444a80c0aea3815cc037933dddaf9148_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

444a80c0aea3815cc037933dddaf9148_JaffaCakes118
Size

139KB
MD5

444a80c0aea3815cc037933dddaf9148
SHA1

7e3a69ef9ea97b4801849c435fd262f195c51bf5
SHA256

953ab1b664df0e98677756068c99fae6f9cb9dec2101453fc1f3772079d64477
SHA512

df08da1dabaa1634cfb7bc459981c68fa0db084f575533296f89bb92e25a26facb88a53e2c9c851193df11d9da98315546971096cd93f7b548385db1f827448a
SSDEEP

3072:H29CSz995hIxhhFBqcq2Fh4s8OwuCYZRn0EY9bXieKtxXE:aH5KTBqe8OwTYZG+r

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
444a80c0aea3815cc037933dddaf9148_JaffaCakes118

Files

444a80c0aea3815cc037933dddaf9148_JaffaCakes118
.dll windows:5 windows x86 arch:x86

2193b0c8366353da861f3de104dac9fd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shell32

SHLoadInProc
SHGetSettings
SHBindToParent

gdi32

TextOutW
CreateBitmap
DeleteObject
ExtTextOutW
GetClipBox
GetDeviceCaps
GetObjectW
OffsetViewportOrgEx
PtVisible
RectVisible
RestoreDC
ScaleViewportExtEx
SelectObject
SetBkColor
SetMapMode
SetTextColor
SetViewportOrgEx
SetWindowExtEx

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

comctl32

ord17

user32

WinHelpW
UnregisterClassW
UnhookWindowsHookEx
TranslateMDISysAccel
TabbedTextOutW
ShowWindow
SetWindowsHookExW
SetWindowTextW
SetWindowLongW
SetProcessWindowStation
SetMenuItemBitmaps
SetForegroundWindow
SetFocus
SetCursorPos
SendMessageW
RemovePropW
ReleaseDC
RegisterClassW
PtInRect
PostQuitMessage
PostMessageW
PeekMessageW
OffsetRect
ModifyMenuW
MessageBoxW
MapWindowPoints
LoadStringW
LoadIconW
LoadCursorW
LoadBitmapW
IsIconic
HideCaret
GrayStringW
GetWindowRect
GetWindowPlacement
GetWindowLongW
GetWindow
GetTopWindow
GetSysColor
GetSubMenu
GetScrollBarInfo
GetParent
GetNextDlgTabItem
GetMessageTime
GetMenuState
GetMenuItemID
GetMenuCheckMarkDimensions
GetMenu
GetLastActivePopup
GetKeyState
GetForegroundWindow
GetDlgItem
GetDlgCtrlID
GetDialogBaseUnits
GetDesktopWindow
GetDC
GetCursorPos
GetClientRect
GetClassNameW
GetClassInfoW
GetCapture
EqualRect
EnumWindows
EnableWindow
EnableMenuItem
DrawTextW
DispatchMessageW
DefWindowProcW
DdeUninitialize
DdeAccessData
CreateWindowExW
CopyRect
CloseWindow
ClientToScreen
CheckMenuItem
CallWindowProcW
CallNextHookEx
BringWindowToTop
AnyPopup
AdjustWindowRectEx
SystemParametersInfoW

kernel32

FreeEnvironmentStringsW
lstrlenW
lstrcpynW
lstrcpyW
lstrcmpiW
FreeLibrary
FreeEnvironmentStringsA
lstrcmpW
lstrcatW
_lwrite
_hread
WriteFile
WideCharToMultiByte
VirtualProtect
VirtualFree
VirtualAlloc
UnhandledExceptionFilter
TlsSetValue
TlsGetValue
TlsFree
TlsAlloc
TerminateProcess
SetUnhandledExceptionFilter
SetThreadContext
SetMailslotInfo
SetLastError
SetHandleCount
SetErrorMode
RtlUnwind
ReleaseSemaphore
RegisterWaitForSingleObject
RaiseException
Process32NextW
Process32FirstW
OpenProcess
MultiByteToWideChar
LockFile
LocalReAlloc
LocalFree
LocalAlloc
LoadResource
LoadLibraryA
LeaveCriticalSection
LCMapStringW
LCMapStringA
IsBadWritePtr
IsBadReadPtr
IsBadHugeReadPtr
IsBadCodePtr
InterlockedIncrement
InitializeCriticalSection
HeapSize
HeapFree
GlobalUnlock
GlobalReAlloc
GlobalLock
GlobalHandle
GlobalFree
GlobalFlags
GlobalFindAtomW
GlobalDeleteAtom
GlobalAlloc
GlobalAddAtomW
GetVersionExA
GetVersion
GetUserDefaultUILanguage
GetSystemDefaultUILanguage
GetStringTypeW
GetStringTypeA
GetStdHandle
GetStartupInfoA
GetProcessWorkingSetSize
GetProcessVersion
GetProcAddress
GetOEMCP
GetModuleHandleW
GetModuleHandleA
GetModuleFileNameA
GetLastError
GetLargestConsoleWindowSize
GetFileType
GetFileAttributesW
FlushInstructionCache
GetEnvironmentStringsW
GetEnvironmentStringsA
GetCurrentThreadId
GetCurrentProcess
GetCommandLineA
GetCPInfo
CreateFileW
CreateToolhelp32Snapshot
DeleteCriticalSection
EnterCriticalSection
EraseTape
ExitProcess
GetACP

Exports

Exports

AttachDatabase
UpdateSubTexture
UpdateTextureState
WriteStreamToFile

Sections

.text
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 76KB - Virtual size: 75KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 5KB - Virtual size: 5KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2193b0c8366353da861f3de104dac9fd

Headers

DLL Characteristics

File Characteristics

Imports

shell32

gdi32

winspool.drv

comctl32

user32

kernel32

Exports

Exports

Sections

.text Size: 48KB - Virtual size: 48KB

.rdata Size: 76KB - Virtual size: 75KB

.data Size: 8KB - Virtual size: 8KB

.rsrc Size: 5KB - Virtual size: 5KB

.text
Size: 48KB - Virtual size: 48KB

.rdata
Size: 76KB - Virtual size: 75KB

.data
Size: 8KB - Virtual size: 8KB

.rsrc
Size: 5KB - Virtual size: 5KB