06fd03153d6aeee7dc75d2531b221393_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

06fd03153d6aeee7dc75d2531b221393_JaffaCakes118
Size

230KB
MD5

06fd03153d6aeee7dc75d2531b221393
SHA1

86301d42cc488b3b40ce3746aea427415ecd3ba2
SHA256

2cfee074c8e538dd01df8b62f5dca32d6c6b9f531f6237bf0f9b0579cde4fd57
SHA512

f456ae6c069750533b5ea793f35b557dddec1c7f9576ae31fd85010fa9b123c52b7f589304b5fb7876e372693ca2c7683dd2090a36f4de4f60d168229bb4287b
SSDEEP

6144:DMosD/qUyiVLnEqFtaj6+DQX8KqLEClUK9u2X:DbsLqKVLEqFhFqXQ2X

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
06fd03153d6aeee7dc75d2531b221393_JaffaCakes118

Files

06fd03153d6aeee7dc75d2531b221393_JaffaCakes118
.dll windows:4 windows x86 arch:x86

a6b3656508c8ad9c8e7b0f2874637d62

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

SHGetValueA
SHDeleteValueA
SHSetValueA

msvcrt

_except_handler3
fclose
malloc
free
vsprintf
mktime
localtime
fwrite
fopen
printf
sprintf
strrchr
_strlwr
_strnicmp
_mbsnbicmp
rename
__CxxFrameHandler
strstr
fread
??2@YAPAXI@Z
ftell
fseek
time
getenv
rand
srand
_access
_stat
_CxxThrowException
strncmp
wprintf
_purecall
_ftol
_CIasin
_mbscmp
??1type_info@@UAE@XZ
_CIacos
_CIpow
_setjmp3
__CxxLongjmpUnwind
longjmp
_adjust_fdiv
_initterm
?terminate@@YAXXZ
_snprintf
_onexit
__dllonexit
_mkdir
strftime
_stricmp
isspace
strchr
abort
strtok
strncpy
wcscpy
wcscat
wcslen
memmove
atol
sscanf
atoi

ws2_32

gethostbyname
ntohl
inet_addr
htons
ntohs
WSAStartup
sendto
socket
bind
recvfrom
gethostname

iphlpapi

GetAdaptersInfo

rasapi32

RasGetEntryDialParamsA
RasEnumEntriesA
RasEnumConnectionsA

setupapi

SetupDiCallClassInstaller
SetupDiSetClassInstallParamsA
SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA
SetupDiDestroyDeviceInfoList

netapi32

Netbios

advapi32

RegOpenKeyExA
RegQueryValueExW
RegCloseKey
RegQueryValueExA
DeleteService
CloseServiceHandle
ControlService
OpenServiceA
OpenSCManagerA
RegSetValueExA
RegCreateKeyExA
RegEnumKeyExA
RegQueryInfoKeyA
CreateServiceA
StartServiceA
RegEnumValueA
GetUserNameA
LookupAccountNameA
ConvertSidToStringSidW
LsaOpenPolicy
LsaRetrievePrivateData
LsaClose
RegConnectRegistryA
RegOpenKeyA
RegEnumKeyA
RegOpenKeyExW

user32

ChangeClipboardChain
PostQuitMessage
SetClipboardViewer
DefWindowProcA
GetPriorityClipboardFormat
OpenClipboard
GetClipboardData
GetForegroundWindow
GetWindowTextA
CloseClipboard
SendMessageA
RegisterClassExA
CreateWindowExA
SetTimer
GetMessageA
TranslateMessage
DispatchMessageA
IsCharAlphaNumericA
wsprintfW
wsprintfA
GetProcessWindowStation
GetThreadDesktop
OpenWindowStationA
SetProcessWindowStation
OpenDesktopA
SetThreadDesktop
GetDC
ReleaseDC
CloseWindowStation
CloseDesktop
GetSystemMetrics

