JaffaCakes118_50dbecf371132a3a6f5ec7da86de93cf

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_50dbecf371132a3a6f5ec7da86de93cf
Size

224KB
MD5

50dbecf371132a3a6f5ec7da86de93cf
SHA1

e686de64cec0c309140874416165a2838e77055e
SHA256

bb67dc5a989bc3ef0db414b2a4e5bb0720e11278401bfded9cbdc774281604f1
SHA512

360b4f160ba7a6194ac372f6f21ff3f7a4ecaae6421c801a747990ccc6da95ac64861234896677f0faa2e09ddac098596f1d24373699678d5892c44eb2f436d5
SSDEEP

3072:hoxMflFIIWkxuh+BCFFnJX0CZkkuWT/NH22stNB+KcItcTCQ9wNzx9M6VP5KkMsu:hoxMfL0+EHwWTFHJUB+lF9wN9bPNMsqD

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_50dbecf371132a3a6f5ec7da86de93cf

Files

JaffaCakes118_50dbecf371132a3a6f5ec7da86de93cf
.dll regsvr32 windows:4 windows x86 arch:x86

7e7d3764c5560c674627ee1edcea6e32

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

RtlUnwind
HeapAlloc
HeapFree
TerminateProcess
GetCommandLineA
RaiseException
HeapSize
HeapReAlloc
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
FlushFileBuffers
LCMapStringA
LCMapStringW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
SetUnhandledExceptionFilter
UnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetACP
GetOEMCP
GetStringTypeA
GetStringTypeW
SetStdHandle
GetCurrentProcessId
QueryPerformanceCounter
SetFilePointer
GetProcessVersion
GlobalAddAtomW
GlobalFindAtomW
WritePrivateProfileStringW
GlobalFlags
lstrcmpiW
GetVersion
lstrcatW
SetErrorMode
TlsGetValue
LocalReAlloc
TlsSetValue
EnterCriticalSection
GlobalReAlloc
LeaveCriticalSection
TlsFree
GlobalHandle
GlobalFree
DeleteCriticalSection
TlsAlloc
InitializeCriticalSection
LocalAlloc
lstrcmpW
GlobalAlloc
GlobalDeleteAtom
GetSystemTimeAsFileTime
GetCurrentThread
GetCurrentThreadId
GlobalLock
GlobalUnlock
InterlockedDecrement
InterlockedIncrement
LocalFree
lstrlenA
SetLastError
InterlockedExchange
GetSystemDirectoryA
GetWindowsDirectoryA
GetModuleFileNameA
GetModuleHandleA
CompareStringA
FreeLibrary
GetTickCount
Sleep
WaitForSingleObject
ExitProcess
LoadLibraryA
MulDiv
FindClose
GetSystemDefaultLangID
GetFileSize
ReadFile
GetCurrentProcess
WriteFile
GetLastError
CloseHandle
DefineDosDeviceW
DeviceIoControl
IsBadWritePtr
GetLogicalDrives

user32

RegisterWindowMessageW
GetForegroundWindow
GetMessagePos
GetMessageTime
RemovePropW
CallWindowProcW
GetPropW
SetPropW
CreateWindowExW
DestroyWindow
DefWindowProcW
GetMenuItemID
GetSubMenu
GetMenu
RegisterClassW
GetClassInfoW
WinHelpW
GetCapture
GetTopWindow
CopyRect
GetClientRect
AdjustWindowRectEx
GetSysColor
MapWindowPoints
LoadIconW
LoadCursorW
GetSysColorBrush
DestroyMenu
IsIconic
GetWindowPlacement
GetSystemMetrics
SetFocus
ShowWindow
SetWindowPos
SetWindowLongW
GetDlgItem
GetWindowTextW
SetWindowTextW
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
GetClassNameW
LoadStringW
UnregisterClassW
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuW
EnableMenuItem
GetFocus
GetNextDlgTabItem
TranslateMessage
DispatchMessageW
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageW
GetCursorPos
SetWindowsHookExW
GetLastActivePopup
IsWindowEnabled
MessageBoxW
EnableWindow
SetCursor
SendMessageW
PostMessageW
PostQuitMessage
UnhookWindowsHookEx
GrayStringW
DrawTextW
TabbedTextOutW
ReleaseDC
GetDC
ClientToScreen
BroadcastSystemMessage
CheckMenuItem
SetMenuItemBitmaps
CreateMenu
GetParent
SetForegroundWindow
MessageBoxA
GetMenuItemCount
SystemParametersInfoW
GetMessageW

gdi32

SetBkColor
SetTextColor
SetMapMode
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
GetStockObject
PtVisible
RectVisible
TextOutW
ExtTextOutW
Escape
CreateBitmap
GetObjectW
SelectObject
RestoreDC
SaveDC
DeleteObject
DeleteDC
GetDeviceCaps

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

advapi32

RegCreateKeyExA
RegQueryValueExA
RegCloseKey

comctl32

ord17

ole32

StringFromIID
CoGetMalloc
ReleaseStgMedium

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 96KB - Virtual size: 92KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

7e7d3764c5560c674627ee1edcea6e32

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

comctl32

ole32

Exports

Exports

Sections

.text Size: 96KB - Virtual size: 92KB

.rdata Size: 20KB - Virtual size: 19KB

.data Size: 12KB - Virtual size: 49KB

.rsrc Size: 12KB - Virtual size: 11KB

.reloc Size: 16KB - Virtual size: 14KB

.text Size: 64KB - Virtual size: 64KB

.text
Size: 96KB - Virtual size: 92KB

.rdata
Size: 20KB - Virtual size: 19KB

.data
Size: 12KB - Virtual size: 49KB

.rsrc
Size: 12KB - Virtual size: 11KB

.reloc
Size: 16KB - Virtual size: 14KB

.text
Size: 64KB - Virtual size: 64KB