2de0a868ed585e9f5c84594d6d91f9d6_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2de0a868ed585e9f5c84594d6d91f9d6_JaffaCakes118
Size

248KB
MD5

2de0a868ed585e9f5c84594d6d91f9d6
SHA1

4aca11e90bf9f6115371b21ab19124d57654820b
SHA256

75a899bc5792e1ca4750f40c2b8ffbf07aa228e82eaa1ab3098b27abdbfc8bfc
SHA512

06cd210f6f8ae3873d43ea2616feb5165afd2cbb2263e4ced508cb799d65690ad8be2ecc1b7c947b208376a84d7089739a78afec4a7ca1938f4fde750504537f
SSDEEP

6144:O8jdGQY/MBxAtW3PgEy3TjCWG45EJb4a+zrgWraTR3:OKdGD/sWkfry3CWJabUgW2TR

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2de0a868ed585e9f5c84594d6d91f9d6_JaffaCakes118

Files

2de0a868ed585e9f5c84594d6d91f9d6_JaffaCakes118
.dll windows:4 windows x86 arch:x86

bd7ef5a4f5467946bf85719bd0d3e526

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

comdlg32

GetSaveFileNameW
GetOpenFileNameW
CommDlgExtendedError
ChooseFontW

advapi32

RegDeleteKeyW
RegSetValueExW
RegQueryValueExW
RegQueryValueExA
RegOpenKeyExW
RegCloseKey
RegCreateKeyExW
RegOpenKeyExA

shlwapi

PathFindFileNameW

user32

TranslateMessage
SetWindowWord
SetTimer
SetRectEmpty
ValidateRgn
SetCursor
SendMessageW
SendDlgItemMessageW
RemoveMenu
SetPropA
GetDesktopWindow
GetCursorPos
FillRect
EnumWindows
EnumPropsA
EnumChildWindows
DialogBoxParamW
DeleteMenu
DdeInitializeW
CountClipboardFormats
CharToOemBuffA
KillTimer

kernel32

ExitProcess
FindResourceW
FormatMessageW
FreeLibrary
GetCommandLineA
GetConsoleAliasesA
GetConsoleFontSize
GetConsoleOutputCP
GetCurrentThreadId
GetLastError
GetModuleHandleA
GetModuleHandleW
GetPrivateProfileSectionA
GetStartupInfoW
GetSystemTimeAsFileTime
GetTickCount
GetTimeFormatW
GetVersionExA
GlobalDeleteAtom
GlobalFree
GlobalLock
GlobalSize
HeapAlloc
HeapCreate
RegisterWaitForSingleObjectEx
ResumeThread
SetEvent
SetStdHandle
SetThreadPriority
lstrcmpA
Beep
EnumDateFormatsW

msvcrt

wcstod
wcslen
wcscoll
wcscmp
memmove
iswspace
free
exit
_wcsicmp
_wcsdup
_wcmdln
_purecall
_onexit
_ftol
_exit
__dllonexit
__CxxFrameHandler
__setusermatherr
__wgetmainargs
_adjust_fdiv
_controlfp
_except_handler3

gdi32

GdiStartDocEMF
GetBkColor
GetCurrentObject
GetNearestColor
GdiResetDCEMF
Escape
EnumFontFamiliesW
EnumFontFamiliesExW
DescribePixelFormat
DPtoLP
CreatePen
CreateICW
CreateFontIndirectW
CreateDCW
CreateCompatibleDC
CreateBitmapIndirect
GetObjectW
GetPaletteEntries
GetTextMetricsW
GetWinMetaFileBits
PtVisible
Rectangle
ScaleWindowExtEx
SelectFontLocal
SelectObject
SetBkMode
SetDCBrushColor
SetICMMode
SetPixel
SetTextColor
TextOutW

ole32

ReleaseStgMedium
StgCreateDocfileOnILockBytes
StringFromCLSID
ReadClassStg
OleUninitialize
OleRegGetUserType
OleInitialize
CreateILockBytesOnHGlobal
CLSIDFromString
CoTaskMemFree

shell32

ShellAboutW
SHGetSpecialFolderPathW
SHGetSettings
DragQueryFileW
DragFinish
ShellExecuteExW

Exports

Exports

D3D10ResourceSetMapFlags
EnumDevicePropertyNext
EnumMCCustomCapReset
GetErrorLog
GetFunctions_i
GraphicsUnregisterResource
SetDoubleForDevice
ThreadExit
UnFocusRAWObject

Sections

.text
Size: 164KB - Virtual size: 164KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 72KB - Virtual size: 112KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

bd7ef5a4f5467946bf85719bd0d3e526

Headers

File Characteristics

Imports

comdlg32

advapi32

shlwapi

user32

kernel32

msvcrt

gdi32

ole32

shell32

Exports

Exports

Sections

.text Size: 164KB - Virtual size: 164KB

.data Size: 72KB - Virtual size: 112KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 164KB - Virtual size: 164KB

.data
Size: 72KB - Virtual size: 112KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 4KB