25eb80fd3a87c49d8d623ab7bfc694c5_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

25eb80fd3a87c49d8d623ab7bfc694c5_JaffaCakes118
Size

92KB
MD5

25eb80fd3a87c49d8d623ab7bfc694c5
SHA1

e9a9f9e571c2acad59a1d461504ff4f6f1debc87
SHA256

b5d5c25c5183d0d4065ce6ece09e692b517a6f24ed4c5cdb9553c47aa675f2db
SHA512

2b2df4f6fcf66870910eeb7935472a6c25e913d93eea8718ccdfa19aed1938b171c9c7986b0a85f20ef9cfc17841d2102575fcb0cbc3e0debd72b44e688d562a
SSDEEP

1536:b2L+PzX9kRV648MJ38+fg7TZI2LNJ57TGm7sQikBIRZR8F2T+iDztE/sE/r20cCq:y0r90648MJ388jeRsQbIR6fgWzK0cCzG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
25eb80fd3a87c49d8d623ab7bfc694c5_JaffaCakes118

Files

25eb80fd3a87c49d8d623ab7bfc694c5_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

a8e24739ef712fd122b0a61d22940ebb

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetTimeZoneInformation
TransactNamedPipe
RegisterWaitForSingleObjectEx
GetStringTypeExA
CreateSemaphoreA
QueueUserWorkItem
GetUserDefaultUILanguage
LocalUnlock
GlobalFree
DeleteTimerQueueEx
FreeEnvironmentStringsW
SetConsoleCursorPosition
GetLocalTime
HeapCompact
RegisterWaitForSingleObject
GetEnvironmentStrings
GetComputerNameW
SetCurrentDirectoryA
GlobalGetAtomNameA
ReadFileEx
BindIoCompletionCallback
ChangeTimerQueueTimer
ClearCommError
EscapeCommFunction
WriteProcessMemory
CancelWaitableTimer
GetThreadPriority
AddAtomA
FormatMessageW
GetAtomNameA
GetSystemPowerStatus
SetConsoleMode
ReadConsoleInputW
FindVolumeMountPointClose
CreateJobObjectW
ReadConsoleW
GetFullPathNameA
GlobalGetAtomNameW
lstrcatA
CreateMutexW
OpenThread
RemoveDirectoryW
GlobalReAlloc
GetSystemDefaultLangID
IsBadStringPtrW
GetConsoleMode
lstrcpynW
HeapWalk
CreateNamedPipeA
DeleteFileW
CreateConsoleScreenBuffer
FreeResource
HeapDestroy
OpenJobObjectW
FlushViewOfFile
lstrlenW
PostQueuedCompletionStatus
UnregisterWaitEx
WriteProfileStringW
SetLocalTime
FindResourceA
GetVolumePathNamesForVolumeNameW
GetLogicalDriveStringsA
SetProcessWorkingSetSize
SuspendThread
GetCommandLineA
EnumResourceLanguagesW
lstrcpynA
IsBadCodePtr
FillConsoleOutputCharacterW
GetTempFileNameW
GetLongPathNameW
CompareStringA
OpenMutexA
DuplicateHandle
CreateMailslotA
FindAtomA
IsWow64Process
FindFirstFileExW
GetProcessAffinityMask
SetFilePointerEx
RtlMoveMemory
GetWindowsDirectoryA
GetFileAttributesExA
GetExitCodeThread
GetSystemWindowsDirectoryA
ConnectNamedPipe
GetTapeParameters
ReleaseSemaphore
PeekNamedPipe
OpenSemaphoreA
VerSetConditionMask
ConvertDefaultLocale
OpenProcess
EnumSystemLocalesA
GetCurrentProcess
LocalAlloc
HeapAlloc
OpenSemaphoreW
FreeLibraryAndExitThread
GetDriveTypeW
GetEnvironmentStringsW
FindAtomW
IsBadStringPtrA
MoveFileW
GetTempFileNameA
MultiByteToWideChar
FindFirstChangeNotificationW
GetVersionExA
FlushFileBuffers
DeleteCriticalSection
lstrcmpiW
GetProcessVersion
GetVolumeInformationW
SetHandleInformation
SearchPathW
EnumResourceLanguagesA
Sleep
CloseHandle
GetComputerNameA
CreateDirectoryA
GlobalAlloc
WriteFile
GetSystemTimeAsFileTime
VirtualProtect
InterlockedIncrement
GetProcAddress
GetModuleFileNameA
ReleaseMutex
InterlockedExchange
GetTickCount
CreateMutexA
MoveFileA
ExpandEnvironmentStringsA
DeleteFileA
MapViewOfFile
GetCurrentProcessId
LoadLibraryA
CreateFileMappingA
VirtualQuery
LeaveCriticalSection
CopyFileA
GetLastError
GetModuleHandleA
GetProcessHeap
InitializeCriticalSection
FillConsoleOutputAttribute

