexture2D
CreateProgress
EnumBaseImageDataPropertyRelease
EventDestroy
GetAvailableRoboDrivers
GetDeviceOption
GetImageDataInfo
GetLastErrors
Launch
MemcpyToArrayAsync

Sections

.text
Size: 168KB - Virtual size: 168KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 108KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ff3b290bb0e3f54c22a6bd8fa649b35b

Headers

File Characteristics

Imports

advapi32

ole32

gdi32

comdlg32

shell32

msvcrt

shlwapi

kernel32

user32

Exports

Exports

Sections

.text Size: 168KB - Virtual size: 168KB

.data Size: 72KB - Virtual size: 108KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 168KB - Virtual size: 168KB

.data
Size: 72KB - Virtual size: 108KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 4KB