4518012c560018c8c0e4aab3d8ac4fe0_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

4518012c560018c8c0e4aab3d8ac4fe0_JaffaCakes118
Size

172KB
MD5

4518012c560018c8c0e4aab3d8ac4fe0
SHA1

1723e4884af2c811aed67ad3d278d16b6d503e1f
SHA256

5e81d0c5adc96c14998529f0b0172c585d7ba26bd640aa08e864e39fbd0e3728
SHA512

71857c6578f00f1552571c9750993fb1fdbab0d22c0236ff7d745e0aaf9a27faace336c24ac1d7f8e06c10f55aab42d73c3ca3bdf32f53560aa4f1589cc5f840
SSDEEP

3072:Vhu1Jf5RY6l0YWweUf7OAVIJ0Ub5YHc/9n:/u1JRR7lOwe2yAVIJ0UAc

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
4518012c560018c8c0e4aab3d8ac4fe0_JaffaCakes118

Files

4518012c560018c8c0e4aab3d8ac4fe0_JaffaCakes118
.dll windows:4 windows x86 arch:x86

9f7d098fa335b53de5ce0a03b17cc5bc

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcrt

fread
malloc
realloc
wcscmp
atof
fprintf
rand
wcstoul
sprintf
wcspbrk
_adjust_fdiv
_initterm
memset
free
wcscpy
wcscat
exit
fclose
wcsncmp

msvfw32

DrawDibDraw
DrawDibOpen

advapi32

RegQueryValueExW
RegCloseKey
RegSetValueW
RegEnumValueW
RegCreateKeyW
RegSetValueExW
RegOpenKeyExW
RegOpenKeyW
RegQueryInfoKeyW
RegEnumKeyExW
RegCreateKeyExW
RegDeleteKeyW
RegQueryValueW

ole32

StgCreateDocfile
CoCreateInstance
OleLoadFromStream
CreateBindCtx
CLSIDFromString
CoTaskMemFree

kernel32

DisableThreadLibraryCalls
GlobalAlloc
UnhandledExceptionFilter
MulDiv
CreateThread
GetCurrentProcessId
GetProcessHeap
GetSystemTimeAsFileTime
HeapAlloc
IsBadReadPtr
GlobalUnlock
LoadLibraryW
lstrcmpW
TerminateProcess
lstrcpynA
SetEvent
GlobalFree
GetFileTime
SetThreadPriority
GetFullPathNameW
GetLastError
AddVectoredExceptionHandler
RemoveVectoredExceptionHandler
InterlockedExchange
SetUnhandledExceptionFilter
IsBadCodePtr
GetModuleFileNameW
LeaveCriticalSection
ResetEvent
WriteFile
GetModuleFileNameA
ReleaseSemaphore
SizeofResource
CreateMutexW
EnterCriticalSection
RaiseException
GetThreadPriority
InterlockedIncrement
GlobalLock
CompareStringW
VirtualAlloc
DeleteCriticalSection
GetFileSize
SetLastError
lstrcpynW
GetProcAddress
ReadFile
lstrcatW
LoadLibraryA
GetSystemDirectoryW
GetModuleHandleW
SetFilePointer
CreateSemaphoreW
VirtualFree
LoadResource
QueryPerformanceCounter
CloseHandle
IsBadWritePtr
FreeLibrary
LockResource
GetCurrentThreadId
DeleteFileW
GetSystemInfo
GetFileType
GetCurrentDirectoryW
GetCurrentProcess
FlushInstructionCache
GetVersionExW
ReleaseMutex
CreateFileW
WaitForMultipleObjects
LocalAlloc
CreateEventW
HeapDestroy
MultiByteToWideChar
HeapFree
LoadLibraryExW
lstrcmpiW

user32

SetWindowPos
GetWindowTextW
GetParent
RegisterWindowMessageW
WinHelpW
IsWindow
DispatchMessageW
DefWindowProcW
SetWindowLongW
DestroyWindow
MoveWindow
PeekMessageW
CreateDialogParamW
wvsprintfW
ReleaseDC
GetWindowRect
EndDialog
GetWindowTextLengthW
GetDlgItem
CharPrevW
MsgWaitForMultipleObjects
SetDlgItemInt
GetDC
IsDialogMessageW
MessageBoxW
GetDlgItemTextA
wsprintfW
GetDesktopWindow
IsDlgButtonChecked

gdi32

CreateCompatibleDC
DeleteObject
SetStretchBltMode
DeleteDC
StretchBlt
GetDeviceCaps
CreateFontIndirectW
GetTextMetricsW
CreateDIBSection
GetObjectW

Exports

Exports

UApEbwhifSrCHzoG
XCJVLAjrzensat
wADdEveJ

Sections

.text
Size: 16KB - Virtual size: 13KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 8KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 100KB - Virtual size: 192KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 40KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9f7d098fa335b53de5ce0a03b17cc5bc

Headers

File Characteristics

Imports

msvcrt

msvfw32

advapi32

ole32

kernel32

user32

gdi32

Exports

Exports

Sections

.text Size: 16KB - Virtual size: 13KB

.rdata Size: 8KB - Virtual size: 4KB

.data Size: 100KB - Virtual size: 192KB

.rsrc Size: 40KB - Virtual size: 39KB

.reloc Size: 4KB - Virtual size: 1KB

.text
Size: 16KB - Virtual size: 13KB

.rdata
Size: 8KB - Virtual size: 4KB

.data
Size: 100KB - Virtual size: 192KB

.rsrc
Size: 40KB - Virtual size: 39KB

.reloc
Size: 4KB - Virtual size: 1KB