4405f6803bf05455a051f9efb57a48be_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

4405f6803bf05455a051f9efb57a48be_JaffaCakes118
Size

926KB
MD5

4405f6803bf05455a051f9efb57a48be
SHA1

7416bea4285ad613e48d9f547f6ff9197be2dfc7
SHA256

38384c0875f845a5322f9a9d2ad564d01eec019e2a95e1988535975453abdc47
SHA512

a96ff8a7734d428a625f0308f11516e3b31ce5322bb1df3d3d78a50e2c731f1a2dbb869953bcb460bc503abffc76e67a0fd705461399eda1d5b39ebbc8b0b775
SSDEEP

24576:FU9euu1SjK6THFfzzjbV1L5bAY8ZvVvn40+j1payhkco7EuC:FU9KQvbfLyVv40+j1oco7EuC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4405f6803bf05455a051f9efb57a48be_JaffaCakes118

Files

4405f6803bf05455a051f9efb57a48be_JaffaCakes118
.dll windows:5 windows x86 arch:x86

353bfc28b467ca22940c30fa4701c97d

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalFree
HeapFree
CompareStringA
GetLocaleInfoW
CreateNamedPipeA
GetDriveTypeA
GetLocaleInfoA
CreateThread
InitializeCriticalSectionAndSpinCount
MultiByteToWideChar
lstrcmpA
SetFilePointer
Sleep
TerminateProcess
HeapAlloc
RaiseException
GetCurrentDirectoryA
VirtualFree
HeapSize
LCMapStringA
IsValidCodePage
GetProcessHeap
GetFileSize
QueryPerformanceCounter
GetStartupInfoA
GetConsoleCP
GetACP
GetModuleHandleW
FindClose
GetCPInfo
GetModuleFileNameA
SetHandleCount
GetTimeZoneInformation
GetSystemTimeAsFileTime
WriteConsoleA
lstrlenA
WideCharToMultiByte
GetVersionExA
GetStringTypeW
ExitThread
TlsSetValue
DeleteFileA
SetStdHandle
LoadLibraryA
LCMapStringW
ResetEvent
GetProcAddress
InterlockedDecrement
GetVersion
HeapCreate
InterlockedIncrement
GetCommandLineA
TlsAlloc
GlobalUnlock
ExitProcess
GetModuleHandleA
GetFileAttributesA
GetOEMCP
lstrcpyA
CloseHandle
WriteFile
GetConsoleMode
EnumSystemLocalesA
LeaveCriticalSection
GlobalAlloc
CreateEventA
GetLastError
CompareStringW
UnhandledExceptionFilter
lstrcpynA
GetFileInformationByHandle
SetLastError
SetConsoleTitleA
SetEnvironmentVariableA
SetThreadPriority
GetTickCount
GlobalLock
TlsFree
ResumeThread
SetEndOfFile
ReadFile
Beep
CreateFileA
GetDiskFreeSpaceExA
FileTimeToSystemTime
GetFileType
GetEnvironmentStrings
InitializeCriticalSection
EnterCriticalSection
FlushFileBuffers
GetCurrentProcess
GetCurrentThread
IsDebuggerPresent
GetFullPathNameA
FreeEnvironmentStringsA
FindFirstFileA
GetEnvironmentStringsW
GetCurrentThreadId
SetConsoleCtrlHandler
SetUnhandledExceptionFilter
GetConsoleOutputCP
GetUserDefaultLCID
WaitForSingleObject
RtlUnwind
GetStdHandle
FileTimeToLocalFileTime
HeapReAlloc
TlsGetValue
IsValidLocale
PeekNamedPipe
GetCurrentProcessId
ConnectNamedPipe
WriteConsoleW
DeviceIoControl
DeleteCriticalSection
FreeEnvironmentStringsW
GetStringTypeA
VirtualAlloc

