0f838c4e929ed24536ea1f44a4e811e7_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

0f838c4e929ed24536ea1f44a4e811e7_JaffaCakes118
Size

603KB
MD5

0f838c4e929ed24536ea1f44a4e811e7
SHA1

c258f6df335645082e83cdd8ea8fe960889e6311
SHA256

248726c4f1dc1eb9715e49b2bfcc5f4bc4db20e9e26a68c7e07fadd51a63324a
SHA512

20334e85f41755fea852f97ffcba7da01a9b0b699d1d55a6e9d517929d14f59bc9bb82142fd9ed4c94ba13b69eecccbd46ad5be10aeaa156c8cfd566295d3b89
SSDEEP

12288:/jliO0NpdHwQqflqXlzHuRrp6r58AZc5t+pSPagUxl4aX:/jEO9QqflqXlzHur6lppSI/F

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
0f838c4e929ed24536ea1f44a4e811e7_JaffaCakes118

Files

0f838c4e929ed24536ea1f44a4e811e7_JaffaCakes118
.dll regsvr32 windows:5 windows x86 arch:x86

317d95556495f88bf6fe38867f87d55b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetFileTime
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapFree
HeapAlloc
GetCommandLineA
RtlUnwind
RaiseException
HeapReAlloc
HeapSize
Sleep
ExitProcess
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapCreate
HeapDestroy
VirtualFree
GetStdHandle
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
GetFileSizeEx
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
LCMapStringA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
GetFileAttributesW
FileTimeToLocalFileTime
CreateFileW
GetFullPathNameW
GetVolumeInformationW
FindFirstFileW
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GetTickCount
FileTimeToSystemTime
lstrlenA
GetCurrentProcessId
lstrcmpA
CompareStringA
InterlockedExchange
GlobalFlags
GetThreadLocale
SetErrorMode
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GetModuleHandleA
GetModuleFileNameW
FormatMessageW
LocalFree
MulDiv
GlobalAlloc
GlobalLock
GlobalUnlock
GlobalFree
FreeResource
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
GetVersionExW
CompareStringW
SetLastError
lstrcmpW
GetModuleHandleW
GetVersionExA
ReleaseMutex
OpenMutexW
CreateMutexW
WaitForSingleObject
CloseHandle
ExitThread
LockResource
WideCharToMultiByte
LoadLibraryW
FreeLibrary
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
GetLastError
lstrlenW
InterlockedDecrement
InterlockedIncrement
LoadLibraryA
LCMapStringW
GetProcAddress

user32

PostThreadMessageW
SetCapture
InvalidateRgn
InvalidateRect
SetRect
IsRectEmpty
CopyAcceleratorTableW
LoadCursorW
GetSysColorBrush
GetWindowThreadProcessId
PostQuitMessage
DestroyMenu
CharNextW
UnregisterClassW
GetMessageW
TranslateMessage
ValidateRect
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
SetWindowContextHelpId
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
IsWindowEnabled
MoveWindow
SetWindowTextW
IsDialogMessageW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
GetMenuState
EnableMenuItem
CheckMenuItem
RegisterWindowMessageW
LoadIconW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetFocus
IsWindow
SetFocus
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageW
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
GetKeyState
EnableWindow
EnumChildWindows
GetWindowTextW
GetClassNameW
SetMenu
SetForegroundWindow
IsWindowVisible
UpdateWindow
PostMessageW
GetSubMenu
GetMenuItemID
GetMenuItemCount
CharUpperW
RegisterClipboardFormatW
MessageBeep
GetNextDlgGroupItem
ReleaseCapture
RealGetWindowClassW
SendMessageW
GetPropW
SetWindowLongW
RemovePropW
CallWindowProcW
SetPropW
GetWindowRect
GetParent
BringWindowToTop
ShowWindow
GetClientRect
GetWindow
GetSystemMetrics
GetWindowPlacement
IsIconic
SystemParametersInfoA
IntersectRect
OffsetRect
SetWindowPos
GetWindowLongW
GetMenu
DefWindowProcW
GetDlgCtrlID
PtInRect
CopyRect
EqualRect
ScreenToClient
AdjustWindowRectEx
GetSysColor
RegisterClassW
GetClassInfoW
GetClassInfoExW
CreateWindowExW
MessageBoxW
MapDialogRect

gdi32

ExtSelectClipRgn
DeleteDC
GetStockObject
GetTextColor
CreateRectRgnIndirect
GetRgnBox
GetMapMode
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
GetBkColor
ExtTextOutW
TextOutW
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
DeleteObject
SetMapMode
RestoreDC
SaveDC
GetDeviceCaps
CreateBitmap
GetObjectW
SetBkColor
SetTextColor
GetClipBox
Escape

comdlg32

GetFileTitleW

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

shlwapi

SHDeleteKeyW
PathStripToRootW
StrCpyW
PathFindFileNameW
UrlUnescapeW
StrStrIW
UrlGetPartW
PathFindExtensionW
PathIsUNCW
StrCmpIW

oledlg

OleUIBusyW

ole32

OleIsCurrentClipboard
CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
OleFlushClipboard
CoTaskMemAlloc
CLSIDFromString
CLSIDFromProgID
CoUninitialize
CoInitialize
StringFromCLSID
CoCreateInstance
CoTaskMemFree
CoRegisterMessageFilter

oleaut32

SysAllocString
VariantCopy
VariantClear
VariantInit
VariantChangeType
SysAllocStringLen
SysStringLen
SysAllocStringByteLen
SysStringByteLen
SafeArrayCreateVector
SafeArrayPutElement
SafeArrayDestroy
OleCreateFontIndirect
VariantTimeToSystemTime
SystemTimeToVariantTime
SysFreeString

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 460KB - Virtual size: 459KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 71KB - Virtual size: 70KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 59KB - Virtual size: 58KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

317d95556495f88bf6fe38867f87d55b

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

shlwapi

oledlg

ole32

oleaut32

Exports

Exports

Sections

.text Size: 460KB - Virtual size: 459KB

.rdata Size: 71KB - Virtual size: 70KB

.data Size: 11KB - Virtual size: 29KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 59KB - Virtual size: 58KB

.text
Size: 460KB - Virtual size: 459KB

.rdata
Size: 71KB - Virtual size: 70KB

.data
Size: 11KB - Virtual size: 29KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 59KB - Virtual size: 58KB