JaffaCakes118_71dff5ac0f51c28698b5f5081082f983

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_71dff5ac0f51c28698b5f5081082f983
Size

500KB
MD5

71dff5ac0f51c28698b5f5081082f983
SHA1

ca7752474fe66dcf2e0b17c83e9862f09462d450
SHA256

4d64a8a26d49dacaa200c81427d46cb8e55e99360355e122404285f14b5693c9
SHA512

77fa82379e562d79f195f3853213062a5086c979c1c8524ef8489791e5d31d720157fb4f4c2cf819b7463aa8c01f4b0dda0db86847185c1d56cf80d151aecc1b
SSDEEP

6144:V2N8aCbpt5e3JVAfqX+2Rr+nxQDBO03fHEe:w87z5mvAfLfaE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_71dff5ac0f51c28698b5f5081082f983

Files

JaffaCakes118_71dff5ac0f51c28698b5f5081082f983
.dll windows:4 windows x86 arch:x86

79104f3cccf87ce5b357c629421e05f5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
VirtualAlloc
VirtualProtect
GetProcAddress
GetUserDefaultUILanguage

ole32

OleInitialize
OleUninitialize
IsValidIid
CreateOleAdviseHolder
CoGetTreatAsClass
StgOpenStorage
OleCreateLink
StgIsStorageFile

version

GetFileVersionInfoW
VerInstallFileA
GetFileVersionInfoA
GetFileVersionInfoSizeW
VerFindFileW
VerInstallFileW

user32

VRipOutput
SwitchToThisWindow
wsprintfW
DdeNameService
FlashWindow
OpenWindowStationA
DialogBoxParamW

shell32

SHEnumerateUnreadMailAccountsW
ExtractAssociatedIconW
SHParseDisplayName
DragQueryFileAorW
SHLoadNonloadedIconOverlayIdentifiers
SHSetUnreadMailCountW

winspool.drv

StartDocDlgW
EnumPrintProcessorsW
SetPrinterA
DeletePrinterConnectionA
DocumentPropertiesA
FindClosePrinterChangeNotification
DevicePropertySheets
SetPrinterDataExA
SetJobA

comctl32

ImageList_BeginDrag
DSA_Create
FlatSB_SetScrollRange
CreateStatusWindowW
ImageList_Merge
ImageList_GetIcon
ImageList_GetImageCount
CreatePropertySheetPageA
ImageList_SetFilter
FlatSB_GetScrollRange
ImageList_GetBkColor

msimg32

DllInitialize
GradientFill
vSetDdrawflag
TransparentBlt
AlphaBlend

shlwapi

IntlStrEqWorkerW
PathFindNextComponentW
SHOpenRegStreamA
UrlHashA
PathStripPathW
SHAutoComplete
SHSetThreadRef
PathAppendW

winmm

joyGetNumDevs
waveOutUnprepareHeader
mciGetDeviceIDFromElementIDW
midiOutSetVolume
mciDriverNotify
mciGetErrorStringA
joyGetPos
mixerClose
mciGetDriverData
waveInGetID
mmioRenameA
midiStreamPause
aux32Message

gdiplus

GdipGetGenericFontFamilyMonospace
GdipDisposeImage
GdipGetPathWorldBounds
GdipDrawPath
GdipSetImageAttributesOutputChannel
GdipClosePathFigure

comdlg32

PrintDlgA
FindTextW
ReplaceTextW
FindTextA
LoadAlterBitmap
PrintDlgExW
GetFileTitleA
ChooseFontW

Exports

Exports

CreatePaint

Sections

.text
Size: 188KB - Virtual size: 187KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xbsl
Size: 296KB - Virtual size: 296KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vgic
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

79104f3cccf87ce5b357c629421e05f5

Headers

File Characteristics

Imports

kernel32

ole32

version

user32

shell32

winspool.drv

comctl32

msimg32

shlwapi

winmm

gdiplus

comdlg32

Exports

Exports

Sections

.text Size: 188KB - Virtual size: 187KB

.data Size: 512B - Virtual size: 112B

.data Size: 2KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 3KB

.xbsl Size: 296KB - Virtual size: 296KB

.vgic Size: 8KB - Virtual size: 8KB

.text
Size: 188KB - Virtual size: 187KB

.data
Size: 512B - Virtual size: 112B

.data
Size: 2KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 3KB

.xbsl
Size: 296KB - Virtual size: 296KB

.vgic
Size: 8KB - Virtual size: 8KB