28d53b27c323aad422cb41b3b2931802_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

28d53b27c323aad422cb41b3b2931802_JaffaCakes118
Size

167KB
MD5

28d53b27c323aad422cb41b3b2931802
SHA1

05318d65259ae699fe3434ca079d46c57a0a3cb9
SHA256

cf591926c9cc5e6b3de05638d97c2aa6d64c50514110c1fe6b59de09ee5c6408
SHA512

dfeb0f9bbc754e9cdc50077b325f23f8c6dc4bdebabc994f35969c3abb1812a886e8922203d9052fb9af85ab380bda9acf1a8b3981a35a755ef1fa62dcaaea19
SSDEEP

3072:7LBIMRx8A8BRM+RuFBTixHkP3vgbYodvUGLxZ:fyMv8RXYTD45U4

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
28d53b27c323aad422cb41b3b2931802_JaffaCakes118

Files

28d53b27c323aad422cb41b3b2931802_JaffaCakes118
.dll windows:4 windows x86 arch:x86

725dc32ed2c2167d0426b6f7f624f4e2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetDriveTypeA
CreateFileA
GetDiskFreeSpaceExA
GetSystemDirectoryA
GetTempPathA
DeleteFileW
GetProcessTimes
GetTempPathW
OutputDebugStringW
DebugBreak
WriteFile
GetCurrentThreadId
SetEvent
CreateEventW
GlobalMemoryStatus
GetVersionExW
GetComputerNameW
lstrcpyA
DeviceIoControl
CreateThread
SetLastError
GetModuleFileNameW
GetCurrentDirectoryW
GetProcAddress
GlobalAlloc
LoadLibraryExW
GlobalFree
FreeLibrary
MultiByteToWideChar
WideCharToMultiByte
GetModuleHandleW
GetLastError
InterlockedDecrement
lstrlenA
InterlockedIncrement
CreateProcessA
ReadFile
CreateFileW
GetFileSize
lstrlenW
lstrcatW
FindFirstFileW
FindClose
TerminateProcess
OpenProcess
CreateToolhelp32Snapshot
Process32FirstW
lstrcpyW
Process32NextW
CloseHandle
LocalFree
FileTimeToSystemTime
FileTimeToLocalFileTime
DuplicateHandle
GetCurrentProcess
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
GetVolumeInformationW
lstrcpynW
GetFullPathNameW
lstrcmpiW
InitializeCriticalSection
DeleteCriticalSection
LeaveCriticalSection
EnterCriticalSection
GetFileAttributesW
GetFileTime
LocalAlloc
TlsAlloc
GlobalUnlock
GlobalHandle
TlsFree
GlobalLock
GlobalReAlloc
TlsSetValue
LocalReAlloc
TlsGetValue
GetVersion
GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
LoadLibraryA
GetModuleHandleA
GetProcessVersion
lstrcmpW
GlobalFlags
RtlUnwind
ExitProcess
HeapFree
HeapAlloc
GetCommandLineA
SetStdHandle
GetFileType
GetTimeZoneInformation
GetSystemTime
GetLocalTime
RaiseException
HeapSize
HeapReAlloc
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
SetHandleCount
GetStdHandle
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
LCMapStringA
LCMapStringW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GetCPInfo
GetStringTypeA
GetStringTypeW
GetACP
GetOEMCP
CompareStringA
CompareStringW
SetEnvironmentVariableA
WaitForSingleObject
Sleep
GetTickCount

user32

GetKeyState
DispatchMessageW
GetNextDlgTabItem
GetFocus
EnableMenuItem
CheckMenuItem
SetMenuItemBitmaps
ModifyMenuW
GetMenuState
LoadBitmapW
GetMenuCheckMarkDimensions
GetWindowRect
GetWindowPlacement
IsIconic
SystemParametersInfoW
RegisterWindowMessageW
SetWindowPos
SetWindowLongW
GetWindow
SetForegroundWindow
GetForegroundWindow
GetMessagePos
GetMessageTime
RemovePropW
CallWindowProcW
GetPropW
SetPropW
CreateWindowExW
DestroyWindow
DefWindowProcW
GetDlgCtrlID
GetWindowTextW
GetDlgItem
GetMenuItemID
GetSubMenu
GetMenuItemCount
GetMenu
RegisterClassW
GetClassInfoW
WinHelpW
GetCapture
GetTopWindow
CallNextHookEx
CopyRect
GetClientRect
AdjustWindowRectEx
SetFocus
GetSysColor
MapWindowPoints
PostMessageW
LoadIconW
SetWindowTextW
LoadCursorW
GetSysColorBrush
GetClassNameW
PtInRect
ClientToScreen
PostQuitMessage
DestroyMenu
TabbedTextOutW
DrawTextW
GrayStringW
EnableWindow
LoadStringW
CharUpperW
PeekMessageW
LoadStringA
MessageBoxA
SetWindowsHookExW
UnhookWindowsHookEx
GetParent
GetSystemMetrics
ReleaseDC
GetDC
wvsprintfA
CharNextA
GetLastActivePopup
IsWindowEnabled
GetWindowLongW
SendMessageW
MessageBoxW

gdi32

CreateBitmap
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetMapMode
RestoreDC
SaveDC
SetBkColor
SelectObject
DeleteDC
GetDeviceCaps
GetObjectW
SetTextColor
GetClipBox
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
DeleteObject
GetStockObject

advapi32

RegSetValueExW
RegCreateKeyW
ChangeServiceConfigW
OpenServiceW
CloseServiceHandle
CreateServiceW
OpenSCManagerW
RegCloseKey
RegQueryValueExW
RegOpenKeyExW
DeleteService
RegisterServiceCtrlHandlerW
SetServiceStatus
StartServiceW
RegEnumKeyExW
EnumServicesStatusW

comctl32

ord17

ws2_32

gethostbyname
inet_addr
WSAStartup
WSACreateEvent
inet_ntoa
WSACleanup

psapi

GetProcessMemoryInfo

wininet

HttpOpenRequestA
HttpSendRequestA
InternetOpenA
InternetQueryDataAvailable
InternetReadFile
InternetCloseHandle
InternetSetOptionA
InternetConnectA

winspool.drv

DocumentPropertiesW
ClosePrinter
OpenPrinterW

comdlg32

GetFileTitleW

Exports

Exports

Install
RunInstallA
RunUninstallA
ServiceMain
Uninstall

Sections

.text
Size: 111KB - Virtual size: 110KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 1.5MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

725dc32ed2c2167d0426b6f7f624f4e2

Headers

File Characteristics

Imports

kernel32

user32

gdi32

advapi32

comctl32

ws2_32

psapi

wininet

winspool.drv

comdlg32

Exports

Exports

Sections

.text Size: 111KB - Virtual size: 110KB

.rdata Size: 24KB - Virtual size: 24KB

.data Size: 9KB - Virtual size: 1.5MB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 20KB - Virtual size: 19KB

.text
Size: 111KB - Virtual size: 110KB

.rdata
Size: 24KB - Virtual size: 24KB

.data
Size: 9KB - Virtual size: 1.5MB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 20KB - Virtual size: 19KB