118a9ca24c4b63f701bc980cfecf58a2_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

118a9ca24c4b63f701bc980cfecf58a2_JaffaCakes118
Size

244KB
MD5

118a9ca24c4b63f701bc980cfecf58a2
SHA1

743749a0b707fb422b938b9df1454357b6ca29d1
SHA256

613fe23e184c88b3363b2498d62b75d78971f0d100a44b22358bb50a8936e0e7
SHA512

1ecd7c106d8084581df1231c57951e65b6b2edfe8ed9de7d7b4f76dbcd4bf6ca71162fc78996bd53b6c101a2f873c1c875384b5d87ce884d8dd336feffe2e1a8
SSDEEP

3072:cMNQ0UfMErc1TB53iZtmH/LsQdZEYwqSfdiltUP2aBKOG+tjzv1UJr9+3KlohG:cML/L1TBcZtmHzsQdGSSlWtUPhG+t95

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
118a9ca24c4b63f701bc980cfecf58a2_JaffaCakes118

Files

118a9ca24c4b63f701bc980cfecf58a2_JaffaCakes118
.dll windows:4 windows x86 arch:x86

e523a81836e8a2cc5fe01188eb702f7e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

gdi32

EnumFontFamiliesExW
EnumFontFamiliesW
Escape
ExtTextOutW
GetBkColor
GetDeviceCaps
GetObjectW
GetPaletteEntries
GetStockObject
GetTextColor
GetTextExtentPoint32W
DeleteObject
PtVisible
RectVisible
Rectangle
ScaleWindowExtEx
SelectObject
SetBkMode
SetDCBrushColor
SetPixel
SetTextColor
TextOutW
DPtoLP
CreateSolidBrush
CreatePen
CreateICW
CreateFontIndirectW
CreateDCW
CreateCompatibleDC
GetTextMetricsW
BitBlt

advapi32

RegQueryValueExW
RegQueryValueExA
RegOpenKeyExW
RegOpenKeyExA
RegDeleteKeyW
RegCreateKeyExW
RegCloseKey
RegSetValueExW

user32

IsWindowEnabled
OemToCharBuffA
ScreenToClient
IsChild
SetTimer
SetWindowLongW
SetWindowsHookExW
TranslateMessage
SetCursor
GrayStringW
CallNextHookEx
CharToOemA
ChildWindowFromPoint
CopyRect
CreatePopupMenu
EqualRect
GetClassNameW
GetClientRect
GetDlgItem
GetKeyState
GetSysColor
IntersectRect

msvcrt

_onexit
_ftol
_cexit
_adjust_fdiv
_vsnwprintf
__setusermatherr
__p__fmode
__p__commode
_XcptFilter
setlocale
_wcsdup
_wcsicmp
exit
__wgetmainargs
memmove
wcstod
wcslen
wcscoll
free
wcscmp
_initterm

comdlg32

ChooseFontW
GetOpenFileNameW
GetSaveFileNameW
CommDlgExtendedError

shlwapi

PathFindFileNameW

ole32

StringFromCLSID
StgCreateDocfileOnILockBytes
ReleaseStgMedium
ReadClassStg
OleUninitialize
OleRegGetUserType
OleInitialize
CreateILockBytesOnHGlobal
CoTaskMemFree
CLSIDFromString

kernel32

GlobalUnlock
CreateEventW
DeleteAtom
ExitProcess
FindResourceW
FreeLibrary
lstrlenW
WideCharToMultiByte
UnhandledExceptionFilter
TerminateProcess
SetUnhandledExceptionFilter
ResumeThread
ResetEvent
ReadFile
QueryPerformanceCounter
MulDiv
LoadLibraryW
HeapCreate
HeapAlloc
AddAtomW
GlobalSize
GlobalAddAtomW
GetVersionExA
GetTimeFormatW
GetStartupInfoW
GetProcAddress
GetModuleHandleW
GetModuleHandleA
GetLocaleInfoW
GetDateFormatW
GetCommandLineA
GetCurrentProcessId

shell32

DragFinish
DragQueryFileW
SHGetSettings
SHGetSpecialFolderPathW
ShellAboutW
ShellExecuteExW

Exports

Exports

BindTexture
D3D9UnmapVertexBuffer
EnumFileInItemRelease
EnumImageFormatAttributeReset
EnumTvValueReset
GetCDInfo
GetExposureComp
GetFile
GetFileHeader
GraphicsUnmapResources
IsoTrackSetBootOptions
Memset2D
SetAllParamValueToAtCapture
StreamDestroy

Sections

.text
Size: 160KB - Virtual size: 160KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 116KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

e523a81836e8a2cc5fe01188eb702f7e

Headers

File Characteristics

Imports

gdi32

advapi32

user32

msvcrt

comdlg32

shlwapi

ole32

kernel32

shell32

Exports

Exports

Sections

.text Size: 160KB - Virtual size: 160KB

.data Size: 72KB - Virtual size: 116KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 160KB - Virtual size: 160KB

.data
Size: 72KB - Virtual size: 116KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 4KB