3816745c4df7c7fd9794d6a363e02fcc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3816745c4df7c7fd9794d6a363e02fcc_JaffaCakes118
Size

204KB
MD5

3816745c4df7c7fd9794d6a363e02fcc
SHA1

df78aba13e5519223f3fb318696683f70120b5dc
SHA256

1190250340169bff513e38c7652346e4d275c6bc8f7df49f105ec85bc1c5566e
SHA512

2e19c1274f7268b89c655e0823a7f5f58a73e85df3aa1eba097671b5695a83b6feccdf496838e009650ca7350bda73fdeb8d8630638edca70a7d46104b402a28
SSDEEP

3072:LX5CdTEwlLBVRbM8wTYK77g0qRVtdWeQX/vbvcFf9X2c1s:gTEwlLBA8wTYW70VzyX/vQFd

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3816745c4df7c7fd9794d6a363e02fcc_JaffaCakes118

Files

3816745c4df7c7fd9794d6a363e02fcc_JaffaCakes118
.dll windows:5 windows x86 arch:x86

1ff55cb2d83d60bb70cf102fa0e139be

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CloseHandle
lstrcatW
GetWindowsDirectoryW
VirtualAllocEx
CreateFileW

user32

DefWindowProcA
PostQuitMessage
EndPaint
BeginPaint
LoadIconA

gdi32

DPtoLP
DeleteColorSpace
DeviceCapabilitiesExW
EnableEUDC
EndDoc
EngAcquireSemaphore
EngCheckAbort
EngCreateClip
EngCreateDeviceBitmap
EngCreateDeviceSurface
EngCreatePalette
EngDeletePath
EngFindResource
EngGetDriverName
EngGradientFill
EngQueryLocalTime
EngReleaseSemaphore
EngTextOut
EnumEnhMetaFile
EudcLoadLinkW
FONTOBJ_cGetGlyphs
FONTOBJ_pxoGetXform
FrameRgn
GdiComment
GdiConvertEnhMetaFile
GdiConvertMetaFilePict
GdiCreateLocalEnhMetaFile
GdiEntry11
GdiEntry2
GdiGetBatchLimit
GdiGetPageHandle
GdiInitializeLanguagePack
GdiPlayDCScript
GdiPlayJournal
CreatePolygonRgn
GdiSetServerAttr
GdiSwapBuffers
GetBoundsRect
GetCharWidthA
GetColorAdjustment
GetEnhMetaFileDescriptionA
GetEnhMetaFileDescriptionW
GetEnhMetaFilePaletteEntries
GetFontData
GetFontLanguageInfo
GetFontUnicodeRanges
GetMapMode
GetMiterLimit
GetObjectA
GetPolyFillMode
GetROP2
GetStretchBltMode
HT_Get8BPPFormatPalette
InvertRgn
LPtoDP
LineTo
OffsetRgn
PATHOBJ_vEnumStart
PlayEnhMetaFileRecord
PolyBezier
PolyDraw
PolyPolyline
PolyTextOutW
PtVisible
RemoveFontResourceExW
ScaleViewportExtEx
SelectClipRgn
SetBrushOrgEx
SetEnhMetaFileBits
SetFontEnumeration
SetMapperFlags
SetPixelFormat
SetPixelV
SetPolyFillMode
SetSystemPaletteUse
SetTextAlign
SetTextCharacterExtra
SetViewportOrgEx
XLATEOBJ_cGetPalette
CreatePolyPolygonRgn
CreateICW
CreateFontIndirectExA
CreateDiscardableBitmap
CreateDIBitmap
CreateDCW
CreateCompatibleDC
CopyMetaFileW
CopyEnhMetaFileW
CloseEnhMetaFile
CLIPOBJ_ppoGetPath
AnimatePalette
GdiSetBatchLimit

comdlg32

ReplaceTextW
ReplaceTextA
PrintDlgW
PrintDlgExW
PrintDlgExA
PrintDlgA
PageSetupDlgW
PageSetupDlgA
GetSaveFileNameA
GetOpenFileNameW
GetOpenFileNameA
GetFileTitleW
GetFileTitleA
FindTextW
FindTextA
CommDlgExtendedError
ChooseFontW
ChooseFontA
ChooseColorW
ChooseColorA
GetSaveFileNameW

