019f618e8e6df57996d363c528cae79d_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

019f618e8e6df57996d363c528cae79d_JaffaCakes118
Size

74KB
MD5

019f618e8e6df57996d363c528cae79d
SHA1

523f077030e5891021ef32e97248e82c1aade54c
SHA256

ddc3dfceae1a6a9282ece382cba4f06caf25efbe0b80a9d070e59b17bac659a0
SHA512

f254c6a4438e1a8cbfc6bb0a83f7cd359b7e4663d89e8b660168dabe3d84567053af0947af2b423c6249b4bcdbc3df9ef8ddf199faf3b4142b865e81422c7cc4
SSDEEP

1536:hoE1RaF1KCOLGchXDYuLvAT3oEcDq8Se/NXjSwUkm4/9U3yj:hoE1cxOqULvY3oTDvSe/NXOwUoFUij

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
019f618e8e6df57996d363c528cae79d_JaffaCakes118

Files

019f618e8e6df57996d363c528cae79d_JaffaCakes118
.dll windows:4 windows x86 arch:x86

7eee251ce8fac55ec18f97af3ad69fdd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

BindIoCompletionCallback
CloseHandle
CompareStringW
CreateMailslotA
DebugActiveProcess
EndUpdateResourceW
EraseTape
ExitProcess
FindFirstChangeNotificationA
GetCalendarInfoW
GetCommandLineA
GetDefaultCommConfigW
GetEnvironmentStringsA
GetFileAttributesA
GetFileSizeEx
GetModuleHandleA
GetNamedPipeHandleStateA
GetProfileStringW
GetStartupInfoA
GetStringTypeExA
GetStringTypeExW
GetSystemDefaultLCID
GetUserDefaultLangID
GetVersionExA
GetVolumeNameForVolumeMountPointA
GlobalGetAtomNameW
HeapAlloc
HeapCreate
HeapFree
InitAtomTable
IsProcessorFeaturePresent
LocalSize
LockResource
MultiByteToWideChar
PulseEvent
SetCommTimeouts
SetLocalTime
SetMailslotInfo
SetThreadExecutionState
UnhandledExceptionFilter
UpdateResourceW
VirtualUnlock
_lopen
lstrcpynA

user32

ScrollWindowEx
SetClassLongA
ScreenToClient
ReleaseDC
RegisterWindowMessageA
PostQuitMessage
MsgWaitForMultipleObjects
IsZoomed
GetWindowDC
GetUpdateRgn
GetScrollInfo
GetFocus
GetCapture
EndPaint
EnableWindow
SetWindowLongA
SetWindowPos
UpdateWindow
EnableMenuItem
DrawFrameControl
DrawEdge
DefFrameProcA
CreateIconIndirect
CheckMenuRadioItem
BeginPaint
BeginDeferWindowPos
SetFocus

advapi32

OpenSCManagerW
QueryServiceConfig2A
ObjectCloseAuditAlarmA
LsaFreeMemory
InitiateSystemShutdownExW
EncryptFileW
ElfBackupEventLogFileA
DeregisterEventSource
CryptSignHashW
CryptGetKeyParam
CryptExportKey
CryptCreateHash
CryptAcquireContextA
CreateWellKnownSid
ConvertToAutoInheritPrivateObjectSecurity
ConvertStringSDToSDRootDomainA
ConvertSecurityDescriptorToAccessNamedA
CloseEncryptedFileRaw
AllocateLocallyUniqueId
AbortSystemShutdownA
QueryServiceConfig2W
StartServiceCtrlDispatcherW
RegReplaceKeyA
SetTraceCallback
SetAclInformation

olepro32

OleLoadPicture
OleCreateFontIndirect

oleacc

GetRoleTextA
GetStateTextW
ObjectFromLresult

security

VerifySignature
FreeContextBuffer
QueryContextAttributesA
QuerySecurityPackageInfoW

comctl32

ImageList_Write
CreateStatusWindowA
DrawStatusTextW
FlatSB_SetScrollProp
GetEffectiveClientRect
ImageList_BeginDrag
ImageList_DragLeave
ImageList_EndDrag
ImageList_GetImageRect
ImageList_SetIconSize
ImageList_SetImageCount
PropertySheetA

oledlg

OleUIAddVerbMenuA
OleUIAddVerbMenuW
OleUIInsertObjectA

comdlg32

ChooseFontA
ChooseFontW
CommDlgExtendedError
FindTextA
PrintDlgA
PrintDlgExW
ReplaceTextA
PrintDlgW

Sections

.text
Size: 44KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7eee251ce8fac55ec18f97af3ad69fdd

Headers

File Characteristics

Imports

kernel32

user32

advapi32

olepro32

oleacc

security

comctl32

oledlg

comdlg32

Sections

.text Size: 44KB - Virtual size: 48KB

.data Size: 27KB - Virtual size: 28KB

.rsrc Size: 1024B - Virtual size: 4KB

.reloc Size: 1024B - Virtual size: 4KB

.text
Size: 44KB - Virtual size: 48KB

.data
Size: 27KB - Virtual size: 28KB

.rsrc
Size: 1024B - Virtual size: 4KB

.reloc
Size: 1024B - Virtual size: 4KB