417ffb433f03a5a1a90c041e29358887_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

417ffb433f03a5a1a90c041e29358887_JaffaCakes118
Size

64KB
MD5

417ffb433f03a5a1a90c041e29358887
SHA1

5314769124ff33c547b790d2e665ae170ed3082d
SHA256

ecfc2614c23b2457ee049ba64ca23c09fe677f0cbeac55e19fc4f1311beedcbc
SHA512

19ef4d5308a2094ead516df69153bcbe1e8f26e58a11a55f633330fd3828b8a8b6620c3199dbfb8ec3912fe0cc3a7682c46c41d64eb3d9f5fcfc363b58323f82
SSDEEP

1536:a9I+CWVOZTYrQhYlRzU18k+nY28wQ52djbD4fmxsEXSE:a9IJQOZ8QEa18LY28jQSmWEC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
417ffb433f03a5a1a90c041e29358887_JaffaCakes118

Files

417ffb433f03a5a1a90c041e29358887_JaffaCakes118
.dll windows:5 windows x86 arch:x86

45d353e1f9f694c54e140eeb10fa9909

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

dmdlsdmo

_Stod
_Wcrtomb
_Mbrtowc
_Sinh
_Snan
_FCosh
_LNan
_LSnan
_LInf
_FExp
_FNan
_Getcvt
_FXbig
_FDenorm
_LXbig
_Dscale
_LSinh
_Stold
_FDnorm
_Denorm
_FEps
_LDenorm

kernel32

GetPrivateProfileStringA
GetModuleHandleA
TerminateProcess
WritePrivateProfileStructA
WriteFile
FindFirstFileA
VirtualAlloc
GetVersion
GetFileAttributesA
FindNextFileA
lstrcmpiA
GetCurrentProcessId
CloseHandle
UnmapViewOfFile
ReadFile
DeleteFileA
SetEndOfFile
GetFileSize
MapViewOfFile
GetCurrentThread
SetFilePointer
GlobalUnlock
lstrlenW
VirtualQuery
IsProcessorFeaturePresent
WritePrivateProfileStringA
GlobalLock
GetCurrentDirectoryA
lstrcpyA
WaitForMultipleObjects
CreateFileMappingA
GlobalAlloc
CreateFileA
GetProcAddress
SetThreadPriority
CreatePipe
LoadLibraryA
GetPrivateProfileStructA
FindClose
VirtualFree
IsBadReadPtr

user32

IsWindowEnabled
CreatePopupMenu
SetWindowTextA
SetWindowLongA
InvalidateRect
IsIconic
GetClassInfoA
CharLowerA
MessageBeep
CheckMenuRadioItem
DestroyCursor
FindWindowA
GetDlgItemTextA
GetWindowTextA
SetMenuItemInfoA
CharUpperA
wvsprintfA
SetClipboardData
GetWindowRect
KillTimer
DialogBoxParamA
MoveWindow
IsDlgButtonChecked
SetWindowPos
CallWindowProcA
GetActiveWindow
GetSysColorBrush
DestroyMenu

advapi32

RegCreateKeyExA
RegDeleteKeyA
OpenProcessToken

msvcrt

strstr
_except_handler3
gmtime
_timezone
sprintf
asctime

comctl32

InitCommonControlsEx
ImageList_Create
ImageList_ReplaceIcon
ImageList_Add

shell32

DragFinish
DragQueryFileA

comdlg32

GetSaveFileNameA

gdi32

DeleteObject
SelectObject
CreateFontIndirectA
GetDeviceCaps

Exports

Exports

CreateProcessNotify
caclad32

Sections

.text
Size: 54KB - Virtual size: 56KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 3KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 512B - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

45d353e1f9f694c54e140eeb10fa9909

Headers

File Characteristics

Imports

dmdlsdmo

kernel32

user32

advapi32

msvcrt

comctl32

shell32

comdlg32

gdi32

Exports

Exports

Sections

.text Size: 54KB - Virtual size: 56KB

.rdata Size: 3KB - Virtual size: 4KB

.data Size: 3KB - Virtual size: 4KB

.rsrc Size: 1KB - Virtual size: 4KB

.reloc Size: 512B - Virtual size: 4KB

.text
Size: 54KB - Virtual size: 56KB

.rdata
Size: 3KB - Virtual size: 4KB

.data
Size: 3KB - Virtual size: 4KB

.rsrc
Size: 1KB - Virtual size: 4KB

.reloc
Size: 512B - Virtual size: 4KB