049cbb7f55754a30016b76e568061f6f_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

049cbb7f55754a30016b76e568061f6f_JaffaCakes118
Size

80KB
MD5

049cbb7f55754a30016b76e568061f6f
SHA1

aa7135b7efe26739fe4376c7543cf00d4159a4ac
SHA256

9ef1d2316b99e7dcd083c291e7c7cd4e1be1818f7ebca32377082c0386b9deca
SHA512

a8a3cfe451bfd67d172c61c0f7f8bcd3083a586646a2c10e9eebfb364190c4395488eebf1731c8822573109a9ac2cc66faeb145e9263f187b75a484a3c51bc39
SSDEEP

1536:EBkPiKtWvRkkQoBr5lZltRF9gk2tiwZDq230In9hVDOZ0u+40moh2:EiWZkxoBllZ3RJWDFF9hViZ0u+tfh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
049cbb7f55754a30016b76e568061f6f_JaffaCakes118

Files

049cbb7f55754a30016b76e568061f6f_JaffaCakes118
.dll windows:4 windows x86 arch:x86

7eee251ce8fac55ec18f97af3ad69fdd

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

BindIoCompletionCallback
CloseHandle
CompareStringW
CreateMailslotA
DebugActiveProcess
EndUpdateResourceW
EraseTape
ExitProcess
FindFirstChangeNotificationA
GetCalendarInfoW
GetCommandLineA
GetDefaultCommConfigW
GetEnvironmentStringsA
GetFileAttributesA
GetFileSizeEx
GetModuleHandleA
GetNamedPipeHandleStateA
GetProfileStringW
GetStartupInfoA
GetStringTypeExA
GetStringTypeExW
GetSystemDefaultLCID
GetUserDefaultLangID
GetVersionExA
GetVolumeNameForVolumeMountPointA
GlobalGetAtomNameW
HeapAlloc
HeapCreate
HeapFree
InitAtomTable
IsProcessorFeaturePresent
LocalSize
LockResource
MultiByteToWideChar
PulseEvent
SetCommTimeouts
SetLocalTime
SetMailslotInfo
SetThreadExecutionState
UnhandledExceptionFilter
UpdateResourceW
VirtualUnlock
_lopen
lstrcpynA

user32

ScrollWindowEx
SetClassLongA
ScreenToClient
ReleaseDC
RegisterWindowMessageA
PostQuitMessage
MsgWaitForMultipleObjects
IsZoomed
GetWindowDC
GetUpdateRgn
GetScrollInfo
GetFocus
GetCapture
EndPaint
EnableWindow
SetWindowLongA
SetWindowPos
UpdateWindow
EnableMenuItem
DrawFrameControl
DrawEdge
DefFrameProcA
CreateIconIndirect
CheckMenuRadioItem
BeginPaint
BeginDeferWindowPos
SetFocus

advapi32

OpenSCManagerW
QueryServiceConfig2A
ObjectCloseAuditAlarmA
LsaFreeMemory
InitiateSystemShutdownExW
EncryptFileW
ElfBackupEventLogFileA
DeregisterEventSource
CryptSignHashW
CryptGetKeyParam
CryptExportKey
CryptCreateHash
CryptAcquireContextA
CreateWellKnownSid
ConvertToAutoInheritPrivateObjectSecurity
ConvertStringSDToSDRootDomainA
ConvertSecurityDescriptorToAccessNamedA
CloseEncryptedFileRaw
AllocateLocallyUniqueId
AbortSystemShutdownA
QueryServiceConfig2W
StartServiceCtrlDispatcherW
RegReplaceKeyA
SetTraceCallback
SetAclInformation

olepro32

OleLoadPicture
OleCreateFontIndirect

oleacc

GetRoleTextA
GetStateTextW
ObjectFromLresult

security

VerifySignature
FreeContextBuffer
QueryContextAttributesA
QuerySecurityPackageInfoW

comctl32

ImageList_Write
CreateStatusWindowA
DrawStatusTextW
FlatSB_SetScrollProp
GetEffectiveClientRect
ImageList_BeginDrag
ImageList_DragLeave
ImageList_EndDrag
ImageList_GetImageRect
ImageList_SetIconSize
ImageList_SetImageCount
PropertySheetA

oledlg

OleUIAddVerbMenuA
OleUIAddVerbMenuW
OleUIInsertObjectA

comdlg32

ChooseFontA
ChooseFontW
CommDlgExtendedError
FindTextA
PrintDlgA
PrintDlgExW
ReplaceTextA
PrintDlgW

Sections

.text
Size: 48KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 27KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7eee251ce8fac55ec18f97af3ad69fdd

Headers

File Characteristics

Imports

kernel32

user32

advapi32

olepro32

oleacc

security

comctl32

oledlg

comdlg32

Sections

.text Size: 48KB - Virtual size: 52KB

.data Size: 27KB - Virtual size: 28KB

.rsrc Size: 1KB - Virtual size: 4KB

.reloc Size: 1KB - Virtual size: 4KB

.text
Size: 48KB - Virtual size: 52KB

.data
Size: 27KB - Virtual size: 28KB

.rsrc
Size: 1KB - Virtual size: 4KB

.reloc
Size: 1KB - Virtual size: 4KB