0dda5a7e0744bdbaadea3e43710f1b92_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0dda5a7e0744bdbaadea3e43710f1b92_JaffaCakes118
Size

1007KB
MD5

0dda5a7e0744bdbaadea3e43710f1b92
SHA1

f7032907d2d64710c060e864db6ef78220f5ad90
SHA256

d828e4923a88f146a6280cf9c3453f3b1b30618a015bc94dea76dfee1463e6ec
SHA512

e67de1522b518858d3ab4f95c3b0a60dbf86931086cb713b44e1b798f4c4b35b1ff65564a8b120b5092a6420d29f2ef44444e8db57df95c0a16dbfa56d553646
SSDEEP

24576:P7PE3N2SjxcS52eMVx/oNiiUr6zeCaA/BVG:AtcpVRoNi7QtZDG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0dda5a7e0744bdbaadea3e43710f1b92_JaffaCakes118

Files

0dda5a7e0744bdbaadea3e43710f1b92_JaffaCakes118
.dll windows:5 windows x86 arch:x86

9ec8e843b1a16e2ca8257377c0e7a260

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

i:\BETA_3_2\src\teamroom.v3\win\Release\oDeskTeamRoom.pdb

Imports

ws2_32

closesocket
gethostbyname
select
WSASetLastError
send
shutdown
recv
inet_addr
WSACleanup
WSAStartup
WSAIoctl
connect
htons
socket
getprotobyname
WSAGetLastError

wininet

InternetSetStatusCallbackW
InternetReadFileExA
InternetOpenW
InternetCloseHandle
InternetConnectW
HttpOpenRequestW
HttpAddRequestHeadersW
HttpSendRequestExW
HttpEndRequestW
HttpQueryInfoW
InternetQueryOptionW

comctl32

InitCommonControlsEx
_TrackMouseEvent

winmm

PlaySoundW

kernel32

WaitForSingleObject
GetComputerNameW
SetEvent
GetModuleHandleW
GetTickCount
WriteFile
TzSpecificLocalTimeToSystemTime
LoadLibraryW
Sleep
GetVersionExW
GetTimeFormatW
MulDiv
GetTimeZoneInformation
GetProcAddress
ResetEvent
GetLocalTime
CreateEventW
WaitForMultipleObjects
IsDebuggerPresent
GetCurrentThreadId
CloseHandle
GetSystemTime
CreateThread
SetFilePointerEx
CreateDirectoryW
CreateFileW
SetEndOfFile
GetLocaleInfoW
SystemTimeToFileTime
FileTimeToSystemTime
ReadFile
CompareStringW
ResumeThread
GetModuleFileNameW
RtlUnwind
GetSystemTimeAsFileTime
GetCurrentProcessId
QueryPerformanceCounter
GetEnvironmentStringsW
FreeEnvironmentStringsW
GetEnvironmentStrings
FreeEnvironmentStringsA
GetStartupInfoA
GetFileType
SetHandleCount
GetStringTypeW
SystemTimeToTzSpecificLocalTime
IsValidLocale
EnumSystemLocalesA
GetLocaleInfoA
GetUserDefaultLCID
LCMapStringW
LCMapStringA
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
ExitProcess
VirtualFree
HeapCreate
SetLastError
TlsFree
TlsSetValue
TlsAlloc
TlsGetValue
GetModuleFileNameA
GetStdHandle
SetUnhandledExceptionFilter
UnhandledExceptionFilter
GetCurrentProcess
TerminateProcess
GetCommandLineA
InterlockedDecrement
InterlockedIncrement
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
GetProcessHeap
HeapSize
HeapReAlloc
HeapFree
HeapAlloc
HeapDestroy
SetFilePointer
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
GetDateFormatW
FindResourceExW
FindResourceW
LoadResource
LockResource
SizeofResource
lstrlenW
FreeLibrary
lstrlenA
MultiByteToWideChar
GetLastError
WideCharToMultiByte
CreateFileA
FlushFileBuffers
CompareStringA
SetEnvironmentVariableA
GetVersion
GlobalMemoryStatus
GetVersionExA
SetConsoleCtrlHandler
LoadLibraryA
InitializeCriticalSectionAndSpinCount
GetModuleHandleA
FindFirstFileA
FindClose
FlushConsoleInputBuffer
FileTimeToLocalFileTime
GetDriveTypeA
GetFullPathNameA
GetCurrentDirectoryA
ReadConsoleInputA
SetConsoleMode
GetStringTypeA

