0ce544bc59d0b224a0f11425438c9d18_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

0ce544bc59d0b224a0f11425438c9d18_JaffaCakes118
Size

409KB
MD5

0ce544bc59d0b224a0f11425438c9d18
SHA1

49002866271eed499d8d1a535efc98815ece0244
SHA256

4d61ac8c4e38dd03fa8726759886f0b1b48d6dbf842ff91f9048c53a445d601b
SHA512

5765a9f9d47e76cec07abfa9bb77fc6228453947a3f83f8e83e099072bbbd9cc914bcbd6c3ece287cb53d2bdbc60afe465f38c3fb3d958bc7011ea61426d7067
SSDEEP

6144:Ukr3I2bCjw0SHgZz0xZe5yY0E2twfcR5655C2rhObDEjtFbkWAcuyDDiPeWEcrcf:Ukze5KgMVtE1jmmtFbkPc7DiPBEcrm

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0ce544bc59d0b224a0f11425438c9d18_JaffaCakes118

Files

0ce544bc59d0b224a0f11425438c9d18_JaffaCakes118
.dll windows:4 windows x86 arch:x86

5c936abc81eb13326704ea6626149e55

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

comctl32

ord17
ImageList_Destroy
ImageList_Add
ImageList_Create
ImageList_DrawEx
ImageList_GetImageInfo
InitCommonControlsEx
ImageList_DragEnter
ImageList_BeginDrag
ImageList_GetIconSize
ImageList_EndDrag
ImageList_DragLeave
ImageList_DragShowNolock
ImageList_DragMove
ImageList_Remove
ImageList_Replace
ImageList_DrawIndirect
ImageList_Draw
_TrackMouseEvent

shlwapi

PathIsURLW
PathStripPathA
StrChrW
PathCombineW
PathRemoveFileSpecW
ColorAdjustLuma
PathFindFileNameW
PathFindExtensionW
StrStrIW
PathCombineA

kernel32

WaitForMultipleObjects
CreateEventA
CreateThread
CompareStringW
FindNextFileA
FindFirstFileA
GetLastError
DeleteFileA
GetFileAttributesA
ResetEvent
GetModuleFileNameW
HeapAlloc
GetProcessHeap
HeapFree
HeapReAlloc
GetVersion
Sleep
GetVersionExW
FreeResource
LockResource
SizeofResource
LoadResource
FindResourceW
ReadFile
GetFileSize
CreateFileW
GetTickCount
TlsSetValue
TlsGetValue
GetCurrentThreadId
TlsAlloc
MulDiv
lstrcmpW
SleepEx
SetLastError
CompareFileTime
SetErrorMode
GlobalFree
GetTimeFormatW
GetDateFormatW
FileTimeToSystemTime
WaitForMultipleObjectsEx
SetThreadPriority
TerminateThread
QueueUserAPC
InterlockedDecrement
SetEvent
WaitForSingleObject
InterlockedIncrement
CloseHandle
GetCurrentThread
GetCurrentProcess
DuplicateHandle
GetVersionExA
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
lstrlenW
GetModuleHandleA
CreateDirectoryA
lstrcpynA
lstrcmpiW
lstrcpynW
lstrcmpiA
lstrcpyW
FindFirstFileW
FindNextFileW
FindClose
GetModuleFileNameA
GetCurrentProcessId
WideCharToMultiByte
MultiByteToWideChar
GlobalDeleteAtom
GlobalAddAtomW
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
LoadLibraryA
GetProcAddress
FreeLibrary
LocalFree
DisableThreadLibraryCalls
ExitProcess
QueryPerformanceCounter
LoadLibraryW
GetSystemTimeAsFileTime

