29f796ac972f6ff2356bef25f51e3ca3_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

29f796ac972f6ff2356bef25f51e3ca3_JaffaCakes118
Size

429KB
MD5

29f796ac972f6ff2356bef25f51e3ca3
SHA1

236aa7cf5586f6fef5adff60bf975690b0d3f3af
SHA256

b81265623996d49415cfb9cc9ed6d71f7278026f7d598dce9726e8acaccbb902
SHA512

2e8e5e1cfce9d9f5a7762943934ae065ba62a358fe03b7bf55271990256141f8f25bdf9b6239aecc9d5a2495c60ad1397a110ebdd567f23b83a68c9886b777cc
SSDEEP

6144:b5oh6REtmn14inUf6T2uI5VgMHaO7dd+S6s7k0YMXSOn7P1l/NESIG:Foh/tm1nUf6CuQnz7ddPKdwXn7VEM

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
29f796ac972f6ff2356bef25f51e3ca3_JaffaCakes118

Files

29f796ac972f6ff2356bef25f51e3ca3_JaffaCakes118
.exe windows:4 windows x86 arch:x86

f3c39c3a2d7deffae8404f68cd2ad178

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Projects\OLReg4.0\Release\OLReg.pdb

Imports

kernel32

SetLastError
LoadLibraryA
GetSystemDirectoryA
GetWindowsDirectoryA
GetModuleFileNameA
GetModuleHandleA
CompareStringA
GetSystemDefaultLangID
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
WaitForSingleObject
GetLastError
CloseHandle
ExitProcess
FreeLibrary
LoadResource
LockResource
SizeofResource
SetEnvironmentVariableA
GetStringTypeA
IsBadCodePtr
IsBadReadPtr
GetOEMCP
IsBadWritePtr
GetTimeZoneInformation
SetUnhandledExceptionFilter
LCMapStringA
GetCurrentProcessId
QueryPerformanceCounter
VirtualFree
HeapCreate
HeapDestroy
GetStartupInfoA
SetHandleCount
GetCommandLineW
GetCommandLineA
GetEnvironmentStrings
FreeEnvironmentStringsA
UnhandledExceptionFilter
GetStdHandle
VirtualQuery
GetSystemInfo
VirtualAlloc
VirtualProtect
HeapSize
GetFileType
SetStdHandle
TerminateProcess
HeapReAlloc
HeapAlloc
HeapFree
GetSystemTimeAsFileTime
CreateThread
ExitThread
RtlUnwind
GetTickCount
SetErrorMode
GetFileTime
FileTimeToLocalFileTime
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
GetVersionExA
lstrlenA
GlobalDeleteAtom
GetCurrentThreadId
FreeResource
LocalFree
GlobalUnlock
GlobalLock
GlobalAlloc
MulDiv
GlobalFree
InterlockedDecrement
EnumResourceLanguagesW
GetVersion
ConvertDefaultLocale
GetCurrentThread
LocalAlloc
LeaveCriticalSection
GlobalReAlloc
GlobalHandle
EnterCriticalSection
TlsGetValue
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
DeleteCriticalSection
TlsFree
GlobalFlags
InterlockedIncrement
RaiseException
FileTimeToSystemTime
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers

advapi32

RegCloseKey

user32

ReleaseDC
GetDC
InflateRect
CopyRect
GetWindowPlacement
SystemParametersInfoA
IntersectRect
OffsetRect
SetWindowPos
GetDlgCtrlID
EqualRect
ScreenToClient
AdjustWindowRectEx
GetMenuItemCount
GetMenuItemID
GetSubMenu
GetMenu
IsWindowVisible
GetKeyState
MapWindowPoints
GetMessagePos
GetMessageTime
UnhookWindowsHookEx
DestroyWindow
GetTopWindow
GetDlgItem
SetActiveWindow
GetForegroundWindow
IsChild
SetFocus
GetFocus
SendDlgItemMessageA
CallNextHookEx
MoveWindow
IsWindowEnabled
GetMenuState
EndPaint
GetMenuCheckMarkDimensions
CheckMenuItem
EnableMenuItem
SetMenuItemBitmaps
GetCursorPos
PostQuitMessage
ValidateRect
GetActiveWindow
EndDialog
GetNextDlgTabItem
GetDesktopWindow
MapDialogRect
SetWindowContextHelpId
DestroyMenu
GetSysColorBrush
IsRectEmpty
SetRect
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
BeginPaint
GetWindowRect
GetClientRect
ClientToScreen
GetWindowDC
UpdateWindow
InvalidateRect
SetTimer
KillTimer
GetCapture
SetCapture
GetParent
WindowFromPoint
ReleaseCapture
IsWindow
SetCursor
PtInRect
RedrawWindow
GetSysColor
CopyIcon
SetForegroundWindow
ShowWindow
IsIconic
GetLastActivePopup
TranslateMessage
GetWindow
DrawIcon
GetSystemMetrics

gdi32

SetMapMode
GetRgnBox
GetTextColor
GetBkColor
GetMapMode
CreateRectRgnIndirect
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
CreateCompatibleBitmap
DeleteDC
BitBlt
SelectObject
CreateCompatibleDC
PtInRegion
DeleteObject
GetDeviceCaps
CreateBitmap
SetBkColor
GetStockObject
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
SetBkMode
RestoreDC
SaveDC
SetTextColor
GetClipBox

shell32

ord165
SHGetSpecialFolderPathW

wininet

InternetOpenUrlW
HttpOpenRequestW
HttpSendRequestA
InternetCloseHandle
InternetOpenW
InternetGetConnectedState
InternetReadFile
InternetConnectW

shlwapi

PathFindExtensionW
PathFindFileNameW
PathStripToRootW
PathFileExistsW
PathUnquoteSpacesW
PathRemoveArgsW
PathAddBackslashW
PathRemoveFileSpecW
PathRemoveBackslashW
PathIsUNCW

comctl32

ord17
_TrackMouseEvent

ole32

CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoTaskMemFree
CoRevokeClassObject
OleInitialize
CoTaskMemAlloc
CLSIDFromProgID
CoGetClassObject
CLSIDFromString
OleIsCurrentClipboard
OleFlushClipboard
CoRegisterMessageFilter

oleaut32

OleCreateFontIndirect
SysAllocString
SystemTimeToVariantTime
SafeArrayDestroy
VariantCopy
SysStringLen
SysFreeString
VariantInit
VariantChangeType
VariantClear
SysAllocStringLen

winspool.drv

ClosePrinter

Sections

.text
Size: 228KB - Virtual size: 224KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data
Size: 16KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 120KB - Virtual size: 120KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

f3c39c3a2d7deffae8404f68cd2ad178

Headers

File Characteristics

PDB Paths

Imports

kernel32

advapi32

user32

gdi32

shell32

wininet

shlwapi

comctl32

ole32

oleaut32

winspool.drv

Sections

.text Size: 228KB - Virtual size: 224KB

.rdata Size: 56KB - Virtual size: 55KB

.data Size: 16KB - Virtual size: 29KB

.rsrc Size: 120KB - Virtual size: 120KB

.text
Size: 228KB - Virtual size: 224KB

.rdata
Size: 56KB - Virtual size: 55KB

.data
Size: 16KB - Virtual size: 29KB

.rsrc
Size: 120KB - Virtual size: 120KB