7c8d2324f886bfed619770bef867bb3d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

7c8d2324f886bfed619770bef867bb3d_JaffaCakes118
Size

104KB
MD5

7c8d2324f886bfed619770bef867bb3d
SHA1

d4476b85b0192363fd1f35a2d0cc9e09a823f250
SHA256

6acac2c71db65186f5517003af398ab7e450da85b74b18eea17f67234ad0965f
SHA512

5315c32f1d7fe9e8aff41f93353d0007baa193eefdd173769f92a6fb1d0cb0887413831b55df31b103432537313b7f01fd347c42a0cd20dc165d4d1932e0216d
SSDEEP

3072:AIde35h80e+vCIeJSyRkremjCQoUqB1n7:ZkNeS0JmjCQ547

Score

3^/10

Malware Config

Signatures

Unsigned PE 3 IoCs

Checks for missing Authenticode signature.

resource
7c8d2324f886bfed619770bef867bb3d_JaffaCakes118
unpack001/$PLUGINSDIR/System.dll
unpack001/$PLUGINSDIR/nsDialogs.dll

Files

7c8d2324f886bfed619770bef867bb3d_JaffaCakes118
.exe windows:4 windows x86 arch:x86

a73b2531bfc838dc3d19df5285b8d0fd

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

SetFileTime
CompareFileTime
SearchPathW
GetShortPathNameW
GetFullPathNameW
MoveFileW
SetCurrentDirectoryW
GetFileAttributesW
GetLastError
CreateDirectoryW
SetFileAttributesW
Sleep
GetTickCount
GetFileSize
GetModuleFileNameW
GetCurrentProcess
CopyFileW
ExitProcess
GetWindowsDirectoryW
GetTempPathW
GetCommandLineW
SetErrorMode
lstrcpynA
lstrlenW
lstrcpynW
GetDiskFreeSpaceW
GlobalUnlock
CloseHandle
CreateThread
LoadLibraryW
CreateProcessW
lstrcmpiA
CreateFileW
GetTempFileNameW
lstrcatW
GetProcAddress
LoadLibraryA
GetModuleHandleA
OpenProcess
lstrcpyW
GetVersionExW
GetSystemDirectoryW
GetVersion
lstrcpyA
RemoveDirectoryW
lstrcmpA
GlobalHandle
GlobalReAlloc
GetSystemDefaultLCID
GetVolumeInformationA
QueryPerformanceFrequency
GlobalMemoryStatusEx
GetSystemInfo
GetModuleFileNameA
lstrcatA
lstrcmpiW
lstrcmpW
ExpandEnvironmentStringsW
GlobalAlloc
WaitForSingleObject
GetExitCodeProcess
GlobalFree
GetModuleHandleW
LoadLibraryExW
FreeLibrary
WritePrivateProfileStringW
GetPrivateProfileStringW
WideCharToMultiByte
lstrlenA
WriteFile
ReadFile
MultiByteToWideChar
SetFilePointer
FindClose
FindNextFileW
FindFirstFileW
DeleteFileW
GlobalLock
MulDiv

user32

GetMessagePos
CallWindowProcW
IsWindowVisible
LoadBitmapW
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
TrackPopupMenu
GetWindowRect
AppendMenuW
CreatePopupMenu
GetSystemMetrics
EndDialog
EnableMenuItem
GetSystemMenu
SetClassLongW
IsWindowEnabled
SetWindowPos
DialogBoxParamW
GetClassInfoW
CreateWindowExW
SystemParametersInfoW
RegisterClassW
SetDlgItemTextW
GetDlgItemTextW
MessageBoxIndirectW
CharNextA
CharUpperW
CharPrevW
wvsprintfW
DispatchMessageW
PeekMessageW
wsprintfA
ScreenToClient
IsDlgButtonChecked
GetAsyncKeyState
CheckDlgButton
LoadCursorW
SetCursor
GetWindowLongW
GetSysColor
CharNextW
ExitWindowsEx
DestroyWindow
CreateDialogParamW
SetTimer
SetWindowTextW
PostQuitMessage
SetForegroundWindow
ShowWindow
wsprintfW
SendMessageTimeoutW
FindWindowExW
IsWindow
GetDlgItem
LoadImageW
GetDC
EnableWindow
InvalidateRect
SendMessageW
DefWindowProcW
BeginPaint
GetClientRect
FillRect
DrawTextW
EndPaint
SetWindowLongW

gdi32

CreateBrushIndirect
DeleteObject
GetDeviceCaps
SetBkColor
SelectObject
CreateFontIndirectW
SetBkMode
SetTextColor

shell32

SHFileOperationW
SHGetFileInfoW
SHGetPathFromIDListW
SHBrowseForFolderW
SHGetSpecialFolderLocation
ShellExecuteW

advapi32

RegQueryValueExW
RegCreateKeyExW
RegSetValueExW
RegEnumValueW
RegDeleteKeyW
RegCloseKey
RegEnumKeyW
RegOpenKeyExW
RegDeleteValueW

