0d8f91c33ae7562c8c7debf0f7b5f41c_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0d8f91c33ae7562c8c7debf0f7b5f41c_JaffaCakes118
Size

387KB
MD5

0d8f91c33ae7562c8c7debf0f7b5f41c
SHA1

327c9ee062702c109fac1d52814aa0c517c6945f
SHA256

eabfccd1ec7a79803ff5e201623cd1817f9ed59e82b89779206365410f66e041
SHA512

5f42570eae699c08a18452b75334e22c89ac42baaaccc4fc58897368407285278af1f003cebfd7d9ec79c3eebd9d9a2ca775c2a4a58e1eb1b4591b853f13b6c9
SSDEEP

12288:M+gBxHH5m6NBAyf2ftVlrRW5soecd3Arq:M+0xn46NyyfkPlg+YQe

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0d8f91c33ae7562c8c7debf0f7b5f41c_JaffaCakes118

Files

0d8f91c33ae7562c8c7debf0f7b5f41c_JaffaCakes118
.dll windows:4 windows x86 arch:x86

50f271ed81f17a946b9badc742259cf2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

dinput

DirectInputCreateA

gdi32

CreateBitmap
CreateHatchBrush
DeleteDC
GdiDeleteSpoolFileHandle
GetArcDirection
GetDeviceCaps
GetRegionData
GetStockObject
GetWindowOrgEx
OffsetViewportOrgEx
RemoveFontMemResourceEx
ColorCorrectPalette
ScaleViewportExtEx
ScaleWindowExtEx
SetDIBits
SetMapMode
SetRectRgn
SetViewportOrgEx
SetWindowExtEx
CloseMetaFile
RestoreDC

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

comctl32

ord17

user32

UnregisterClassW
UnhookWindowsHookEx
TrackPopupMenuEx
ShowWindow
SetWindowContextHelpId
SetShellWindow
SetRect
SetPropW
SetFocus
SetDlgItemInt
SendMessageW
ScrollWindowEx
ReleaseDC
ReleaseCapture
RegisterClassW
PtInRect
PeekMessageW
ModifyMenuW
MapWindowPoints
LookupIconIdFromDirectory
LoadCursorW
IsWindowEnabled
InvalidateRgn
GetWindowTextW
GetWindowRect
GetWindowLongW
GetTopWindow
GetThreadDesktop
GetSysColorBrush
GetSysColor
GetShellWindow
GetNextDlgTabItem
GetMenuCheckMarkDimensions
GetMenu
GetLastActivePopup
GetKeyboardLayoutList
GetKeyState
GetForegroundWindow
GetDlgItem
GetDC
GetCursor
GetClipboardData
GetClassInfoW
GetCapture
FrameRect
ExcludeUpdateRgn
EndDeferWindowPos
EnableWindow
EnableMenuItem
DrawTextW
DrawIconEx
DispatchMessageW
DeleteMenu
DdeSetUserHandle
DdeNameService
DdeClientTransaction
CreatePopupMenu
CopyRect
ClientToScreen
CheckMenuItem

kernel32

WriteFileEx
lstrlenW
_lread
lstrcpynW
WriteFile
WideCharToMultiByte
WaitForDebugEvent
VirtualUnlock
VirtualQueryEx
VirtualFree
VirtualAlloc
VerSetConditionMask
TransactNamedPipe
TlsSetValue
TlsGetValue
TlsFree
Thread32Next
SetSystemTime
SetEvent
SetErrorMode
RtlUnwind
ReadConsoleOutputAttribute
RaiseException
QueueUserWorkItem
QueryPerformanceCounter
PurgeComm
Process32NextW
Process32FirstW
OpenProcess
MultiByteToWideChar
LockFile
LocalReAlloc
LocalFree
LocalAlloc
LoadResource
LoadLibraryA
LCMapStringW
LCMapStringA
IsSystemResumeAutomatic
IsBadHugeWritePtr
IsBadCodePtr
InterlockedIncrement
InitializeCriticalSection
HeapFree
HeapDestroy
HeapAlloc
GlobalUnlock
GlobalReAlloc
GlobalLock
GlobalHandle
GlobalFindAtomW
GlobalCompact
GlobalAlloc
GlobalAddAtomW
GetVersionExA
GetUserDefaultLCID
GetTickCount
GetThreadLocale
GetTapePosition
GetSystemTimeAsFileTime
GetSystemPowerStatus
GetStdHandle
GetStartupInfoA
GetProcessWorkingSetSize
GetProcessVersion
AllocateUserPhysicalPages
BindIoCompletionCallback
ConnectNamedPipe
ConvertDefaultLocale
CreateConsoleScreenBuffer
CreateToolhelp32Snapshot
EnterCriticalSection
FatalExit
FillConsoleOutputAttribute
FindNextChangeNotification
FlushConsoleInputBuffer
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeLibraryAndExitThread
GetCPInfo
GetCommTimeouts
GetCommandLineA
GetConsoleCP
GetConsoleWindow
GetCurrentConsoleFont
GetCurrentProcessId
GetCurrentThreadId
GetEnvironmentStringsA
GetEnvironmentStringsW
GetExitCodeThread
GetFileAttributesW
GetFileType
GetLastError
GetModuleFileNameW
GetModuleHandleA
GetOverlappedResult
GetProcAddress
GetProcessPriorityBoost

Exports

Exports

GetIndices
Int_GetMax
Number_Lshift
UnpackTuple

Sections

.text
Size: 83KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 208KB - Virtual size: 208KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 73KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

50f271ed81f17a946b9badc742259cf2

Headers

File Characteristics

Imports

dinput

gdi32

winspool.drv

comctl32

user32

kernel32

Exports

Exports

Sections

.text Size: 83KB - Virtual size: 83KB

.rdata Size: 208KB - Virtual size: 208KB

.data Size: 73KB - Virtual size: 75KB

.rsrc Size: 17KB - Virtual size: 17KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 83KB - Virtual size: 83KB

.rdata
Size: 208KB - Virtual size: 208KB

.data
Size: 73KB - Virtual size: 75KB

.rsrc
Size: 17KB - Virtual size: 17KB

.reloc
Size: 4KB - Virtual size: 3KB