user32

CharPrevW
SetWindowTextA
GetClassLongW
MonitorFromRect
GetLastActivePopup
SetProcessWindowStation
GetMenuItemID
DeferWindowPos
GetAsyncKeyState
CharLowerBuffW
CreateMenu
PostMessageW
IsCharAlphaA
LoadCursorW
SetRect
CharUpperW
GetWindowTextLengthA
GetInputState
EnumDesktopsW
CheckDlgButton
SetMenuItemBitmaps
ExitWindowsEx
NotifyWinEvent
SetCursor
ChangeDisplaySettingsA
GetDlgItem
EndDialog
KillTimer
AttachThreadInput
GetMenuDefaultItem
SetThreadDesktop
OpenDesktopW
IsCharAlphaNumericW
GetCaretPos
CharUpperBuffW
GetWindowLongA
LoadAcceleratorsW
DestroyIcon
CreateDialogParamA
GetSysColor
InsertMenuW
GetCaretBlinkTime
UnregisterClassA
GetSystemMetrics
DialogBoxParamW
SubtractRect
GetClassLongA
DefWindowProcW
DestroyWindow
IsRectEmpty
CloseWindowStation
GetAncestor
IsDialogMessageW
MoveWindow
OemToCharBuffA
PostMessageA
TranslateMessage
GetCursorPos
SetPropA
AppendMenuA
DefWindowProcA
wsprintfW
GetMenuCheckMarkDimensions
GetClassInfoA
IsDlgButtonChecked
SetActiveWindow
VkKeyScanA
ReleaseDC
GetScrollRange
GetWindowWord
CreateIconFromResourceEx
CreateWindowExW
InvalidateRect
MessageBeep
IsWindow
GetDlgItemTextW
EnumDisplaySettingsA
TabbedTextOutA
DialogBoxParamA
DrawTextExW
InSendMessageEx
CreateIcon
AdjustWindowRectEx
DrawFocusRect
GetUserObjectInformationA
ReuseDDElParam
GrayStringA
GetQueueStatus
CreateDialogParamW
CharUpperA
GetMonitorInfoA
GetDC
GetParent
SetMenuDefaultItem
SetCursorPos
GetForegroundWindow
GetWindowThreadProcessId
DispatchMessageA
SetWindowsHookExA
FindWindowA
GetClassNameA
SendMessageA
CallNextHookEx
PeekMessageA
GrayStringW

shlwapi

UrlGetPartW
StrStrIW
PathRemoveFileSpecA
StrFormatByteSizeW
PathRemoveArgsW
AssocQueryStringW
StrStrA
PathIsRelativeW
PathFileExistsW
SHAutoComplete
UrlEscapeW
StrChrIW
PathIsUNCW
UrlUnescapeW
StrCmpW
PathStripToRootW
StrChrA
PathMatchSpecW
PathAddBackslashA
StrDupW
PathIsUNCServerShareW
StrCmpNIA
PathQuoteSpacesW
StrTrimW
SHRegGetBoolUSValueW
PathAppendW
PathGetArgsW
SHDeleteKeyA
SHCreateStreamOnFileW
PathRenameExtensionW
PathCommonPrefixW

advapi32

RegCreateKeyExA
RegSetValueExA
ConvertStringSecurityDescriptorToSecurityDescriptorA
RegQueryInfoKeyA
RegOpenKeyExA
ClearEventLogW
DeregisterEventSource
RegEnumKeyW
SetThreadToken
RegOpenKeyA
RegNotifyChangeKeyValue
ChangeServiceConfigW
OpenProcessToken
EnumServicesStatusW
RegQueryValueW
OpenServiceA
RegCreateKeyW
QueryServiceStatusEx
SetEntriesInAclW
QueryServiceConfig2W
GetOldestEventLogRecord
RegisterEventSourceA
MapGenericMask
QueryServiceLockStatusW
RegSetValueExW
RegOpenCurrentUser
ImpersonateLoggedOnUser
RegSetValueW
RegRestoreKeyW
QueryServiceLockStatusA
ChangeServiceConfigA
RegConnectRegistryA
RegCreateKeyExW
GetAclInformation
MakeAbsoluteSD
RegQueryInfoKeyW
RegisterServiceCtrlHandlerExW
CreateProcessAsUserW
StartServiceW
RegLoadKeyW
IsTokenRestricted
RegDeleteKeyA

shell32

SHParseDisplayName
SHOpenFolderAndSelectItems
ShellAboutW
SHFileOperationW
SHAppBarMessage
DragFinish
SHGetFolderPathW
DragQueryFileA
SHGetMalloc
ExtractIconExA
SHGetPathFromIDListW
DragQueryFileW
SHGetInstanceExplorer
ShellExecuteA
SHGetSettings
SHGetFolderPathA

gdi32

ScaleViewportExtEx
StartDocA
GetTextMetricsW
ResetDCA
SetTextAlign
CreateRoundRectRgn
CreateDCW
SetBitmapDimensionEx
PlayEnhMetaFileRecord
GetTextFaceA
GetDIBits
GetGraphicsMode
CreateMetaFileA
FillPath
SetBitmapBits
ExtTextOutA
CreateRectRgnIndirect
CreateBrushIndirect
PlayEnhMetaFile
CreatePolygonRgn
GetBkMode
PolylineTo
SetGraphicsMode
SetMapperFlags
ExtEscape
SetLayout
SetBkColor
SetPaletteEntries
CreateEnhMetaFileW
EnumFontFamiliesExA
GetGlyphOutlineA
SetWindowOrgEx
RemoveFontResourceW
FillRgn
GetMetaFileA
InvertRgn
GetLayout
TranslateCharsetInfo
UnrealizeObject
FlattenPath
PtInRegion
ExtCreatePen
GetMapMode
DPtoLP
BeginPath
Polygon
RealizePalette
EnumFontFamiliesExW
GetViewportOrgEx
GetBitmapBits
SetMagicColors
GetTextAlign
GetRandomRgn
PolyPolyline
TextOutW
DeleteDC
SetArcDirection
SetMetaFileBitsEx
SetDIBits
SetBrushOrgEx
GetEnhMetaFileA
SetViewportExtEx
SetColorAdjustment

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a8e24739ef712fd122b0a61d22940ebb

Headers

File Characteristics

Imports

kernel32

user32

shlwapi

advapi32

shell32

gdi32

Exports

Exports

Sections

.text Size: 68KB - Virtual size: 64KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 4KB - Virtual size: 6KB

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 68KB - Virtual size: 64KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 4KB - Virtual size: 6KB

.reloc
Size: 4KB - Virtual size: 2KB