3ca10015ae9d5fc8f1fd7825eea274a9_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3ca10015ae9d5fc8f1fd7825eea274a9_JaffaCakes118
Size

834KB
MD5

3ca10015ae9d5fc8f1fd7825eea274a9
SHA1

a60a3fbcff5e24e6a00f95d1266da62739c3777a
SHA256

dee95c7f71135c9f2744a7339714bacef8b5006ad607c9fd486067d048538164
SHA512

3124ff312a3d56c80e16e911942ae5c00648fb16ea0a567567022425a17a08c566c4fa9929f6ec9b7c3b94f892cf0d9931bfcd68a6fcda6b934a6e7af3f546f7
SSDEEP

24576:RHJIsEvT/b8CHrwKB7HMO9kupOgw97Da9XY/I6mBZ:RGsGb8CcKB7sOmupOv9vCXY/bmP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3ca10015ae9d5fc8f1fd7825eea274a9_JaffaCakes118

Files

3ca10015ae9d5fc8f1fd7825eea274a9_JaffaCakes118
.dll windows:5 windows x86 arch:x86

5027b04d806ea18a4b8f674e550d56a7

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
VirtualProtect
lstrcatA
GetTickCount
ExitProcess
GetProcAddress
GetStartupInfoA
GetLastError
GlobalFree
GetModuleFileNameA
SetLastError
TerminateProcess
GetFullPathNameA
lstrlenA
GlobalAlloc
lstrcpyA
lstrcpynA
CloseHandle
AreFileApisANSI
MultiByteToWideChar
GetFileAttributesA
GlobalLock
LocalFree
CreateMutexA
LoadLibraryA
CreateProcessA
OutputDebugStringA
FreeLibrary
InterlockedDecrement
GetModuleHandleA
GetVersion
WideCharToMultiByte
lstrlenW
GlobalUnlock

user32

ReleaseCapture
GetParent
DestroyIcon
LoadMenuA
GetDlgCtrlID
DrawIconEx
SetWindowRgn
SendMessageA
GetLastActivePopup
LoadBitmapA
GetMenuItemInfoA
FillRect
EnableWindow
IsWindowVisible
GetDC
LoadIconA
DrawTextA
LoadImageA
PtInRect
GetMenuItemCount
SetWindowTextA
GetClientRect
PostMessageA
GetWindowDC
GetWindowTextA
SystemParametersInfoA
CopyRect
OffsetRect
SetRect
SetMenuItemInfoA
GetWindowRect
GrayStringA
DefWindowProcA
SetForegroundWindow
SetCapture
InvalidateRect
FindWindowA
IsWindow
EnumChildWindows
ReleaseDC
IsIconic
DeleteMenu
IsZoomed
UpdateWindow
LoadCursorA
ClientToScreen
GetSysColor
TabbedTextOutA
GetSystemMenu
GetSystemMetrics
GetSubMenu
TrackPopupMenu

gdi32

GetPaletteEntries
CreateCompatibleDC
CombineRgn
SetPixel
CreateFontIndirectA
DPtoLP
PtVisible
GetObjectA
SetBkMode
DeleteObject
GetBkColor
Polyline
ExtTextOutA
GetTextColor
CreateHalftonePalette
CreatePen
CreatePalette
SetWindowOrgEx
SelectPalette
RectVisible
PatBlt
GetDeviceCaps
SetRectRgn
CreateCompatibleBitmap
SetTextColor
StretchBlt
BitBlt
Escape
PtInRegion
DeleteDC
CreatePolygonRgn
LPtoDP
TextOutA
RealizePalette
GetMapMode
GetStockObject
GetCurrentObject
CreateSolidBrush
CreateRectRgn
SelectObject

advapi32

RegCloseKey
RegQueryValueExA
RegOpenKeyExA

shell32

ShellExecuteA
SHGetMalloc
SHGetPathFromIDListA
SHGetDesktopFolder

ole32

CoTaskMemFree
CLSIDFromProgID
StringFromCLSID
CoUninitialize
CoCreateInstance
CoInitialize

oleaut32

SysAllocString
VariantClear
SysFreeString
SysAllocStringLen

comctl32

InitCommonControlsEx
_TrackMouseEvent

shlwapi

PathFindFileNameA

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

wtsapi32

WTSVirtualChannelClose

msvcrt

_cexit
_strdup
_initterm
_onexit
?terminate@@YAXXZ
__dllonexit
_CxxThrowException
_acmdln
_splitpath
__CxxFrameHandler
__p__fmode
__set_app_type
_controlfp
_mbsicmp
__p__commode
_exit
__setusermatherr
_XcptFilter
free
__getmainargs
_except_handler3
_setmbcp
??1type_info@@UAE@XZ
_vsnprintf
_mbscmp
_adjust_fdiv
exit
fopen
fread
fclose
_c_exit

Sections

.text
Size: 474KB - Virtual size: 474KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.hk
Size: 53KB - Virtual size: 53KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.zt
Size: - Virtual size: 193KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 872B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zx
Size: 245KB - Virtual size: 244KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zz
Size: 49KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5027b04d806ea18a4b8f674e550d56a7

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

comctl32

shlwapi

version

wtsapi32

msvcrt

Sections

.text Size: 474KB - Virtual size: 474KB

.hk Size: 53KB - Virtual size: 53KB

.zt Size: - Virtual size: 193KB

.rdata Size: 5KB - Virtual size: 4KB

.data Size: 512B - Virtual size: 872B

.zx Size: 245KB - Virtual size: 244KB

.zz Size: 49KB - Virtual size: 48KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 474KB - Virtual size: 474KB

.hk
Size: 53KB - Virtual size: 53KB

.zt
Size: - Virtual size: 193KB

.rdata
Size: 5KB - Virtual size: 4KB

.data
Size: 512B - Virtual size: 872B

.zx
Size: 245KB - Virtual size: 244KB

.zz
Size: 49KB - Virtual size: 48KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 4KB - Virtual size: 3KB