1928333730fd7fd1c4151497fd5d5034_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

1928333730fd7fd1c4151497fd5d5034_JaffaCakes118
Size

161KB
MD5

1928333730fd7fd1c4151497fd5d5034
SHA1

377704a5a732631b1a02883d90133beecc276338
SHA256

6146e8be8ebdd7478692c645e83044bc8b568603512b790e91bf10aaf506934f
SHA512

0ca51b646a9f0c36eca553fef4549f4149d9e83456c42eeab1217023c30600fc29c27593f88586e93d28a00c3d541b63f46dd3c21fdfeaa1018c36df69c8b4db
SSDEEP

3072:zEzuLlR+5CrKTmly2O203sR+ftrALJLOnuHUJXerPFuDa9ZbjRz8uc1ypYEi60Zx:wz2br+Uy/20cR+fGLJLOngUFer9u2jje

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
1928333730fd7fd1c4151497fd5d5034_JaffaCakes118

Files

1928333730fd7fd1c4151497fd5d5034_JaffaCakes118
.dll windows:4 windows x86 arch:x86

8e3921540b2b740ff5daf2292fecbede

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

ReleaseDC
GetDC
GetUserObjectInformationA
PostMessageA
SystemParametersInfoA
SendMessageA
BlockInput
wsprintfA
keybd_event
mouse_event
GetSystemMetrics
DrawTextA
RedrawWindow
GetMessageA
PostThreadMessageA
GetDesktopWindow
GetProcessWindowStation
GetThreadDesktop
OpenWindowStationA
SetProcessWindowStation
OpenDesktopA
SetThreadDesktop
MessageBoxA
CloseDesktop
CloseWindowStation
OpenInputDesktop
ExitWindowsEx

ole32

CoInitialize
CoInitializeEx
CoCreateInstance
CoUninitialize
CoTaskMemFree

oleaut32

SysFreeString
VariantClear

gdi32

DeleteObject
CreateFontIndirectA
SetTextColor
SetBkMode
CreateDIBSection
CreateDCA
GetDeviceCaps
DeleteDC
CreateCompatibleDC
GetDIBits
RealizePalette
SelectPalette
GetStockObject
GetObjectA
BitBlt
SelectObject
CreateCompatibleBitmap

psapi

GetModuleFileNameExA
EnumProcessModules

ws2_32

ntohs
inet_addr
send
select
recv
getpeername
getsockname
closesocket
socket
WSAStartup
setsockopt
WSACleanup
connect
gethostbyname
htons

iphlpapi

GetAdaptersInfo

wininet

InternetOpenUrlA
InternetReadFile
HttpQueryInfoA
InternetOpenA
InternetCloseHandle

wtsapi32

WTSCloseServer
WTSOpenServerA
WTSEnumerateSessionsA
WTSFreeMemory

kernel32

SetFileAttributesA
GetFileAttributesA
RemoveDirectoryA
CopyFileA
MoveFileA
CreateDirectoryA
GetExitCodeThread
GetCurrentDirectoryA
SetCurrentDirectoryA
GetLocalTime
SystemTimeToFileTime
FindNextFileA
GetVolumeInformationA
EnterCriticalSection
LeaveCriticalSection
GlobalAlloc
GlobalLock
LocalAlloc
lstrcpyA
GetWindowsDirectoryA
GetSystemTime
GetSystemDirectoryA
CreateMutexA
SetLastError
FreeConsole
CreateRemoteThread
WriteProcessMemory
VirtualAllocEx
MultiByteToWideChar
WaitForSingleObject
ReadFile
CreateProcessA
GetStartupInfoA
CreatePipe
VirtualQuery
TerminateThread
Sleep
WinExec
ExitThread
FreeLibrary
CloseHandle
GetTickCount
GetProcAddress
LoadLibraryA
CreateThread
DeleteFileA
OutputDebugStringA
WriteFile
GetStdHandle
GetVersionExA
GetLastError
GetCurrentProcess
Process32Next
Process32First
CreateToolhelp32Snapshot
OpenProcess
GetModuleFileNameA
GetDiskFreeSpaceA
GetDriveTypeA
GetLogicalDrives
GetModuleHandleA
GlobalMemoryStatusEx
GetCurrentProcessId
GetComputerNameA
GetCurrentThreadId
GetSystemDefaultLangID
FindClose
FindFirstFileA
SetFileTime
GetFileTime
CreateFileA
LocalFree
TerminateProcess
WideCharToMultiByte
Module32Next
Module32First
SetPriorityClass
SuspendThread
Thread32Next
Thread32First
ResumeThread
LoadLibraryW
ProcessIdToSessionId
GlobalFree
GlobalUnlock
InitializeCriticalSection

