0f75fe9a64ffab914aad4a48d5f78c07_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0f75fe9a64ffab914aad4a48d5f78c07_JaffaCakes118
Size

80KB
MD5

0f75fe9a64ffab914aad4a48d5f78c07
SHA1

fed1c955d38ff0968978bf7a24c8f4c32c1f8a7d
SHA256

a166662af8204b205f9449d03073312b05936853490c80ec626e60151ce6c934
SHA512

af64edec176c4d37c9c5fb609e5a1acd6f272149fb47fde1e3f307b2b734ff1c67a13da09a76047c63afd930352ace5c7b12522d2bc36b237ddfb6f709e373af
SSDEEP

1536:Gu519BBOYyvMpZezrjrvZUbVb/QV1NqrLcdLFBiCYCLZlKV:Gm9gMpwXnvSbVb2NULcPBiCYAoV

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f75fe9a64ffab914aad4a48d5f78c07_JaffaCakes118

Files

0f75fe9a64ffab914aad4a48d5f78c07_JaffaCakes118
.dll windows:4 windows x86 arch:x86

7f71f4e9b141d512111de7db49275929

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

FillConsoleOutputCharacterW
UnregisterWaitEx
IsBadHugeReadPtr
RemoveDirectoryW
FindCloseChangeNotification
lstrcpynA
CreateIoCompletionPort
MoveFileExW
CopyFileExW
TransactNamedPipe
ReadFileEx
HeapReAlloc
FindAtomW
SetErrorMode
TryEnterCriticalSection
GetCurrentThread
PurgeComm
SetNamedPipeHandleState
GetShortPathNameA
CreateFileA
FileTimeToSystemTime
GetCurrentProcessId
CreateNamedPipeA
VerSetConditionMask
GetCommandLineA
CopyFileW
GetThreadContext
GetProfileStringA
SetComputerNameA
SuspendThread
GetTempFileNameW
FindClose
LocalLock
ReadConsoleInputW
GetSystemDirectoryW
GetDiskFreeSpaceA
GetDateFormatW
CreateMutexW
ReadConsoleW
SleepEx
ClearCommError
GetTimeFormatW
SetVolumeLabelW
HeapWalk
QueryPerformanceFrequency
LocalUnlock
MapViewOfFileEx
ReadFile
CompareStringW
TerminateProcess
QueueUserWorkItem
IsWow64Process
GetUserDefaultLCID
GlobalDeleteAtom
OpenEventA
GetProcessVersion
IsValidCodePage
LCMapStringA
GetWindowsDirectoryW
VerifyVersionInfoA
LocalReAlloc
GlobalFlags
GetLogicalDrives
SetDefaultCommConfigW
SizeofResource
GlobalAddAtomW
FindFirstFileExW
IsBadStringPtrA
CreateTimerQueue
GetSystemInfo
CreateWaitableTimerA
IsBadHugeWritePtr
lstrcpyW
GetFileAttributesExW
InterlockedCompareExchange
FindNextFileW
SetConsoleTitleA
MultiByteToWideChar
WaitForSingleObjectEx
SearchPathA
HeapCreate
FindFirstVolumeW
GetModuleFileNameW
FindFirstChangeNotificationW
EnumUILanguagesW
AssignProcessToJobObject
ConnectNamedPipe
GetModuleHandleW
LockFile
GetEnvironmentStrings
GetConsoleCP
LocalFlags
CreateTimerQueueTimer
OpenMutexA
HeapUnlock
GetFullPathNameW
IsBadStringPtrW
SetFileAttributesA
GlobalAlloc
GetNumberFormatA
LocalFileTimeToFileTime
IsBadReadPtr
GetHandleInformation
FindAtomA
FindNextChangeNotification
GetSystemDefaultUILanguage
CallNamedPipeA
WriteFile
GetCommandLineW
WinExec
OpenProcess
GetEnvironmentStringsW
GetCurrentThreadId
FreeEnvironmentStringsW
GetVersion
GetLocaleInfoW
GetVolumeNameForVolumeMountPointW
GetLargestConsoleWindowSize
VirtualAllocEx
ReadDirectoryChangesW
PostQueuedCompletionStatus
GetFileAttributesExA
GetStringTypeW
GlobalReAlloc
SetVolumeMountPointW
GetCompressedFileSizeW
CloseHandle
VirtualQuery
MapViewOfFile
lstrlenA
GetProcessHeap
LeaveCriticalSection
LoadLibraryA
GetModuleFileNameA
CreateThread
CopyFileA
EnterCriticalSection
UnmapViewOfFile
HeapAlloc
CreateDirectoryA
GetLastError
CreateFileMappingA
CreateMutexA
lstrcatW
WaitForSingleObject
GetProcAddress
lstrlenW
GetComputerNameA
CreateProcessA
VirtualFree