user32

CreateCaret
SetCaretPos
DestroyCaret
ValidateRgn
GetMessagePos
GetListBoxInfo
GetForegroundWindow
UnhookWindowsHookEx
CallNextHookEx
GetSysColorBrush
SetWindowsHookExA
SetClassLongW
GetClassLongW
SetMenuInfo
SystemParametersInfoW
SystemParametersInfoA
SetRectEmpty
MenuItemFromPoint
ScrollWindowEx
SetScrollInfo
DrawTextA
GetWindowTextA
GetCursor
SetScrollPos
SetScrollRange
RegisterClassW
GetClassInfoW
CharUpperBuffW
RemoveMenu
DestroyMenu
CheckRadioButton
DestroyCursor
ShowCursor
DispatchMessageW
MsgWaitForMultipleObjectsEx
PostThreadMessageA
SendMessageTimeoutA
TranslateMessage
IsDialogMessageW
CopyIcon
SetParent
CopyAcceleratorTableA
GetMenuItemInfoW
ReleaseCapture
MapVirtualKeyA
ShowCaret
CharNextW
GetMenuItemID
InsertMenuItemW
PostMessageA
MessageBoxA
PostMessageW
GetWindowLongA
ShowWindow
GetFocus
CheckMenuItem
SetWindowTextW
DestroyWindow
TrackPopupMenuEx
IsWindowVisible
IsChild
GetAsyncKeyState
ScreenToClient
MapWindowPoints
LoadCursorA
SetCursor
WindowFromPoint
RegisterWindowMessageW
SendMessageW
GetWindowThreadProcessId
SendMessageA
CreatePopupMenu
AppendMenuW
GetMenuItemCount
IsWindow
SetWindowLongA
SetPropW
GetPropW
IsWindowUnicode
DefWindowProcW
DefWindowProcA
GetWindowLongW
RemovePropW
SetWindowLongW
CallWindowProcW
GetClientRect
FillRect
CallWindowProcA
IsRectEmpty
GetCapture
SendInput
TrackMouseEvent
InflateRect
GetComboBoxInfo
SetFocus
GetSysColor
DrawFocusRect
GetMenuInfo
GetWindowDC
CopyRect
GetActiveWindow
SetCapture
KillTimer
SetTimer
InvalidateRgn
GetUpdateRect
GetGUIThreadInfo
PtInRect
LoadImageW
EnumChildWindows
BeginPaint
EndPaint
IsWindowEnabled
GetClassNameW
GetPropA
GetSubMenu
PeekMessageW
RemovePropA
GetAncestor
GetKeyNameTextW
SetForegroundWindow
GetUpdateRgn
BeginDeferWindowPos
DeferWindowPos
EndDeferWindowPos
RedrawWindow
CharPrevA
GetMenuItemInfoA
DeleteMenu
CreateMenu
InsertMenuItemA
GetWindow
GetWindowTextW
GetDlgItemTextA
EndDialog
SendDlgItemMessageW
MessageBoxW
GetDlgItemInt
SetDlgItemInt
IsDlgButtonChecked
CheckDlgButton
GetWindowRect
GetDC
SendDlgItemMessageA
GetDlgItem
GetDlgItemTextW
CreateWindowExW
DrawTextW
OffsetRect
IntersectRect
GetScrollInfo
UpdateWindow
EnableWindow
SetWindowPos
GetSystemMetrics
GetDlgCtrlID
GetParent
GetDCEx
FrameRect
ReleaseDC
SetRect
ValidateRect
GetCursorPos
SetMenuItemInfoW
InvalidateRect
SetPropA

gdi32

CreateSolidBrush
DeleteDC
BitBlt
SetBkColor
RectVisible
CreatePatternBrush
PatBlt
GetViewportOrgEx
StretchDIBits
GetClipRgn
GetPixel
SelectObject
CreateCompatibleDC
CreateBitmap
GetObjectW
CreateDIBSection
CreateFontA
SetTextColor
ExtTextOutW
CreateFontIndirectW
GetTextMetricsW
GetStockObject
CreateCompatibleBitmap
LineTo
MoveToEx
CreatePen
GetTextExtentPoint32W
CombineRgn
SetRectRgn
CreateRectRgnIndirect
OffsetRgn
CreateRectRgn
CreateBrushIndirect
GetNearestColor
SetBkMode
StretchBlt
SetStretchBltMode
FillRgn
GetBkColor
GetTextColor
GetDIBits
SetBrushOrgEx
SetDCPenColor
SelectClipRgn
IntersectClipRect
GetTextMetricsA
GetCharWidth32W
GetCharABCWidthsW
OffsetViewportOrgEx
ExcludeClipRect
ExtTextOutA
SetViewportOrgEx
DeleteObject

