062d95d78671e79167fc1a2f3d24b402_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

062d95d78671e79167fc1a2f3d24b402_JaffaCakes118
Size

944KB
MD5

062d95d78671e79167fc1a2f3d24b402
SHA1

a5806b3e587b8f7b080ab11830cee88430f42ee5
SHA256

948c5803eeecab1418cfad7e7f023c2c71904f72bb5c3cfde1e7cae0be1c1867
SHA512

8df2f3970c2a2c254153c0ba1b5c7f7875da56647a3491624ef1b359370403d36d530550c3ba7d28eed237987b5fdfb5b249b3012b4dda8dafde8c6cb8466107
SSDEEP

24576:gYM1kDkOk+VuUUE6rxUGt7HbeeYSAFNGCx:Y1kDk1VEJNDFY

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
062d95d78671e79167fc1a2f3d24b402_JaffaCakes118

Files

062d95d78671e79167fc1a2f3d24b402_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

d6ab3195c81234fb5a83caf187e9f081

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetFullPathNameA
GlobalReAlloc
GlobalHandle
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
SetErrorMode
GlobalFlags
GetCPInfo
GetOEMCP
GetCurrentDirectoryA
ExitProcess
RtlUnwind
GetTimeFormatA
GetDateFormatA
ExitThread
CreateThread
VirtualAlloc
GetCommandLineA
GetCurrentProcess
HeapSize
SetStdHandle
GetTimeZoneInformation
LCMapStringA
LCMapStringW
UnhandledExceptionFilter
VirtualFree
IsBadWritePtr
GetStringTypeA
GetStringTypeW
SetHandleCount
GetStdHandle
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetDriveTypeA
IsBadCodePtr
SetEnvironmentVariableA
FlushFileBuffers
GetProcessHeap
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesA
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
lstrcatA
lstrcmpW
FreeResource
VirtualProtect
FileTimeToSystemTime
FormatMessageA
SetUnhandledExceptionFilter
VirtualQuery
GetSystemTimeAsFileTime
FileTimeToLocalFileTime
GetTempPathA
GetTempFileNameA
SetFileTime
QueryPerformanceCounter
QueryPerformanceFrequency
CopyFileA
OpenFile
GetModuleHandleA
GetSystemInfo
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
HeapCreate
HeapAlloc
HeapFree
HeapDestroy
CreateEventA
lstrcpynA
GetCurrentProcessId
GetCurrentThreadId
GetSystemTime
SystemTimeToFileTime
GlobalMemoryStatus
FindResourceExA
CreateProcessA
GetWindowsDirectoryA
IsBadReadPtr
MulDiv
GetFileType
InterlockedIncrement
FreeLibrary
DeviceIoControl
lstrcmpA
LoadLibraryA
GetProcAddress
FindFirstFileA
FindNextFileA
FindClose
MoveFileA
LockFile
WriteFile
UnlockFile
ReadFile
GetFileSize
SetFilePointer
SetEndOfFile
GetFileAttributesA
GetModuleFileNameA
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
lstrcpyA
LocalAlloc
OutputDebugStringA
ResetEvent
SetEvent
WaitForSingleObject
TerminateThread
GetExitCodeThread
CreateFileA
RaiseException
lstrcmpiA
CompareStringA
CompareStringW
MultiByteToWideChar
GetVersion
TerminateProcess
CloseHandle
InterlockedDecrement
LocalFree
CreateDirectoryA
Sleep
GetPrivateProfileStringA
WritePrivateProfileStringA
SetLastError
GetLastError
DeleteFileA
GetTickCount
GetPrivateProfileIntA
WideCharToMultiByte
lstrlenA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
FindResourceA
LoadResource
LockResource
SizeofResource
GetVersionExA
GetThreadLocale
GetLocaleInfoA
GetACP
HeapReAlloc
InterlockedExchange