advapi32

RegOpenKeyExW
RegOpenKeyW

ole32

WriteFmtUserTypeStg
UtConvertDvtd32toDvtd16
StringFromIID
StringFromCLSID
StgSetTimes
StgPropertyLengthAsVariant
StgOpenAsyncDocfileOnIFillLockBytes
StgGetIFillLockBytesOnILockBytes
StgCreatePropStg
SetDocumentBitStg
STGMEDIUM_UserUnmarshal
STGMEDIUM_UserFree
SNB_UserSize
PropVariantClear
PropStgNameToFmtId
OleTranslateAccelerator
OleSetClipboard
OleSetAutoConvert
OleSaveToStream
OleSave
OleRun
OleRegGetUserType
OleRegEnumVerbs
OleQueryCreateFromData
OleIsCurrentClipboard
OleInitializeWOW
OleCreateMenuDescriptor
OleCreateLinkToFileEx
OleCreateLinkToFile
OleCreateLinkEx
OleCreateFromFile
OleCreateFromDataEx
OleCreateEmbeddingHelper
OleCreateDefaultHandler
OleCreate
OleConvertOLESTREAMToIStorageEx
HWND_UserMarshal
HWND_UserFree
HPALETTE_UserUnmarshal
HPALETTE_UserMarshal
HMETAFILE_UserMarshal
HMETAFILEPICT_UserUnmarshal
HMETAFILEPICT_UserMarshal
HMETAFILEPICT_UserFree
HMENU_UserMarshal
HMENU_UserFree
HICON_UserMarshal
HGLOBAL_UserSize
HGLOBAL_UserMarshal
HENHMETAFILE_UserSize
HDC_UserUnmarshal
HDC_UserSize
GetRunningObjectTable
GetHookInterface
FreePropVariantArray
EnableHookObject
DoDragDrop
CreateOleAdviseHolder
CreateObjrefMoniker
CreateItemMoniker
CreateDataCache
CreateAntiMoniker
CoSwitchCallContext
CoSuspendClassObjects
CoSetProxyBlanket
CoSetCancelObject
CoRevokeClassObject
CoResumeClassObjects
CoRegisterSurrogate
CoRegisterPSClsid
CoRegisterMallocSpy
CoReactivateObject
CoIsOle1Class
CoInitialize
CoGetInterfaceAndReleaseStream
CoGetClassVersion
CoGetCallerTID
CoFreeLibrary
CoFreeAllLibraries
CoDisconnectObject
CoCreateInstanceEx
CoCreateGuid
CoCreateFreeThreadedMarshaler
CoCopyProxy
CoBuildVersion
CLSIDFromString
CreateGenericComposite

msvcrt

wprintf
tmpfile
time
tanh
swscanf
strtoul
strchr
sscanf
signal
setlocale
rand
printf
labs
iswxdigit
iswprint
isleadbyte
gmtime
getenv
getc
freopen
fputws
fputs
fgetwc
ferror
ctime
atof
atexit
acos
_yn
_wtoi64
_wtmpnam
_wtempnam
_wsystem
_wstrtime
_wstati64
_wpgmptr
_wperror
_wmktemp
_wgetdcwd
_wfreopen
_wfdopen
_wenviron
_wcsncoll
_wcsdup
_wcmdln
_waccess
_unlock
_timezone
_tell
_sys_errlist
_strtime
_strdup
_stat
_spawnlp
_spawnl
_onexit
_mbsspnp
_mbsninc
_mbsnicmp
_mbsnbcmp
_ltow
_itoa
_ismbcalnum
_ismbbpunct
_ismbbgraph
_initterm
_gmtime64
_ftime64
_fsopen
_findnexti64
_findfirsti64
_findfirst
_filbuf
_fdopen
_execl
_environ
_clearfp
_cexit
_beginthreadex
_atoi64
_adj_fdivr_m32i
_adj_fdivr_m32
__unDNameEx
__p__pctype
__p__dstbias
__p__amblksiz
__p___argc
_CIatan
_EH_prolog
_Getdays
_XcptFilter
__RTDynamicCast
__RTtypeid
__argv

Sections

.text
Size: 187KB - Virtual size: 187KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 720B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1ff55cb2d83d60bb70cf102fa0e139be

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

ole32

msvcrt

Sections

.text Size: 187KB - Virtual size: 187KB

.rdata Size: 8KB - Virtual size: 7KB

.data Size: 1024B - Virtual size: 720B

.rsrc Size: 4KB - Virtual size: 3KB

.reloc Size: 2KB - Virtual size: 2KB

.text
Size: 187KB - Virtual size: 187KB

.rdata
Size: 8KB - Virtual size: 7KB

.data
Size: 1024B - Virtual size: 720B

.rsrc
Size: 4KB - Virtual size: 3KB

.reloc
Size: 2KB - Virtual size: 2KB