comctl32

ImageList_Destroy
ImageList_AddMasked
ImageList_Create
ord17

ole32

OleUninitialize
CoCreateInstance
CoTaskMemFree
OleInitialize

version

GetFileVersionInfoSizeW
GetFileVersionInfoSizeA
VerQueryValueW
GetFileVersionInfoW
VerQueryValueA
GetFileVersionInfoA

wininet

InternetReadFile
InternetConnectA
InternetOpenA
InternetCloseHandle
HttpOpenRequestA
HttpQueryInfoA
HttpSendRequestA
InternetSetOptionA

shlwapi

PathFindFileNameA
StrStrIA

iphlpapi

GetAdaptersInfo

Sections

.text
Size: 30KB - Virtual size: 29KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 415KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.ndata
Size: - Virtual size: 1.6MB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 13KB - Virtual size: 13KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
$PLUGINSDIR/1.ico
$PLUGINSDIR/System.dll
.dll windows:4 windows x86 arch:x86

039bcbc605477e8e87ec550c2e60e748

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GlobalAlloc
GlobalFree
GlobalSize
GetLastError
lstrcpyW
lstrcpynW
GetProcAddress
WideCharToMultiByte
lstrcatW
lstrlenW
lstrcmpiW
LoadLibraryW
GetModuleHandleW
MultiByteToWideChar
VirtualAlloc
VirtualProtect
FreeLibrary

user32

wsprintfW

ole32

CLSIDFromString
StringFromGUID2

Exports

Exports

Alloc
Call
Copy
Free
Get
Int64Op
Store
StrAlloc

Sections

.text
Size: 7KB - Virtual size: 7KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 1024B - Virtual size: 963B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 64B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 588B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
$PLUGINSDIR/nsDialogs.dll
.dll windows:4 windows x86 arch:x86

25a5640a89eb79c57f60a91d10524b18

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NO_SEH

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetCurrentDirectoryW
lstrcpyW
GetFileAttributesW
lstrcmpiW
GlobalAlloc
MulDiv
lstrlenW
SetCurrentDirectoryW
GetProcessHeap
HeapAlloc
HeapReAlloc
lstrcpynW
HeapFree
GlobalFree

user32

GetPropW
DestroyWindow
CallWindowProcW
SetCursor
LoadCursorW
GetClientRect
DrawFocusRect
GetWindowLongW
DrawTextW
GetWindowTextW
GetDlgItem
SetWindowLongW
SetWindowPos
CreateDialogParamW
MapWindowPoints
GetWindowRect
SetPropW
CreateWindowExW
IsWindow
SetTimer
KillTimer
DispatchMessageW
TranslateMessage
GetMessageW
IsDialogMessageW
ShowWindow
wsprintfW
CharPrevW
MapDialogRect
CharNextW
SendMessageW
RemovePropW

gdi32

SetTextColor

shell32

SHBrowseForFolderW
SHGetPathFromIDListW

comdlg32

GetOpenFileNameW
GetSaveFileNameW
CommDlgExtendedError

ole32

CoTaskMemFree

Exports

Exports

Create
CreateControl
CreateItem
CreateTimer
GetUserData
KillTimer
OnBack
OnChange
OnClick
OnNotify
SelectFileDialog
SelectFolderDialog
SetRTL
SetUserData
Show

Sections

.text
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 2KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: - Virtual size: 48B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 152B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 1024B - Virtual size: 590B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a73b2531bfc838dc3d19df5285b8d0fd

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

advapi32

comctl32

ole32

version

wininet

shlwapi

iphlpapi

Sections

.text Size: 30KB - Virtual size: 29KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 512B - Virtual size: 415KB

.ndata Size: - Virtual size: 1.6MB

.rsrc Size: 13KB - Virtual size: 13KB

039bcbc605477e8e87ec550c2e60e748

Headers

File Characteristics

Imports

kernel32

user32

ole32

Exports

Exports

Sections

.text Size: 7KB - Virtual size: 7KB

.rdata Size: 1024B - Virtual size: 963B

.data Size: 512B - Virtual size: 64B

.reloc Size: 1024B - Virtual size: 588B

25a5640a89eb79c57f60a91d10524b18

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

shell32

comdlg32

ole32

Exports

Exports

Sections

.text Size: 4KB - Virtual size: 4KB

.rdata Size: 2KB - Virtual size: 2KB

.data Size: - Virtual size: 48B

.rsrc Size: 512B - Virtual size: 152B

.reloc Size: 1024B - Virtual size: 590B

.text
Size: 30KB - Virtual size: 29KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 512B - Virtual size: 415KB

.ndata
Size: - Virtual size: 1.6MB

.rsrc
Size: 13KB - Virtual size: 13KB

.text
Size: 7KB - Virtual size: 7KB

.rdata
Size: 1024B - Virtual size: 963B

.data
Size: 512B - Virtual size: 64B

.reloc
Size: 1024B - Virtual size: 588B

.text
Size: 4KB - Virtual size: 4KB

.rdata
Size: 2KB - Virtual size: 2KB

.data
Size: - Virtual size: 48B

.rsrc
Size: 512B - Virtual size: 152B

.reloc
Size: 1024B - Virtual size: 590B