17c6f2941fa0bca2496641897c407ecc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

17c6f2941fa0bca2496641897c407ecc_JaffaCakes118
Size

433KB
MD5

17c6f2941fa0bca2496641897c407ecc
SHA1

21d6f57405cb8ab9ffab74971fc3733dd0fe9b95
SHA256

7b3e58c87c2f42ed7cb1836b31a497180fefeed578187bf222e56080f160d22c
SHA512

18a7e384c17bb4cb09effe2080e4f11f311b1a3267914b1f143783829a2285ee0bead0d63f103e4ed7ff557f9954f9d9ab83e65f871e3b4303d72aee7686879b
SSDEEP

12288:Y+1K02lcsFxhyKI5y6QtM2CwU30iBtlEZdHl+h:YP0kvF1ImE3PtlEZF4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
17c6f2941fa0bca2496641897c407ecc_JaffaCakes118

Files

17c6f2941fa0bca2496641897c407ecc_JaffaCakes118
.dll windows:4 windows x86 arch:x86

d557fc4ec91442ffa3c3b023e438cf1e

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

advapi32

RegEnumKeyExA
RegOpenKeyExA
SystemFunction026
RegCloseKey

gdi32

CreateCompatibleDC
CreateDIBSection
CreateFontIndirectA
CreateFontIndirectW
DeleteDC
DeleteObject
ExtTextOutA
ExtTextOutW
GetAspectRatioFilterEx
GetCharacterPlacementA
GetCharacterPlacementW
GetDeviceCaps
GetFontLanguageInfo
GetGlyphOutlineA
GetTextMetricsW
IntersectClipRect
MoveToEx
SelectObject
SetBkColor
SetBkMode
SetICMMode
SetTextColor
StrokeAndFillPath
TranslateCharsetInfo

kernel32

CloseHandle
CreateFileA
CreateMutexA
CreateThread
DebugBreak
DisableThreadLibraryCalls
EnterCriticalSection
ExitProcess
FindResourceA
FindResourceW
FreeLibrary
GetCommandLineA
GetCurrentProcess
GetCurrentProcessId
GetCurrentThreadId
GetFileSize
GetFileSizeEx
GetFullPathNameW
GetLastError
GetModuleHandleA
GetProcAddress
GetProcessAffinityMask
GetProcessPriorityBoost
GetSystemTimeAsFileTime
GetTickCount
GetVersion
InterlockedDecrement
InterlockedExchange
InterlockedIncrement
IsProcessorFeaturePresent
LeaveCriticalSection
LoadLibraryA
LoadResource
MultiByteToWideChar
OutputDebugStringA
QueryPerformanceCounter
ReleaseMutex
RtlUnwind
SetUnhandledExceptionFilter
SizeofResource
TerminateProcess
UnhandledExceptionFilter
VirtualAlloc
WaitForMultipleObjects
WaitForSingleObject
WideCharToMultiByte
_lcreat

ole32

CreateStreamOnHGlobal

msvcrt

_lock
tolower
_CIacos
_CIasin
_CIatan2
_CIcos
_CIlog
_CIsin
_CIsqrt
_CxxThrowException
_Gettnames
__CxxFrameHandler
__dllonexit
__p__osver
_amsg_exit
_controlfp
_finite
_initterm
_isnan
_stricmp
_strncoll
_unlock
_vsnwprintf
_wtoi
floor
free
iswdigit
iswpunct
iswspace
malloc
memcpy
memmove
memset
qsort
sqrt
strxfrm

Exports

Exports

CreateDSObject
DeleteMarkerIndex
EnumAttributes
SetLoadResolution
SetProgress
SetSingleItemA
mpegInSleepFiles

Sections

.text
Size: 80KB - Virtual size: 79KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 206KB - Virtual size: 206KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 70KB - Virtual size: 71KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 70KB - Virtual size: 69KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d557fc4ec91442ffa3c3b023e438cf1e

Headers

File Characteristics

Imports

advapi32

gdi32

kernel32

ole32

msvcrt

Exports

Exports

Sections

.text Size: 80KB - Virtual size: 79KB

.rdata Size: 206KB - Virtual size: 206KB

.data Size: 70KB - Virtual size: 71KB

.rsrc Size: 70KB - Virtual size: 69KB

.reloc Size: 5KB - Virtual size: 5KB

.text
Size: 80KB - Virtual size: 79KB

.rdata
Size: 206KB - Virtual size: 206KB

.data
Size: 70KB - Virtual size: 71KB

.rsrc
Size: 70KB - Virtual size: 69KB

.reloc
Size: 5KB - Virtual size: 5KB