user32

CheckMenuItem
RegisterClassA
CallWindowProcA
SetCursorPos
GetDlgItemTextA
DialogBoxParamA
GetActiveWindow
MapDialogRect
wsprintfA
EnableMenuItem
SetFocus
ReleaseDC
PostMessageA
GetDlgItem
UpdateWindow
InvalidateRect
MessageBeep
SetClipboardData
GetClassInfoA
DrawTextA
GetClipboardData
SetRect
EndDialog
LoadMenuA
CloseClipboard
SetParent
OpenClipboard
SetWindowLongA
ScreenToClient
IsWindowEnabled
SendMessageA
GetWindowRect
PostQuitMessage
GetParent
KillTimer
GetSysColorBrush
TranslateMessage
IsWindowVisible
EndPaint
GetDlgItemInt
AdjustWindowRect
SetWindowTextA
GetCursorPos
SetCursor
GetWindowTextA
MessageBoxA
FindWindowA
SetTimer
LoadCursorA
ClientToScreen
EmptyClipboard
GetKeyState
RegisterClassExA
CreateWindowExA
BeginPaint
GetDesktopWindow
EnableWindow
GetSubMenu
SetWindowPos
AdjustWindowRectEx
GetForegroundWindow
ShowCursor
GetMessageA
GetDC
DispatchMessageA
GetMessageTime
GetWindowLongA
GetSystemMetrics
GetSysColor
ShowWindow
DestroyWindow
DefWindowProcA
GetClientRect
MoveWindow
GetFocus
LoadIconA

gdi32

GetTextFaceA
DPtoLP
PatBlt
StretchBlt
SetBkMode
StretchDIBits
DeleteObject
CreateBitmap
GetTextMetricsA
SetBitmapBits
SelectObject
CreateFontIndirectA
SetMapMode
SetBkColor
GetObjectA
CreateCompatibleBitmap
SetTextColor
DeleteDC
CreateCompatibleDC
GetStockObject
BitBlt
GetMapMode

comdlg32

GetOpenFileNameA
CommDlgExtendedError
GetSaveFileNameA
ChooseFontA

advapi32

RegCloseKey
RegOpenKeyExA
RegQueryValueExA

shell32

SHGetMalloc
SHGetPathFromIDListA
SHBrowseForFolderA

comctl32

ord16
ord17
ord4
ord6

winmm

waveOutWrite
midiOutOpen
midiOutLongMsg
midiOutClose
waveOutReset
waveOutClose
midiOutShortMsg
waveOutGetErrorTextA
waveOutUnprepareHeader
midiOutPrepareHeader
midiOutReset
waveOutOpen
midiOutUnprepareHeader
joyGetPos
waveOutPrepareHeader

wsock32

bind
WSACleanup
connect
closesocket
recv
WSAStartup
htons
socket
ntohs
gethostbyname
accept
htonl
select
setsockopt
listen
ntohl
send

secur32

DeleteSecurityContext

Sections

.text
Size: 119KB - Virtual size: 118KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.textes
Size: 233KB - Virtual size: 232KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 336KB - Virtual size: 335KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 217KB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.catow
Size: 10KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 2KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

353bfc28b467ca22940c30fa4701c97d

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

comctl32

winmm

wsock32

secur32

Sections

.text Size: 119KB - Virtual size: 118KB

.textes Size: 233KB - Virtual size: 232KB

.rdata Size: 336KB - Virtual size: 335KB

.data Size: 217KB - Virtual size: 2.0MB

.catow Size: 10KB - Virtual size: 10KB

.rsrc Size: 2KB - Virtual size: 1KB

.reloc Size: 7KB - Virtual size: 7KB

.text
Size: 119KB - Virtual size: 118KB

.textes
Size: 233KB - Virtual size: 232KB

.rdata
Size: 336KB - Virtual size: 335KB

.data
Size: 217KB - Virtual size: 2.0MB

.catow
Size: 10KB - Virtual size: 10KB

.rsrc
Size: 2KB - Virtual size: 1KB

.reloc
Size: 7KB - Virtual size: 7KB