user32

DrawIconEx
FrameRect
SetScrollInfo
DrawFocusRect
EndPaint
ClientToScreen
DestroyWindow
SetCursor
GetWindowTextLengthW
TranslateAcceleratorW
DestroyAcceleratorTable
SetTimer
HideCaret
DrawTextW
GetWindowRect
TrackPopupMenu
PeekMessageW
FillRect
GetMenuItemID
IsChild
PostMessageW
KillTimer
GetKeyState
GetSubMenu
SetForegroundWindow
DeleteMenu
GetFocus
IsCharAlphaNumericW
ScreenToClient
MsgWaitForMultipleObjects
DialogBoxParamW
GetParent
LoadCursorW
GetClientRect
SetFocus
GetMenuItemInfoW
DrawFrameControl
GetDesktopWindow
IsZoomed
GetWindowPlacement
MonitorFromRect
GetCursor
DrawTextA
IsIconic
GetMonitorInfoW
BeginPaint
PtInRect
GetScrollBarInfo
GetIconInfo
GetDC
LoadAcceleratorsW
LockWindowUpdate
GetForegroundWindow
GetMenu
IsDialogMessageW
RegisterClassExW
TrackPopupMenuEx
CopyIcon
CreateIcon
CheckMenuRadioItem
FlashWindowEx
GetScrollInfo
InvalidateRect
LoadMenuW
GetWindowLongW
AppendMenuW
GetWindowTextW
SystemParametersInfoW
ReleaseDC
EnableMenuItem
GetMenuState
GetDlgItem
SetWindowLongW
EndDialog
SendDlgItemMessageW
SetWindowPos
GetCursorPos
CheckDlgButton
GetLastInputInfo
ShowWindow
CreatePopupMenu
GetSysColorBrush
IsDlgButtonChecked
CreateDialogParamW
DrawMenuBar
GetMenuItemCount
RemoveMenu
CreateWindowExW
SetMenuDefaultItem
CheckRadioButton
MessageBoxW
GetSystemMetrics
IsWindowVisible
GetDlgItemTextW
SetDlgItemTextW
SendMessageW
UpdateWindow
EnableWindow
DestroyMenu
SetWindowTextW
DestroyIcon
SetMenuItemInfoW
CallWindowProcW
DefWindowProcW
CheckMenuItem
GetMessagePos
GetUserObjectInformationW
GetProcessWindowStation
MessageBoxA
LoadImageW

gdi32

SetBkMode
CreatePen
LineTo
SetTextColor
CreateFontIndirectW
CreateSolidBrush
SetStretchBltMode
GetDeviceCaps
GetTextColor
DeleteDC
Rectangle
GetTextMetricsW
GetTextExtentPoint32W
SelectObject
GetCurrentObject
GetBitmapBits
TextOutW
BitBlt
CreateCompatibleBitmap
CreateFontW
GetDIBits
StretchDIBits
StretchBlt
MoveToEx
SetBkColor
DeleteObject
CreateCompatibleDC
GetStockObject
GetObjectW

comdlg32

GetSaveFileNameW

advapi32

RegCloseKey
RegQueryValueExW
RegOpenKeyExW
DeregisterEventSource
ReportEventA
RegisterEventSourceA

shell32

SHAppBarMessage
ShellExecuteW

ole32

CoInitialize
CoTaskMemFree
CLSIDFromProgID
CoUninitialize
CoCreateInstance

oleaut32

VarBstrCat
VariantChangeType
VariantInit
VariantClear
VarBstrCmp
SysAllocStringLen
SysFreeString
SysStringLen
SysAllocString

Sections

.text
Size: 694KB - Virtual size: 694KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 147KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 52KB - Virtual size: 67KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 64KB - Virtual size: 63KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 48KB - Virtual size: 48KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9ec8e843b1a16e2ca8257377c0e7a260

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

ws2_32

wininet

comctl32

winmm

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 694KB - Virtual size: 694KB

.rdata Size: 147KB - Virtual size: 146KB

.data Size: 52KB - Virtual size: 67KB

.rsrc Size: 64KB - Virtual size: 63KB

.reloc Size: 48KB - Virtual size: 48KB

.text
Size: 694KB - Virtual size: 694KB

.rdata
Size: 147KB - Virtual size: 146KB

.data
Size: 52KB - Virtual size: 67KB

.rsrc
Size: 64KB - Virtual size: 63KB

.reloc
Size: 48KB - Virtual size: 48KB