user32

GetSysColorBrush
DestroyMenu
ValidateRect
PostQuitMessage
WindowFromPoint
EndPaint
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
SetWindowTextA
IsDialogMessageA
WinHelpA
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassInfoExA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetWindowTextLengthA
GetWindowTextA
GetForegroundWindow
GetLastActivePopup
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
MapWindowPoints
TrackPopupMenu
GetKeyState
AdjustWindowRectEx
GetClassInfoA
RegisterClassA
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
SystemParametersInfoA
GetWindowPlacement
CopyRect
IsIconic
IsWindowVisible
SetTimer
KillTimer
EnableWindow
SendMessageA
SetWindowLongA
GetWindowLongA
UnregisterClassA
GetWindow
GetDesktopWindow
CreateDialogIndirectParamA
DestroyWindow
GetNextDlgTabItem
EndDialog
MapDialogRect
GetCapture
GetActiveWindow
SetActiveWindow
GetAsyncKeyState
GetFocus
SetFocus
GetDlgItem
IsWindowEnabled
GetMenuState
RegisterWindowMessageA
GetMessagePos
LoadMenuA
GetSubMenu
GetMenuItemID
GetMenuItemCount
MessageBoxA
PostMessageA
GetCursorPos
SetWindowPos
ScreenToClient
UpdateWindow
SendDlgItemMessageA
SetDlgItemTextA
ShowWindow
SetForegroundWindow
CopyIcon
DestroyCursor
GetMenu
DispatchMessageA
PeekMessageA
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
GetClientRect
LoadIconA
GetSystemMetrics
GetParent
TranslateMessage
GetMessageA
wsprintfA
SetCursor
PtInRect
InflateRect
GetWindowRect
GetDC
GetSysColor
IsWindow
ReleaseCapture
LoadCursorA
SetCapture
RedrawWindow
InvalidateRect
ReleaseDC
BeginPaint

gdi32

EnumFontFamiliesExA
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
DeleteDC
DeleteObject
SetMapMode
SetBkMode
RestoreDC
SaveDC
CreateBitmap
SetBkColor
SetTextColor
GetClipBox
GetTextExtentPoint32A
GetObjectA
CreateFontIndirectA
GetStockObject
GetDeviceCaps

winspool.drv

DocumentPropertiesA
OpenPrinterA
ClosePrinter

advapi32

RegEnumKeyExA
RegQueryInfoKeyA
RegOpenKeyExA
RegQueryValueExA
RegDeleteKeyA
RegOpenKeyA
RegSetValueExA
RegCreateKeyA
RegEnumKeyA
RegEnumValueA
CryptAcquireContextA
CryptReleaseContext
RegCreateKeyExA
RegCloseKey
RegQueryValueA
CryptCreateHash
CryptHashData
CryptGetHashParam
CryptDestroyHash

shell32

ShellExecuteExA
ShellExecuteA

comctl32

PropertySheetA
DestroyPropertySheetPage
CreatePropertySheetPageA
ord17
ImageList_Destroy

shlwapi

PathFindExtensionA
PathFindFileNameA
UrlUnescapeA

ole32

CoUninitialize
CoInitialize
CoCreateInstance
OleRun

oleaut32

VariantTimeToSystemTime
SystemTimeToVariantTime
VarUdateFromDate
VariantClear
VariantChangeType
VariantInit
SysAllocString
GetErrorInfo
SysFreeString

ws2_32

socket
connect
gethostbyname
recv
send
gethostname
sendto
WSACleanup
recvfrom
WSAStartup
getpeername
htons
WSAEventSelect
WSACloseEvent
setsockopt
shutdown
WSASetLastError
WSASend
WSAGetLastError
WSASetEvent
closesocket
WSASocketA
inet_ntoa
inet_addr
bind
getsockname
ntohs
listen
WSAWaitForMultipleEvents
WSARecv
WSAResetEvent
WSACreateEvent
WSAEnumNetworkEvents
accept

wininet

InternetCanonicalizeUrlA
InternetCrackUrlA
InternetGetConnectedState
InternetOpenA
InternetCloseHandle
InternetOpenUrlA
HttpQueryInfoA
InternetReadFile
InternetSetCookieA

version

GetFileVersionInfoA
GetFileVersionInfoSizeA
VerQueryValueA

imagehlp

ImageNtHeader
CheckSumMappedFile

Exports

Exports

CreateLiveNetworkInstance
DestroyLiveNetworkInstance
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 652KB - Virtual size: 650KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 156KB - Virtual size: 152KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 12KB - Virtual size: 91KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 44KB - Virtual size: 41KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 76KB - Virtual size: 72KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

d6ab3195c81234fb5a83caf187e9f081

Headers

File Characteristics

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

ws2_32

wininet

version

imagehlp

Exports

Exports

Sections

.text Size: 652KB - Virtual size: 650KB

.rdata Size: 156KB - Virtual size: 152KB

.data Size: 12KB - Virtual size: 91KB

.rsrc Size: 44KB - Virtual size: 41KB

.reloc Size: 76KB - Virtual size: 72KB

.text
Size: 652KB - Virtual size: 650KB

.rdata
Size: 156KB - Virtual size: 152KB

.data
Size: 12KB - Virtual size: 91KB

.rsrc
Size: 44KB - Virtual size: 41KB

.reloc
Size: 76KB - Virtual size: 72KB