ole32

CreateOleAdviseHolder
OleUninitialize
OleCreateMenuDescriptor
OleIsRunning
CoDisableCallCancellation
OleCreateLink
CoGetClassObject
CoTaskMemRealloc
OleSave
CoFreeUnusedLibraries
OleSaveToStream
OleRegGetMiscStatus
CoImpersonateClient
CreateGenericComposite
OleRegGetUserType
PropVariantCopy
CoGetObjectContext
CoGetCallContext
SetConvertStg
OleSetContainedObject
StringFromIID
GetHGlobalFromStream
CoCreateInstance
IIDFromString
OleCreateStaticFromData
CreateAntiMoniker
StgIsStorageILockBytes
CoTaskMemAlloc
CoInitialize

shlwapi

PathQuoteSpacesW
PathGetDriveNumberW
PathCompactPathW
StrCatW
StrCpyNW
StrCpyW
PathStripToRootW
StrCmpIW
SHRegGetValueW
UrlCreateFromPathW
SHAutoComplete
PathSetDlgItemPathW
SHRegSetUSValueW
StrCmpW
StrChrA
PathCompactPathExW
StrRetToBufW
wnsprintfW
PathRemoveArgsW
PathIsPrefixW
StrFormatKBSizeW
PathRemoveBackslashW
SHRegSetPathW
PathIsRelativeW
PathUnquoteSpacesW
PathCreateFromUrlW
AssocQueryStringW
SHCreateStreamOnFileW
PathUndecorateW

shell32

DragQueryFileA
SHPathPrepareForWriteW
DragFinish
DragAcceptFiles
SHFormatDrive
CommandLineToArgvW
ShellExecuteW
SHGetSpecialFolderPathA
SHParseDisplayName
SHAddToRecentDocs
SHGetSpecialFolderLocation
SHBrowseForFolderA
SHGetDesktopFolder

gdi32

CopyEnhMetaFileA
CreateDiscardableBitmap
GetDCOrgEx
CreateBitmap
GetNearestColor
UpdateColors
GetCurrentObject
EnumMetaFile
PaintRgn
GetTextAlign
SetColorAdjustment
CreateDCW
GetWindowOrgEx
PolyBezier
SetWindowOrgEx
SetDIBits
CreateFontW
CreateICW
GetPolyFillMode
CreateFontA
GetTextExtentPointA
CreateDIBSection
SetWindowExtEx
SetPixelV
EnumEnhMetaFile
GetWorldTransform
AbortPath
ResetDCA
GetStretchBltMode
GetObjectW
GetWinMetaFileBits
RoundRect
PlayEnhMetaFile
RemoveFontResourceW
GetGlyphOutlineA
CreatePolygonRgn
GetCharWidthW
GetFontResourceInfoW
GetOutlineTextMetricsA
UnrealizeObject
GetLayout
CreateCompatibleDC
CreateEllipticRgnIndirect
BitBlt
GetGraphicsMode
EnumFontFamiliesW
CreateScalableFontResourceA
GetBkMode
ExtEscape
GetRgnBox
CloseEnhMetaFile
CreatePatternBrush
CreateMetaFileW
Polygon
GetEnhMetaFileHeader
CreateEnhMetaFileA
IntersectClipRect
GetBitmapDimensionEx
SetBkMode
CreateBitmapIndirect
SetWorldTransform
AbortDoc
PtInRegion
CloseFigure
SetStretchBltMode
GetCharWidthA
SwapBuffers
GetDIBits
ExtTextOutW
SetMiterLimit
SetPixel
EnumFontFamiliesA
GetTextExtentPoint32A
GetSystemPaletteEntries
StrokeAndFillPath
GetFontData
SetROP2

Exports

Exports

DllInit
DllInstall

Sections

.text
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 952B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7f71f4e9b141d512111de7db49275929

Headers

File Characteristics

Imports

kernel32

ole32

shlwapi

shell32

gdi32

Exports

Exports

Sections

.text Size: 56KB - Virtual size: 55KB

.rdata Size: 12KB - Virtual size: 8KB

.data Size: 4KB - Virtual size: 952B

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 56KB - Virtual size: 55KB

.rdata
Size: 12KB - Virtual size: 8KB

.data
Size: 4KB - Virtual size: 952B

.reloc
Size: 4KB - Virtual size: 2KB