2634373c4a5971967be179fd15cfd1ad_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2634373c4a5971967be179fd15cfd1ad_JaffaCakes118
Size

196KB
MD5

2634373c4a5971967be179fd15cfd1ad
SHA1

ad195d20f2d98b55594e5b4cbbfe2869879fbb95
SHA256

afe1e3dc6887222dc0669e093436787805562e15162835e76095f07834843e22
SHA512

5aba3549bcb789047ab80449c1ae660db87b10fd58c9f6ac06af8446f9aea48738989a05f6b88861cd88e38f92112bdd84c79e63549a60f91d89dc70071ff0ae
SSDEEP

6144:xK2JNQQ714ClRkj2h0wCRoBP4wdM0x6/XR8:xb928Rph0zoB1dMW6

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2634373c4a5971967be179fd15cfd1ad_JaffaCakes118

Files

2634373c4a5971967be179fd15cfd1ad_JaffaCakes118
.dll windows:5 windows x86 arch:x86

6d79abc773cafe2a931aed55f23ffde0

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalGetAtomNameA
GlobalMemoryStatusEx
Heap32ListFirst
HeapLock
HeapSize
InterlockedExchangeAdd
IsDBCSLeadByteEx
IsValidCodePage
LocalFileTimeToFileTime
LocalFree
LocalShrink
MapViewOfFile
MapViewOfFileEx
Module32First
MoveFileW
MoveFileWithProgressA
OpenFile
OpenSemaphoreW
PeekNamedPipe
PostQueuedCompletionStatus
PulseEvent
PurgeComm
RaiseException
GetTickCount
ResetEvent
SetCalendarInfoW
SetConsoleCursor
SetConsoleDisplayMode
SetCurrentDirectoryA
SetEnvironmentVariableA
SetEvent
SetFileApisToOEM
SetFileAttributesA
SetMailslotInfo
SetMessageWaitingIndicator
SetProcessAffinityMask
SetProcessShutdownParameters
SetThreadLocale
SetVolumeMountPointA
UnmapViewOfFile
VerifyVersionInfoW
VirtualProtect
VirtualProtectEx
WaitCommEvent
WaitNamedPipeA
lstrcpy
GetThreadTimes
GetThreadPriorityBoost
GetTapePosition
GetProfileStringW
GetProcessWorkingSetSize
GetProcAddress
GetPrivateProfileStructA
GetPrivateProfileStringW
GetPrivateProfileStringA
GetPrivateProfileIntA
GetLongPathNameW
GetLogicalDriveStringsW
GetLargestConsoleWindowSize
GetHandleInformation
GetFileInformationByHandle
GetExitCodeProcess
GetEnvironmentVariableW
GetCurrentProcessId
GetConsoleCP
GetConsoleAliasExesW
VirtualAlloc
GetConsoleAliasExesLengthA
GetConsoleAliasA
GetCompressedFileSizeW
GetCPInfoExW
GetAtomNameA
FlushFileBuffers
FindResourceExW
FindNextVolumeW
FindNextFileW
FindFirstVolumeMountPointA
FindAtomA
FileTimeToSystemTime
FatalExit
EnumSystemLocalesW
EnumSystemLanguageGroupsA
EnumResourceNamesA
EnumDateFormatsExW
EnumDateFormatsA
EnterCriticalSection
DuplicateHandle
CreateWaitableTimerW
CreateRemoteThread
CreateProcessW
CreateMailslotA
CreateHardLinkW
CommConfigDialogW
ChangeTimerQueueTimer
BuildCommDCBA
BeginUpdateResourceA
BackupSeek
AddConsoleAliasA
GetWindowsDirectoryA
lstrlenA
lstrcpyA
CreateFileA
ExitProcess
ReadConsoleW