oleaut32

GetErrorInfo

kernel32

FileTimeToLocalFileTime
FileTimeToSystemTime
lstrcatA
lstrcpyA
SetFilePointer
FindFirstFileA
FindNextFileA
FindClose
GetCurrentProcessId
GetCurrentThread
GetCurrentProcess
CreateToolhelp32Snapshot
GetDriveTypeA
GetLogicalDriveStringsA
Process32First
Process32Next
GetSystemDefaultLCID
GetEnvironmentVariableA
WideCharToMultiByte
GetDiskFreeSpaceExA
GetPrivateProfileStringA
InterlockedCompareExchange
OpenProcess
TerminateProcess
CreatePipe
GetStartupInfoA
GetVersionExA
GetSystemDirectoryA
MoveFileExA
GetModuleHandleW
TerminateThread
LocalFree
LocalAlloc
lstrlenA
SetLastError
CreateFileW
GetVolumeInformationA
GetLogicalDrives
GetModuleFileNameA
GetDiskFreeSpaceExW
GetVolumeInformationW
GetSystemDirectoryW
WritePrivateProfileStringA
DeleteCriticalSection
ResumeThread
GetExitCodeThread
CreateEventA
InitializeCriticalSection
LeaveCriticalSection
WaitForSingleObject
EnterCriticalSection
SetEvent
GetCurrentThreadId
GetProcAddress
LoadLibraryA
CreateThread
CreateProcessA
Sleep
GetLastError
InterlockedExchange
GlobalAlloc
GlobalLock
GlobalHandle
GlobalUnlock
GlobalFree
DeviceIoControl
GetFileSize
SizeofResource
LockResource
LoadResource
FindResourceA
EndUpdateResourceA
UpdateResourceA
BeginUpdateResourceA
MoveFileA
DeleteFileA
CopyFileA
GetTickCount
GetLocalTime
InterlockedDecrement
InterlockedIncrement
GetPrivateProfileIntA
ReadFile
FreeLibrary
SystemTimeToFileTime
GetFileTime
LocalFileTimeToFileTime
SetFileTime
OutputDebugStringA
CreateMutexA
MultiByteToWideChar
CloseHandle
WriteFile
CreateFileA
GetTempPathA
GetWindowsDirectoryA
SetFileAttributesA

mfc42

ord537
ord800
ord535
ord860
ord540
ord6877
ord2818
ord858
ord924
ord4129
ord5683
ord801
ord541
ord2614
ord354
ord665
ord5710
ord6883
ord4278

gdi32

CreateDCA
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
BitBlt
GetDeviceCaps
GetStockObject
SelectPalette
RealizePalette
GetDIBits
DeleteObject
GetPixel
DeleteDC

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderLocation
SHGetPathFromIDListA

ole32

CoTaskMemFree
CoInitialize
CoCreateInstance
CoUninitialize
StgOpenStorage
StgIsStorageFile

winmm

waveInStart
mixerOpen
mixerGetLineInfoA
mixerGetLineControlsA
mixerGetNumDevs
waveInUnprepareHeader
waveInOpen
waveInGetErrorTextA
waveInPrepareHeader
waveInAddBuffer
waveInReset
waveInClose
mixerSetControlDetails
mixerGetControlDetailsA
mixerGetDevCapsA
mixerClose

Exports

Exports

DealA
DealB

Sections

.text
Size: 173KB - Virtual size: 172KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a6b3656508c8ad9c8e7b0f2874637d62

Headers

File Characteristics

Imports

shlwapi

msvcrt

ws2_32

iphlpapi

rasapi32

setupapi

netapi32

advapi32

user32

oleaut32

kernel32

mfc42

gdi32

shell32

ole32

winmm

Exports

Exports

Sections

.text Size: 173KB - Virtual size: 172KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 28KB - Virtual size: 76KB

.reloc Size: 12KB - Virtual size: 11KB

.text
Size: 173KB - Virtual size: 172KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 28KB - Virtual size: 76KB

.reloc
Size: 12KB - Virtual size: 11KB