shell32

ShellExecuteA
ShellExecuteW
DragQueryFileW

ole32

CoCreateInstance
CoUninitialize
CoInitialize
OleUninitialize
OleInitialize
CoFreeUnusedLibraries
CoTaskMemFree
CoTaskMemAlloc
OleRun

oleaut32

SysAllocString
SafeArrayCreateVector
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayDestroy
VariantCopyInd
VariantClear
SysFreeString
VariantInit

tataki

?isInvalid@SkinBitmap@@QAEHXZ
?getWidth@SkinBitmap@@QBEHXZ
?getHeight@SkinBitmap@@QBEHXZ
??1SkinBitmap@@QAE@XZ
??0SkinBitmap@@QAE@PB_WH@Z
??1AutoSkinBitmap@@UAE@XZ
?GetColor@SkinColor@@SAKPB_W0K@Z
Quit
Init
??1DCCanvas@@UAE@XZ
?stretchToRectAlpha@SkinBitmap@@QAEXPAVifc_canvas@@PAUtagRECT@@H@Z
??0DCCanvas@@QAE@PAUHDC__@@PAVBaseWnd@@@Z
?getBitmap@AutoSkinBitmap@@QAEPAVSkinBitmap@@XZ
?fillRect@Canvas@@QAEXPBUtagRECT@@K@Z
??1DCBltCanvas@@UAE@XZ
?getHDC@Canvas@@QAEPAUHDC__@@XZ
?cloneDC@DCBltCanvas@@QAEHPAUHDC__@@PAUtagRECT@@PAVBaseWnd@@@Z
??0DCBltCanvas@@QAE@XZ
??0AutoSkinBitmap@@QAE@PB_W@Z

nscrt

_except_handler3
tolower
memcmp
wcscmp
_purecall
_vsnwprintf
_vsnprintf
??_V@YAXPAX@Z
strchr
memcpy
??2@YAPAXI@Z
__CxxFrameHandler
??3@YAXPAX@Z
wcslen
strlen
realloc
malloc
sprintf
strcmp
free
memset
_itow
_wtoi
??_U@YAPAXI@Z
memmove
labs
abs
bsearch
qsort
_wcsdup
__dllonexit
_onexit
??1type_info@@UAE@XZ
_initterm
_adjust_fdiv
__CppXcptFilter
?terminate@@YAXXZ
_strdup
_stricmp
_wcsicmp
__security_error_handler
_CxxThrowException

Exports

Exports

MlEnableSkinnedPopup
MlGetSkinColor
MlInitSkinnedPopupHook
MlIsSkinnedPopupEnabled
MlRemoveSkinnedPopupHook
MlSkinWindow
MlSkinWindowEx
MlTrackSkinnedPopupMenuEx
MlUnskinWindow
RegisterSetup
winampGetGeneralPurposePlugin

Sections

.text
Size: 215KB - Virtual size: 215KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 1024B - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 23KB - Virtual size: 22KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 17KB - Virtual size: 17KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 125KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5c936abc81eb13326704ea6626149e55

Headers

File Characteristics

Imports

comctl32

shlwapi

kernel32

user32

gdi32

shell32

ole32

oleaut32

tataki

nscrt

Exports

Exports

Sections

.text Size: 215KB - Virtual size: 215KB

.rdata Size: 25KB - Virtual size: 24KB

.data Size: 1024B - Virtual size: 6KB

.rsrc Size: 23KB - Virtual size: 22KB

.reloc Size: 17KB - Virtual size: 17KB

.text Size: 125KB - Virtual size: 128KB

.text
Size: 215KB - Virtual size: 215KB

.rdata
Size: 25KB - Virtual size: 24KB

.data
Size: 1024B - Virtual size: 6KB

.rsrc
Size: 23KB - Virtual size: 22KB

.reloc
Size: 17KB - Virtual size: 17KB

.text
Size: 125KB - Virtual size: 128KB