advapi32

SetEntriesInAclA
GetNamedSecurityInfoA
BuildExplicitAccessWithNameA
SetNamedSecurityInfoA
RegOpenKeyA
RegEnumKeyA
RegDeleteValueA
RegSetValueExA
CreateProcessAsUserA
RegEnumKeyExA
RegOpenKeyExA
RegQueryValueExA
RegCloseKey
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
DuplicateTokenEx
RegEnumValueA
RegCreateKeyA
RegDeleteKeyA
CloseServiceHandle
QueryServiceConfigA
QueryServiceConfig2A
OpenServiceA
EnumServicesStatusExA
OpenSCManagerA
DeleteService
ControlService
QueryServiceStatus
StartServiceA
ChangeServiceConfigA
QueryServiceStatusEx
ChangeServiceConfig2A
CreateServiceA
SetServiceStatus
RegisterServiceCtrlHandlerA
SetTokenInformation

msvfw32

ICClose
ICCompress
ICSendMessage
ICOpen
ICImageCompress

winmm

mixerGetLineControlsA
waveInStart
mixerClose
mixerSetControlDetails
waveInReset
waveInOpen
waveInUnprepareHeader
waveInClose
waveInPrepareHeader
mixerOpen
mixerGetControlDetailsA
mixerGetLineInfoA
waveInAddBuffer

msvcrt

strcpy
strlen
memset
_strrev
strchr
strncmp
memcpy
strncpy
memcmp
printf
fclose
fwrite
fopen
strrchr
strstr
sprintf
strcat
_strdate
_strtime
fprintf
_vsnprintf
free
malloc
strtok
strcmp
_strupr
strncat
??2@YAPAXI@Z
_except_handler3
exit
fread
ftell
fseek
__CxxFrameHandler
_ftol
realloc
abs
_CxxThrowException
wcstombs
rand
srand
time
wcslen
_CIacos
_CIpow
calloc
__dllonexit
_onexit
?terminate@@YAXXZ
??1type_info@@UAE@XZ
_initterm
_adjust_fdiv
_strnicmp
_stricmp
_strlwr
atoi

Exports

Exports

InstallRT
InstallSA
PSLIST
ServiceMain
StartEXS
UMain
UninstallRT
UninstallSA

Sections

.text
Size: 107KB - Virtual size: 107KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 19KB - Virtual size: 38KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

xdoors_d
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 9KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8e3921540b2b740ff5daf2292fecbede

Headers

File Characteristics

Imports

user32

ole32

oleaut32

gdi32

psapi

ws2_32

iphlpapi

wininet

wtsapi32

kernel32

advapi32

msvfw32

winmm

msvcrt

Exports

Exports

Sections

.text Size: 107KB - Virtual size: 107KB

.rdata Size: 11KB - Virtual size: 11KB

.data Size: 19KB - Virtual size: 38KB

xdoors_d Size: 11KB - Virtual size: 11KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 9KB - Virtual size: 8KB

.text
Size: 107KB - Virtual size: 107KB

.rdata
Size: 11KB - Virtual size: 11KB

.data
Size: 19KB - Virtual size: 38KB

xdoors_d
Size: 11KB - Virtual size: 11KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 9KB - Virtual size: 8KB