f479a0b3c07a701127b732968a321645_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

f479a0b3c07a701127b732968a321645_JaffaCakes118
Size

579KB
MD5

f479a0b3c07a701127b732968a321645
SHA1

27e3ca5b22353a9ed97c4326cb26fa96cdeea36e
SHA256

43f8a66d3f3f1ba574bc932a7bc8e5886fbeeab0b279d1dea654d7119e80a494
SHA512

3b05157335985ff2c3563f8a350d3f45a6c7ef2ac8b0d4c76f350f1df39e30f8f5d7477218f0cb24601b17811a53a2ffdc036186822372c978965ab48d506564
SSDEEP

12288:QdhUIE5cQ0FMXiFL+DgpdjFlisGhYEpDfRLYxL67dn:C4NeMy9+spdjFUjJ5

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

Processes:

resource
f479a0b3c07a701127b732968a321645_JaffaCakes118

Files

f479a0b3c07a701127b732968a321645_JaffaCakes118
.dll regsvr32 windows:5 windows x64 arch:x64

8d22e25e0903f5902cac29c98bab0689

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE
IMAGE_FILE_DLL

Imports

kernel32

GetFileSizeEx
FlsSetValue
GetCommandLineA
RtlLookupFunctionEntry
RtlUnwindEx
RaiseException
RtlPcToFileHeader
Sleep
HeapReAlloc
HeapQueryInformation
HeapSize
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RtlVirtualUnwind
RtlCaptureContext
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
EncodePointer
DecodePointer
FlsGetValue
FlsFree
FlsAlloc
GetStdHandle
GetModuleFileNameA
SystemTimeToFileTime
HeapCreate
HeapDestroy
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
LocalFileTimeToFileTime
FileTimeToLocalFileTime
FileTimeToSystemTime
CreateFileW
GetShortPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
lstrcmpiW
GetThreadLocale
GetStringTypeExW
DeleteFileW
MoveFileW
GetCurrentDirectoryW
LocalReAlloc
TlsSetValue
GlobalHandle
GlobalReAlloc
TlsAlloc
TlsGetValue
LocalAlloc
GlobalFlags
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
GetProfileIntW
lstrlenA
CopyFileW
GlobalSize
FormatMessageW
LocalFree
MulDiv
GetDiskFreeSpaceW
GetFullPathNameW
GetTempFileNameW
GetFileTime
SetFileTime
GetFileAttributesW
GetTickCount
CloseHandle
GetPrivateProfileStringW
WritePrivateProfileStringW
GetPrivateProfileIntW
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
GetModuleFileNameW
lstrcmpA
GetLocaleInfoW
CompareStringA
FreeResource
GetCurrentThreadId
GlobalFindAtomW
GlobalDeleteAtom
GetVersionExW
CompareStringW
lstrcmpW
MultiByteToWideChar
GetVersionExA
lstrlenW
GetCurrentProcessId
GetModuleHandleW
GlobalGetAtomNameW
GlobalAddAtomW
GetLastError
WideCharToMultiByte
FindResourceW
LoadResource
LockResource
SizeofResource
VirtualProtect
LoadLibraryA
VirtualAlloc
GetProcAddress
SetLastError
IsBadReadPtr
GetProcessHeap
VirtualFree
HeapFree
HeapAlloc
FreeLibrary
VirtualQuery
GetNativeSystemInfo
GlobalFree
GlobalUnlock
GlobalAlloc
GlobalLock
LoadLibraryW
HeapSetInformation
ExitProcess

