0093b16e9f87432b90f9e7ae756d8942_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0093b16e9f87432b90f9e7ae756d8942_JaffaCakes118
Size

196KB
MD5

0093b16e9f87432b90f9e7ae756d8942
SHA1

d7a80f29469f88c2461cc135a1f1d39639102c15
SHA256

84a1946b8e9607faac57f6a73246eaf7fc4c177886816ccb0cefbeac46b39b13
SHA512

b1c2876373101d1e540394d15c9ec1eaef0a61b4252f19fd77c0d1ae0deac3942f10040c25bd90739a99c3e28e7203f39e80dac7dc0c7213ae36509c913709de
SSDEEP

3072:IT2xQ8JV6vckLbNU1IjOxrMHy5aiWnMSJAoz8fV+Dcv3fGfiqPFA5nHe9IdUB:IEUcmbNU1IYy0poSvGR9Adbdg

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0093b16e9f87432b90f9e7ae756d8942_JaffaCakes118

Files

0093b16e9f87432b90f9e7ae756d8942_JaffaCakes118
.dll windows:4 windows x86 arch:x86

01ee5b541d758d596670ba751bab1705

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
CreateFileA
MultiByteToWideChar
WriteFile
SetFilePointer
DuplicateHandle
ReadFile
UnlockFile
SetEndOfFile
FlushFileBuffers
lstrcpynA
GetFullPathNameA
LocalFree
LockFile
GetVolumeInformationA
InitializeCriticalSection
TlsAlloc
DeleteCriticalSection
GlobalHandle
TlsFree
LeaveCriticalSection
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GlobalFlags
GetModuleHandleA
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
LocalAlloc
GetCPInfo
GetOEMCP
FileTimeToSystemTime
FileTimeToLocalFileTime
RtlUnwind
GetCommandLineA
ExitProcess
TerminateProcess
RaiseException
HeapReAlloc
HeapSize
GetACP
GetTimeZoneInformation
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetModuleFileNameA
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
lstrlenA
GlobalDeleteAtom
GetCurrentThreadId
lstrcatA
lstrcpyA
GetLastError
CreateMutexA
GetSystemDirectoryA
GetWindowsDirectoryA
GlobalFree
GlobalUnlock
lstrcmpiA
GlobalLock
GlobalAlloc
FreeLibrary
GetProcAddress
LoadLibraryA
Sleep
HeapFree
HeapAlloc
GetProcessHeap
SetLastError
GetFileAttributesA
FindClose
FindNextFileA
lstrcmpA
FindFirstFileA
RemoveDirectoryA
DeleteFileA
SetFileAttributesA
GetFileTime
GetProcessVersion
CloseHandle
GetFileSize
IsDBCSLeadByte
OpenFile
OutputDebugStringA
GetPrivateProfileSectionA
WritePrivateProfileStringW
QueryDosDeviceA
GetCurrentThread
WritePrivateProfileSectionA
WritePrivateProfileStringA
GetVersion
GetCurrentProcess
EnterCriticalSection

user32

TabbedTextOutA
DrawTextA
GrayStringA
GetDlgItem
SetWindowLongA
SetWindowPos
ShowWindow
SetFocus
GetWindowPlacement
IsIconic
SystemParametersInfoA
RegisterWindowMessageA
SetForegroundWindow
GetForegroundWindow
GetMessagePos
GetMessageTime
RemovePropA
CallWindowProcA
GetPropA
SetPropA
GetClassLongA
CreateWindowExA
DestroyWindow
DefWindowProcA
GetMenuItemID
GetSubMenu
GetMenu
RegisterClassA
GetClassInfoA
WinHelpA
GetCapture
GetTopWindow
CopyRect
ReleaseDC
GetSysColor
MapWindowPoints
LoadIconA
LoadCursorA
GetSysColorBrush
DestroyMenu
GetDC
GetMenuItemCount
UnhookWindowsHookEx
GetWindowTextA
SetWindowTextA
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
GetClassNameA
GetSystemMetrics
CharUpperA
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetFocus
GetNextDlgTabItem
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
GetKeyState
CallNextHookEx
ValidateRect
IsWindowVisible
PeekMessageA
GetCursorPos
SetWindowsHookExA
GetParent
GetLastActivePopup
IsWindowEnabled
GetWindowLongA
EnableWindow
SetCursor
SendMessageA
PostMessageA
GetClientRect
AdjustWindowRectEx
CharNextA
wsprintfA
LoadStringA
MessageBoxA
FindWindowA
PostQuitMessage

winspool.drv

AddMonitorA
DeletePortA
EnumPrintersA
DocumentPropertiesA
ClosePrinter
OpenPrinterA
DeletePrinter
SetPrinterA

advapi32

AllocateAndInitializeSid
EqualSid
RegCreateKeyExA
RegSetValueExA
DeleteService
CreateServiceA
CloseServiceHandle
RegQueryInfoKeyA
RegEnumValueA
OpenThreadToken
OpenProcessToken
GetTokenInformation
StartServiceA
ControlService
FreeSid
RegDeleteKeyA
OpenSCManagerA
OpenServiceA
RegCloseKey
RegDeleteValueA
QueryServiceStatus
RegOpenKeyExA
RegQueryValueExA
RegEnumKeyExA

version

GetFileVersionInfoSizeA
GetFileVersionInfoA
VerQueryValueA

comctl32

ord17

gdi32

CreateBitmap
SaveDC
DeleteDC
SelectObject
GetStockObject
RestoreDC
SetBkColor
GetDeviceCaps
SetMapMode
GetObjectA
Escape
SetTextColor
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
GetClipBox
ExtTextOutA
TextOutA
RectVisible
PtVisible
SetViewportOrgEx
DeleteObject

comdlg32

GetFileTitleA

Exports

Exports

BrAddMonitor
BrAvailableComPort
BrChangePrinterPort
BrLoadService
BrRefreshCacheWININI
BrStartService
BrStopService
BrUnloadService
CheckVender
MflProUninstallKeyControl
RemovePrinterDriver
RestartService
UninstInitialize
UninstUnInitialize

Sections

.text
Size: 84KB - Virtual size: 83KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 190KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

01ee5b541d758d596670ba751bab1705

Headers

File Characteristics

Imports

kernel32

user32

winspool.drv

advapi32

version

comctl32

gdi32

comdlg32

Exports

Exports

Sections

.text Size: 84KB - Virtual size: 83KB

.rdata Size: 20KB - Virtual size: 18KB

.data Size: 16KB - Virtual size: 190KB

.rsrc Size: 60KB - Virtual size: 57KB

.reloc Size: 12KB - Virtual size: 11KB

.text
Size: 84KB - Virtual size: 83KB

.rdata
Size: 20KB - Virtual size: 18KB

.data
Size: 16KB - Virtual size: 190KB

.rsrc
Size: 60KB - Virtual size: 57KB

.reloc
Size: 12KB - Virtual size: 11KB