05d5e2ece89c6f0668d63acd86177b37_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

05d5e2ece89c6f0668d63acd86177b37_JaffaCakes118
Size

259KB
MD5

05d5e2ece89c6f0668d63acd86177b37
SHA1

6bf342113c16eb3fe899a3c9be1c8db9abd064e3
SHA256

a4820dceba5e20fcf2d6566c31480bf505c916e82bf8068f84c0f0b1d132cdbb
SHA512

1f5ea6db504ed08c9a2d52655932bdebd201b347259972f7290ad16f2ac46274bac5cafa400e43cffb8a6134ba09ac2ee17425a78d89e3ae38795a42a0976d2f
SSDEEP

6144:7cjZ0Gz7VRJfIKgkcks0xAKh/3CTWh/eRIKDYPt1/VKbPWi060:7hgKKgZk3xtFWRvItlV+Z

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
05d5e2ece89c6f0668d63acd86177b37_JaffaCakes118

Files

05d5e2ece89c6f0668d63acd86177b37_JaffaCakes118
.dll windows:4 windows x86 arch:x86

870ec61332e27865db0a76aad2eb1378

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

comctl32

ord17

kernel32

GetModuleHandleA
GetProcAddress
GetProcessHeap
GetProcessPriorityBoost
GetSystemTimeAsFileTime
GetThreadLocale
GetTickCount
GetVersionExA
GlobalAlloc
GlobalFree
GlobalHandle
GlobalLock
GlobalUnlock
HeapAlloc
InterlockedCompareExchange
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsDBCSLeadByte
IsProcessorFeaturePresent
LeaveCriticalSection
LoadLibraryA
LoadLibraryExA
GetLocaleInfoA
LockFileEx
LockResource
MapViewOfFileEx
MulDiv
QueryPerformanceCounter
RaiseException
SizeofResource
VirtualAlloc
VirtualFree
VirtualProtect
WaitForSingleObjectEx
WideCharToMultiByte
_lwrite
lstrcmpA
lstrcmpiA
lstrlenW
DeleteCriticalSection
DeviceIoControl
EnterCriticalSection
ExitProcess
FindResourceA
FlushInstructionCache
GetCurrentThreadId
FreeLibrary
GetCurrentProcessId
GetCurrentProcess
GetConsoleWindow
GetACP
LocalHandle

user32

GetDlgCtrlID
GetDlgItem
GetFocus
GetMenuItemID
GetParent
GetSysColor
GetSystemMenu
GetWindow
GetWindowLongA
GetWindowRect
IsWindow
LoadCursorA
LoadStringA
MapDialogRect
RedrawWindow
RegisterWindowMessageA
ReleaseDC
SendMessageA
SetCapture
SetCursor
SetFocus
SetWindowContextHelpId
SetWindowLongA
SetWindowPos
TileWindows
UnregisterDeviceNotification
WINNLSEnableIME
WindowFromDC
wsprintfA
GetDesktopWindow
GetDC
GetCursorPos
GetClientRect
GetCaretPos
FillRect
EndPaint
EndDialog
DialogBoxIndirectParamA
DestroyWindow
DestroyAcceleratorTable
DdeGetLastError
CreateWindowExA
CreateAcceleratorTableA
CheckDlgButton
CharNextA
BringWindowToTop
BeginPaint
AttachThreadInput
DdeClientTransaction

ddraw

GetDDSurfaceLocal
DDInternalLock

advapi32

RegDeleteValueA
RegSetValueExA
RegQueryValueExA
RegQueryInfoKeyA
RegCloseKey
RegCreateKeyExA
RegDeleteKeyA
RegEnumKeyExA
RegOpenKeyExA

shell32

DuplicateIcon
SHBindToParent
SHFreeNameMappings
SHGetMalloc
SHLoadNonloadedIconOverlayIdentifiers
DragAcceptFiles

Exports

Exports

ComputeIMTFromTexture
CreateLine
LoadFileOffset
MatrixPerspectiveOffCenterRH
SHRotate
SaveBitmap
SaveData
Vec3Project
Vec3TransformNormal
VecFeedLoad
mpegInUpdateFiles

Sections

.text
Size: 47KB - Virtual size: 47KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 42KB - Virtual size: 43KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 51KB - Virtual size: 50KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

870ec61332e27865db0a76aad2eb1378

Headers

File Characteristics

Imports

comctl32

kernel32

user32

ddraw

advapi32

shell32

Exports

Exports

Sections

.text Size: 47KB - Virtual size: 47KB

.rdata Size: 115KB - Virtual size: 114KB

.data Size: 42KB - Virtual size: 43KB

.rsrc Size: 51KB - Virtual size: 50KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 47KB - Virtual size: 47KB

.rdata
Size: 115KB - Virtual size: 114KB

.data
Size: 42KB - Virtual size: 43KB

.rsrc
Size: 51KB - Virtual size: 50KB

.reloc
Size: 2KB - Virtual size: 1KB