user32

DeleteMenu
DestroyIcon
CharUpperW
PostThreadMessageW
IsRectEmpty
SystemParametersInfoW
GetMenuStringW
InsertMenuW
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
FillRect
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
GetMessageW
TranslateMessage
GetCursorPos
ValidateRect
ShowOwnedPopups
PostQuitMessage
SetWindowTextW
IsDialogMessageW
RegisterWindowMessageW
SendDlgItemMessageA
SendDlgItemMessageW
IsChild
SetWindowsHookExW
CallNextHookEx
GetClassLongPtrW
SetPropW
GetPropW
RemovePropW
GetWindowTextW
GetForegroundWindow
DispatchMessageW
EndDeferWindowPos
GetTopWindow
DestroyWindow
GetWindowLongPtrW
SetWindowLongPtrW
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
GetClientRect
MessageBoxW
CreateWindowExW
GetClassInfoExW
RegisterClassW
AdjustWindowRectEx
ScreenToClient
DeferWindowPos
GetScrollInfo
SetScrollInfo
DefWindowProcW
CallWindowProcW
SystemParametersInfoA
GetWindowPlacement
GetClassNameW
GetSysColor
UnpackDDElParam
ReuseDDElParam
LoadMenuW
DestroyMenu
WinHelpW
SetWindowPos
SetFocus
GetWindowThreadProcessId
EnableWindow
UpdateWindow
RegisterClipboardFormatW
PtInRect
GetActiveWindow
IsWindowEnabled
EqualRect
GetDlgItem
SetWindowLongW
GetDlgCtrlID
GetKeyState
LoadIconW
SetCursor
PeekMessageW
GetCapture
ReleaseCapture
LoadAcceleratorsW
SetActiveWindow
IsWindowVisible
GetMenuItemInfoW
WindowFromPoint
GetSysColorBrush
SetRect
InflateRect
LoadCursorW
SetCapture
KillTimer
SetTimer
SetWindowRgn
BeginDeferWindowPos
DrawIcon
InvalidateRect
IsClipboardFormatAvailable
GetFocus
CheckMenuItem
EnableMenuItem
GetMenuState
ModifyMenuW
SendMessageW
GetParent
LoadBitmapW
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
GetSystemMetrics
IsZoomed
SetRectEmpty
OffsetRect
GetWindowRect
TranslateAcceleratorW
IsWindow
GetWindow
ShowWindow
GetWindowLongW
GetDesktopWindow
SetMenu
PostMessageW
BringWindowToTop
GetLastActivePopup
GetMenu
CopyRect
IntersectRect
GetClassInfoW
CreatePopupMenu
GetMenuItemCount
GetMenuItemID
GetSubMenu
InsertMenuItemW
IsIconic

gdi32

DeleteDC
CreatePatternBrush
GetStockObject
GetDeviceCaps
CopyMetaFileW
CreateEllipticRgn
LPtoDP
Ellipse
GetBkColor
CreateFontIndirectW
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutW
GetPixel
TextOutW
RectVisible
PtVisible
CreateSolidBrush
Polygon
BitBlt
DeleteObject
IntersectClipRect
ExcludeClipRect
SetMapMode
SetROP2
SetBkMode
RestoreDC
SaveDC
GetObjectW
SetBkColor
SetTextColor
GetClipBox
CreateCompatibleDC
CreateCompatibleBitmap
GetTextExtentPoint32W
GetTextMetricsW
SelectObject
CreateBitmap
DPtoLP

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

advapi32

RegSetValueW
GetFileSecurityW
SetFileSecurityW
RegDeleteValueW
RegSetValueExW
RegCreateKeyExW
RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegDeleteKeyW
RegOpenKeyExW
RegQueryValueExW
RegCloseKey
RegCreateKeyW

shell32

DragFinish
DragQueryFileW
ExtractIconW
SHGetFileInfoW
DragAcceptFiles

shlwapi

PathRemoveExtensionW
PathFindFileNameW
PathStripToRootW
PathIsUNCW
PathFindExtensionW
PathRemoveFileSpecW

oledlg

OleUIBusyW

ole32

CreateStreamOnHGlobal
CoCreateInstance
CoRegisterMessageFilter
CoRevokeClassObject
DoDragDrop
OleFlushClipboard
OleIsCurrentClipboard
OleSetClipboard
RevokeDragDrop
CoLockObjectExternal
RegisterDragDrop
CoUninitialize
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoTaskMemFree
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CoInitializeEx
OleGetClipboard

oleaut32

VariantClear
VariantChangeType
VariantInit

Exports

Exports

DllRegisterServer
DllUnregisterServer
ResumeServer
StartServer
StopServer
SuspendServer

Sections

.text
Size: 317KB - Virtual size: 316KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 115KB - Virtual size: 115KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 96KB - Virtual size: 95KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 13KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8d22e25e0903f5902cac29c98bab0689

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

shlwapi

oledlg

ole32

oleaut32

Exports

Exports

Sections

.text Size: 317KB - Virtual size: 316KB

.rdata Size: 115KB - Virtual size: 115KB

.data Size: 13KB - Virtual size: 36KB

.pdata Size: 23KB - Virtual size: 22KB

.rsrc Size: 96KB - Virtual size: 95KB

.reloc Size: 13KB - Virtual size: 12KB

.text
Size: 317KB - Virtual size: 316KB

.rdata
Size: 115KB - Virtual size: 115KB

.data
Size: 13KB - Virtual size: 36KB

.pdata
Size: 23KB - Virtual size: 22KB

.rsrc
Size: 96KB - Virtual size: 95KB

.reloc
Size: 13KB - Virtual size: 12KB