advapi32

RegOpenKeyExW

ole32

OleFlushClipboard
OleInitializeWOW
OleIsRunning
OleLoadFromStream
OleLockRunning
OleRegGetUserType
OleSetClipboard
OleSetContainedObject
OleTranslateAccelerator
PropVariantCopy
ReadClassStm
ReadOleStg
RegisterDragDrop
SNB_UserUnmarshal
STGMEDIUM_UserFree
SetConvertStg
SetDocumentBitStg
StgCreatePropSetStg
StgCreateStorageEx
StgGetIFillLockBytesOnFile
StgOpenStorage
StgOpenStorageOnILockBytes
StringFromCLSID
StringFromGUID2
StringFromIID
UtConvertDvtd16toDvtd32
UtConvertDvtd32toDvtd16
UtGetDvtd16Info
WdtpInterfacePointer_UserMarshal
WriteOleStg
OleDestroyMenuDescriptor
OleCreateLinkToFile
OleCreateFromData
OleCreateEmbeddingHelper
OleConvertOLESTREAMToIStorage
OleConvertIStorageToOLESTREAM
MonikerCommonPrefixWith
HkOleRegisterObject
HWND_UserSize
HWND_UserMarshal
HPALETTE_UserUnmarshal
HMETAFILE_UserSize
HMENU_UserFree
HGLOBAL_UserSize
HGLOBAL_UserFree
HENHMETAFILE_UserSize
HDC_UserFree
HBITMAP_UserMarshal
HBITMAP_UserFree
HACCEL_UserSize
HACCEL_UserMarshal
GetHGlobalFromStream
CreateStdProgressIndicator
CreatePointerMoniker
CreateOleAdviseHolder
CreateDataAdviseHolder
CreateAntiMoniker
CoUnmarshalInterface
CoUninitialize
CoTreatAsClass
CoTestCancel
CoSetCancelObject
CoRevokeClassObject
CoRegisterSurrogateEx
CoRegisterSurrogate
CoQueryClientBlanket
CoQueryAuthenticationServices
CoMarshalHresult
CoLockObjectExternal
CoInstall
CoInitialize
CoGetTreatAsClass
CoGetObject
CoGetMalloc
CoGetInstanceFromFile
CoGetCallerTID
CoEnableCallCancellation
CoCreateObjectInContext
CoCreateFreeThreadedMarshaler
CoBuildVersion
CoAllowSetForegroundWindow
CoAddRefServerProcess
CLSIDFromString
CLIPFORMAT_UserMarshal
BindMoniker
CoMarshalInterThreadInterfaceInStream

comctl32

CreatePropertySheetPageW
CreateStatusWindow
ord7
ord16
DestroyPropertySheetPage
ord15
DrawStatusText
DrawStatusTextW
FlatSB_EnableScrollBar
FlatSB_GetScrollInfo
FlatSB_GetScrollProp
FlatSB_SetScrollInfo
FlatSB_SetScrollPos
FlatSB_SetScrollProp
FlatSB_ShowScrollBar
ord4
ImageList_Add
ImageList_AddMasked
ImageList_BeginDrag
ImageList_Copy
ImageList_Create
ImageList_Destroy
ImageList_DragEnter
ImageList_DragLeave
ImageList_DragMove
ImageList_DragShowNolock
CreatePropertySheetPage
ImageList_DrawEx
ImageList_DrawIndirect
ImageList_Duplicate
ImageList_GetBkColor
ImageList_GetIcon
ImageList_GetIconSize
ImageList_GetImageCount
ImageList_GetImageRect
ImageList_LoadImageA
ImageList_LoadImageW
ImageList_Merge
ImageList_Replace
ImageList_ReplaceIcon
ImageList_SetBkColor
ImageList_SetFilter
ImageList_SetImageCount
ImageList_Write
ord17
InitCommonControlsEx
InitMUILanguage
ord13
PropertySheet
PropertySheetA
PropertySheetW
UninitializeFlatSB
_TrackMouseEvent
ImageList_Draw
ord8

Sections

.text
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.text7
Size: 181KB - Virtual size: 181KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 124B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.tex5t2
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6d79abc773cafe2a931aed55f23ffde0

Headers

File Characteristics

Imports

kernel32

advapi32

ole32

comctl32

Sections

.text Size: 9KB - Virtual size: 8KB

.text7 Size: 181KB - Virtual size: 181KB

.data Size: 512B - Virtual size: 124B

.tex5t2 Size: 1KB - Virtual size: 1KB

.rsrc Size: 2KB - Virtual size: 2KB

.reloc Size: 2KB - Virtual size: 1KB

.text
Size: 9KB - Virtual size: 8KB

.text7
Size: 181KB - Virtual size: 181KB

.data
Size: 512B - Virtual size: 124B

.tex5t2
Size: 1KB - Virtual size: 1KB

.rsrc
Size: 2KB - Virtual size: 2KB

.reloc
Size: 2KB - Virtual size: 1KB