feede0046da61dc3f936d5be7d423491_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

feede0046da61dc3f936d5be7d423491_JaffaCakes118
Size

130KB
MD5

feede0046da61dc3f936d5be7d423491
SHA1

7b6fb84ba40547da26907f98b5cad9d2a006480f
SHA256

1038c3f19416095adc60f645044c49604613e9d96e1d077be1c237c85ae54f7b
SHA512

76360e06d1b4ada66d0cde70cf0a5e5d58d03a6cc3f398a507282d92cd3f34b36a6328d5c771fa19b18438f4b9a3c996a555ca661e652ebd668840bbdecdbd55
SSDEEP

3072:CFVooiuIc9mHx4zEn8HhF4PRZ84mRRBIjrLxT8TTJUotPW+:0KoiuIr7n8O8HpAT4htn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
feede0046da61dc3f936d5be7d423491_JaffaCakes118

Files

feede0046da61dc3f936d5be7d423491_JaffaCakes118
.dll windows:4 windows x86 arch:x86

e094109d45d2cb574f8f0edfc7a9bd93

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalFree
ExpandEnvironmentStringsW
CreateFileW
GetFileSize
CreateFileMappingW
MapViewOfFile
GetCPInfo
GetStringTypeW
IsDBCSLeadByteEx
IsValidCodePage
LoadLibraryW
FreeLibrary
GlobalUnlock
GetLocaleInfoW
GetThreadLocale
CompareStringW
lstrcmpW
MulDiv
MultiByteToWideChar
GetLocaleInfoA
lstrcpyW
lstrcatW
GetLocalTime
GetTickCount
GlobalHandle
GlobalLock
GlobalAlloc
InterlockedCompareExchange
TerminateProcess
GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
GetProfileStringW
InterlockedExchange
LocalAlloc
LocalFree
CloseHandle
Sleep
IsDBCSLeadByte
lstrcmpiA
DeleteCriticalSection
lstrlenW
WideCharToMultiByte
InterlockedDecrement
EnterCriticalSection
LeaveCriticalSection
InitializeCriticalSection
CreateMutexA
UnmapViewOfFile
WaitForSingleObject
ReleaseMutex
DisableThreadLibraryCalls
GetVersion
GetCommandLineA
VirtualProtect
GetACP

user32

FillRect
PostQuitMessage
GetFocus
LoadIconW
EnumChildWindows
LoadCursorW
RegisterClassW
GetKeyboardLayout
ClientToScreen
DispatchMessageW
GetDlgItem
EndDialog
SetScrollRange
SetScrollPos
SetDlgItemTextW
LoadStringW
GetDlgItemTextW
GetParent
TranslateMessage
IsDialogMessageW
GetMessageW
GetSysColor
AdjustWindowRectEx
SetRect
GetScrollInfo
UnregisterClassW
InvalidateRect
IsWindowEnabled
SendDlgItemMessageW
EnableWindow
ReleaseCapture
ShowCursor
SetFocus
DestroyWindow
CreateWindowExW
KillTimer
SetTimer
ShowWindow
SendMessageW
GetSystemMetrics
DrawFocusRect
GetWindowRect
GetClientRect
SetWindowLongW
GetWindowLongW
ReleaseDC
GetDC
GetWindowDC
MapWindowPoints
BeginPaint
EndPaint
GetMessagePos
PtInRect
DefWindowProcW
SetCapture
GetUpdateRect
WindowFromPoint
ScreenToClient
GetCursorPos
GetMessageTime
GetAsyncKeyState
ValidateRect
GetWindowTextLengthW
GetWindowTextW
MoveWindow

advapi32

RegCloseKey
RegCreateKeyExW
RegSetValueExW
RegEnumValueW
CryptReleaseContext
CryptDestroyHash
CryptGetHashParam
CryptHashData
CryptCreateHash
CryptAcquireContextW
RegCreateKeyExA

gdi32

DeleteDC
CreateCompatibleDC
CreateCompatibleBitmap
TextOutW
GetTextAlign
GetCharWidth32W
GetFontData
GetTextExtentPoint32W
SetBkMode
SetTextAlign
GetDeviceCaps
GetTextMetricsW
SelectObject
DeleteObject
CreateFontIndirectW
SetBkColor
SetTextColor
CreateSolidBrush
UnrealizeObject
BitBlt

ole32

OleInitialize
OleUninitialize
CoCreateInstance
CoTaskMemFree
CoTaskMemAlloc
CoTaskMemRealloc
CoUninitialize

rpcrt4

NdrProxyGetBuffer
UuidFromStringA
NdrConformantArrayMarshall
NdrComplexArrayMarshall
NdrInterfacePointerMarshall
NdrPointerBufferSize
NdrPointerMarshall
NdrPointerUnmarshall
NdrInterfacePointerUnmarshall
NdrConformantArrayUnmarshall
NdrPointerFree
NdrInterfacePointerFree
NdrComplexStructBufferSize
NdrInterfacePointerBufferSize
NdrConformantArrayBufferSize
NdrComplexArrayBufferSize
NdrComplexStructMarshall
RpcRaiseException
NdrComplexStructUnmarshall
NdrComplexArrayUnmarshall
NdrStubInitialize
NdrUserMarshalUnmarshall
NdrStubGetBuffer
NdrUserMarshalFree
NdrProxyInitialize
NdrUserMarshalBufferSize
NdrConvert
NdrUserMarshalMarshall
NdrProxySendReceive
NdrProxyFreeBuffer

msvcrt

__CxxFrameHandler
_except_handler3
_adjust_fdiv
malloc
_initterm
free
sprintf
memmove
memset
_vsnwprintf
memcpy
towupper
exit
_ismbblead
_cexit
calloc
realloc
_wcsupr
wcsstr
_wtol
_XcptFilter
atoi

Sections

.text
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 6KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1KB - Virtual size: 35KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e094109d45d2cb574f8f0edfc7a9bd93

Headers

File Characteristics

Imports

kernel32

user32

advapi32

gdi32

ole32

rpcrt4

msvcrt

Sections

.text Size: 115KB - Virtual size: 114KB

.rdata Size: 6KB - Virtual size: 5KB

.data Size: 1KB - Virtual size: 35KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 115KB - Virtual size: 114KB

.rdata
Size: 6KB - Virtual size: 5KB

.data
Size: 1KB - Virtual size: 35KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 5KB - Virtual size: 5KB