0be9b98856abef4f315927078dbf4959_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0be9b98856abef4f315927078dbf4959_JaffaCakes118
Size

84KB
MD5

0be9b98856abef4f315927078dbf4959
SHA1

1808fe1237ab01d57fd489bf9df9efe8ec169b7c
SHA256

ef3f253f861d99af8bb4c36a180fa5facc5f163d66969664fee969572cebb04e
SHA512

bc5fff1be7ba089c5ec72c68288338252ff46fbd3bae57e984daadd9206d20624fe32f8631dbd57ce2fb3c2b95280613c4da12bf8006681dbe4d722f74139ab4
SSDEEP

1536:f3jVTRZE9zW6Qc7bSKJooGbnaTEuysVf18/BwqxQLrPAzJmIeqz:f3jwWNcqoGbaYCtABwqxYrIH

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0be9b98856abef4f315927078dbf4959_JaffaCakes118

Files

0be9b98856abef4f315927078dbf4959_JaffaCakes118
.dll windows:4 windows x86 arch:x86

34e89f21256e74977b63f1336ddd428d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

ClearCommBreak
CloseHandle
CommConfigDialogW
CreateProcessW
CreateSemaphoreW
DeviceIoControl
DosDateTimeToFileTime
ExitProcess
FindFirstVolumeA
FlushFileBuffers
FoldStringW
GetACP
GetCommandLineA
GetCurrentDirectoryW
GetEnvironmentStringsA
GetLogicalDriveStringsA
GetModuleHandleA
GetOEMCP
GetProcessWorkingSetSize
GetStartupInfoA
GetStartupInfoW
GetSystemDefaultLangID
GetSystemTimeAsFileTime
GetTempPathA
GetVersionExA
GlobalGetAtomNameA
GlobalWire
HeapAlloc
HeapCreate
IsBadCodePtr
IsBadWritePtr
IsProcessorFeaturePresent
IsValidLocale
LoadLibraryA
LoadLibraryExW
LoadModule
LocalFree
LocalUnlock
MoveFileWithProgressA
OpenEventA
OpenEventW
OpenSemaphoreA
OpenWaitableTimerW
ReleaseSemaphore
SetCurrentDirectoryA
SetErrorMode
SetLocalTime
SetThreadContext
SwitchToFiber
Toolhelp32ReadProcessMemory
WaitCommEvent
lstrlenA

user32

SetTimer
SetFocus
SetCursor
SetClipboardData
SendMessageTimeoutA
RegisterClassExA
PostQuitMessage
OffsetRect
MapWindowPoints
LoadStringA
SetWindowPos
GetUpdateRgn
GetSysColor
GetPropA
GetKeyState
GetDoubleClickTime
GetDlgItem
EndDialog
EmptyClipboard
DialogBoxParamA
DialogBoxIndirectParamA
DefWindowProcA
CreateWindowExA
CreateIconIndirect
CreateDialogParamA
CheckMenuItem
BeginDeferWindowPos
ShowWindow
TrackPopupMenu
TranslateMessage
UpdateWindow
WindowFromPoint
KillTimer

msi

MsiGetComponentPathA
MsiGetFileSignatureInformationW
MsiGetProductCodeFromPackageCodeW
MsiGetProductInfoW
MsiGetUserInfoA
MsiPreviewBillboardW
MsiProvideAssemblyA
MsiProvideComponentFromDescriptorA
MsiProvideQualifiedComponentExW
MsiQueryFeatureStateA
MsiFormatRecordA
MsiQueryProductStateW
MsiRecordIsNull
MsiRecordReadStream
MsiReinstallProductW
MsiSequenceA
MsiSetFeatureAttributesA
MsiSetInstallLevel
MsiSetTargetPathW
MsiSourceListClearAllW
MsiSummaryInfoPersist
MsiSummaryInfoSetPropertyW
MsiUseFeatureA
MsiEnumProductsA
MsiEnumPatchesW
MsiEnumFeaturesW
MsiEnumComponentsW
MsiEnumClientsW
MsiEnableUIPreview
MsiDoActionA
MsiDatabaseOpenViewA
MsiCollectUserInfoW
MsiAdvertiseProductExW
MsiQueryFeatureStateW

oleacc

AccessibleChildren

oledlg

OleUIBusyW
OleUICanConvertOrActivateAs
OleUIChangeIconA

dbghelp

SymGetTypeFromName
SymLoadModuleEx
WinDbgExtensionDllInit
SymGetModuleInfo64
sym

comctl32

CreatePropertySheetPageA
CreatePropertySheetPageW
CreateStatusWindowA
CreateUpDownControl
DrawStatusTextA
DrawStatusTextW
FlatSB_EnableScrollBar
FlatSB_GetScrollInfo
PropertySheetW
MakeDragList
LBItemFromPt
ImageList_SetImageCount
ImageList_SetFlags
ImageList_Merge
ImageList_GetImageRect
ImageList_GetImageInfo
ImageList_GetImageCount
ImageList_GetIconSize
ImageList_GetIcon
ImageList_GetBkColor
ImageList_EndDrag
ImageList_DragMove
ImageList_DragEnter
ImageList_Add
GetMUILanguage
GetEffectiveClientRect
FlatSB_SetScrollProp
FlatSB_SetScrollInfo
FlatSB_GetScrollRange
FlatSB_GetScrollPos

comdlg32

ChooseColorA
GetFileTitleW
GetSaveFileNameA
PrintDlgExA
PrintDlgExW
ReplaceTextW
PrintDlgA

security

RevertSecurityContext
InitSecurityInterfaceA
ImportSecurityContextW
ImpersonateSecurityContext
FreeContextBuffer
EnumerateSecurityPackagesA

Sections

.text
Size: 52KB - Virtual size: 52KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

34e89f21256e74977b63f1336ddd428d

Headers

File Characteristics

Imports

kernel32

user32

msi

oleacc

oledlg

dbghelp

comctl32

comdlg32

security

Sections

.text Size: 52KB - Virtual size: 52KB

.data Size: 28KB - Virtual size: 28KB

.rsrc Size: 1KB - Virtual size: 4KB

.reloc Size: 1KB - Virtual size: 4KB

.text
Size: 52KB - Virtual size: 52KB

.data
Size: 28KB - Virtual size: 28KB

.rsrc
Size: 1KB - Virtual size: 4KB

.reloc
Size: 1KB - Virtual size: 4KB