JaffaCakes118_5ae6f2a3c261fb2f4352c5635892e3d0

Sharing

Copy URL

Twitter E-mail

General

Target

JaffaCakes118_5ae6f2a3c261fb2f4352c5635892e3d0
Size

500KB
MD5

5ae6f2a3c261fb2f4352c5635892e3d0
SHA1

ac3ccabbc297efc42a563f75e8c9a508be39598c
SHA256

8907a22252f61b0627d9c97eafcd22eb450e2a694da244e31c906a10c0d5b21f
SHA512

b982a9f0e8d049c1e467f8b2aeb36a00532a755ab6e36f1e4d587d551fe94e1d8724e5d910b73edecca4fc78697d14447332ddba6c3a27878729f28eb5dd9c70
SSDEEP

6144:V2N8aCbpt5e3JVAfqX+2Rr+nxQDBO03fHEe:w87z5mvAfLfaE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
JaffaCakes118_5ae6f2a3c261fb2f4352c5635892e3d0

Files

JaffaCakes118_5ae6f2a3c261fb2f4352c5635892e3d0
.dll windows:4 windows x86 arch:x86

79104f3cccf87ce5b357c629421e05f5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

LoadLibraryA
VirtualAlloc
VirtualProtect
GetProcAddress
GetUserDefaultUILanguage

ole32

OleInitialize
OleUninitialize
IsValidIid
CreateOleAdviseHolder
CoGetTreatAsClass
StgOpenStorage
OleCreateLink
StgIsStorageFile

version

GetFileVersionInfoW
VerInstallFileA
GetFileVersionInfoA
GetFileVersionInfoSizeW
VerFindFileW
VerInstallFileW

user32

VRipOutput
SwitchToThisWindow
wsprintfW
DdeNameService
FlashWindow
OpenWindowStationA
DialogBoxParamW

shell32

SHEnumerateUnreadMailAccountsW
ExtractAssociatedIconW
SHParseDisplayName
DragQueryFileAorW
SHLoadNonloadedIconOverlayIdentifiers
SHSetUnreadMailCountW

winspool.drv

StartDocDlgW
EnumPrintProcessorsW
SetPrinterA
DeletePrinterConnectionA
DocumentPropertiesA
FindClosePrinterChangeNotification
DevicePropertySheets
SetPrinterDataExA
SetJobA

comctl32

ImageList_BeginDrag
DSA_Create
FlatSB_SetScrollRange
CreateStatusWindowW
ImageList_Merge
ImageList_GetIcon
ImageList_GetImageCount
CreatePropertySheetPageA
ImageList_SetFilter
FlatSB_GetScrollRange
ImageList_GetBkColor

msimg32

DllInitialize
GradientFill
vSetDdrawflag
TransparentBlt
AlphaBlend

shlwapi

IntlStrEqWorkerW
PathFindNextComponentW
SHOpenRegStreamA
UrlHashA
PathStripPathW
SHAutoComplete
SHSetThreadRef
PathAppendW

winmm

joyGetNumDevs
waveOutUnprepareHeader
mciGetDeviceIDFromElementIDW
midiOutSetVolume
mciDriverNotify
mciGetErrorStringA
joyGetPos
mixerClose
mciGetDriverData
waveInGetID
mmioRenameA
midiStreamPause
aux32Message

gdiplus

GdipGetGenericFontFamilyMonospace
GdipDisposeImage
GdipGetPathWorldBounds
GdipDrawPath
GdipSetImageAttributesOutputChannel
GdipClosePathFigure

comdlg32

PrintDlgA
FindTextW
ReplaceTextW
FindTextA
LoadAlterBitmap
PrintDlgExW
GetFileTitleA
ChooseFontW

Exports

Exports

CreatePaint

Sections

.text
Size: 188KB - Virtual size: 187KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 112B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 2KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.xbsl
Size: 296KB - Virtual size: 296KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vgic
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

79104f3cccf87ce5b357c629421e05f5

Headers

File Characteristics

Imports

kernel32

ole32

version

user32

shell32

winspool.drv

comctl32

msimg32

shlwapi

winmm

gdiplus

comdlg32

Exports

Exports

Sections

.text Size: 188KB - Virtual size: 187KB

.data Size: 512B - Virtual size: 112B

.data Size: 2KB - Virtual size: 4KB

.data Size: 4KB - Virtual size: 3KB

.xbsl Size: 296KB - Virtual size: 296KB

.vgic Size: 8KB - Virtual size: 8KB

.text
Size: 188KB - Virtual size: 187KB

.data
Size: 512B - Virtual size: 112B

.data
Size: 2KB - Virtual size: 4KB

.data
Size: 4KB - Virtual size: 3KB

.xbsl
Size: 296KB - Virtual size: 296KB

.vgic
Size: 8KB - Virtual size: 8KB