2db94d3772153df1d9e3541092babcc1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

2db94d3772153df1d9e3541092babcc1_JaffaCakes118
Size

172KB
MD5

2db94d3772153df1d9e3541092babcc1
SHA1

caf96f47d45a2c0ba4384413fb08bcce18bd27a5
SHA256

7d424cac00d44aeaa2cd8cbeea80a77ff6a1f07d11968dbfcc65e4d2230f7230
SHA512

5df5cd3ba94d9293c7081e8072dd2758a10402832c036bf38923b0bab41e0f08c157ba78ecaa25c5877c24aabc0580d87d42393393d5651a1d3d081ec01bf19c
SSDEEP

3072:eZ9F87m6ftiXzuthIDtagFnko4wFhspxI0pxslQd0:UFQm6fkDuth+lR94wnOIYG

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
2db94d3772153df1d9e3541092babcc1_JaffaCakes118

Files

2db94d3772153df1d9e3541092babcc1_JaffaCakes118
.dll windows:4 windows x86 arch:x86

8c8a4796bad2c64862c71b466d5d7329

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateEventW
WaitForSingleObject
SetThreadPriority
ResumeThread
GetCurrentThreadId
SetEvent
SuspendThread
RaiseException
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
GetCurrentProcess
FindClose
FindFirstFileW
GetVolumeInformationW
GetFullPathNameW
FindNextFileW
InterlockedDecrement
InterlockedIncrement
GetVersion
LocalAlloc
GlobalReAlloc
GlobalHandle
TlsGetValue
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
GetVersionExA
GetModuleHandleW
lstrcmpW
lstrcatW
FreeLibrary
LoadLibraryA
GlobalDeleteAtom
GlobalFindAtomW
GlobalAddAtomW
GetFileAttributesW
GetFileTime
GlobalFlags
GetCurrentDirectoryW
HeapFree
HeapReAlloc
HeapAlloc
RtlUnwind
GetCommandLineA
ExitProcess
ExitThread
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapSize
TerminateProcess
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
LCMapStringA
LCMapStringW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
GetModuleFileNameA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
QueryPerformanceCounter
GetTickCount
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
GetTimeZoneInformation
IsBadReadPtr
IsBadCodePtr
GetOEMCP
GetCPInfo
GetStringTypeA
GetStringTypeW
GetDriveTypeA
SetStdHandle
CompareStringA
CompareStringW
SetEnvironmentVariableA
SetLastError
GlobalFree
lstrcpyW
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
lstrcpynW
LocalFree
GetModuleFileNameW
CreateToolhelp32Snapshot
CreateNamedPipeW
ConnectNamedPipe
ReadFile
DisconnectNamedPipe
lstrlenW
FileTimeToLocalFileTime
FileTimeToSystemTime
GetLocalTime
CreateThread
LoadLibraryW
GetProcAddress
GetSystemWindowsDirectoryW
GetCurrentProcessId
OpenProcess
GetLastError
WaitNamedPipeW
ExpandEnvironmentStringsW
CreateFileW
GetFileSize
SetFilePointer
WriteFile
CloseHandle
FindResourceW
LoadResource
LockResource
SizeofResource
Sleep
GetExitCodeThread
TerminateThread
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
WideCharToMultiByte
MultiByteToWideChar
GetVersionExW
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
GetModuleHandleA

user32

RegisterWindowMessageW
SetWindowTextW
ShowWindow
DestroyMenu
PostQuitMessage
GetForegroundWindow
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
LoadIconW
MapWindowPoints
SetForegroundWindow
GetClientRect
GetMenu
AdjustWindowRectEx
GetClassInfoW
RegisterClassW
GetDlgCtrlID
DefWindowProcW
CallWindowProcW
SetWindowLongW
SetPropW
WinHelpW
IsIconic
GetWindowPlacement
GetWindowRect
CopyRect
PtInRect
GetWindow
SetMenuItemBitmaps
GetFocus
ModifyMenuW
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapW
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
GetWindowTextW
MessageBoxW
GetParent
GetWindowLongW
GetLastActivePopup
IsWindowEnabled
EnableWindow
UnhookWindowsHookEx
LoadCursorW
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
CharUpperW
GetSystemMetrics
UnregisterClassW
SetWindowsHookExW
GetMessageW
TranslateMessage
DispatchMessageW
GetActiveWindow
IsWindowVisible
SendMessageW
GetKeyState
PeekMessageW
GetCursorPos
ValidateRect
GetMenuState
GetPropW
RemovePropW
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetCapture
CreateWindowExW
GetClassInfoExW
GetClassLongW
SystemParametersInfoA
GetClassNameW
SetWindowPos
PostMessageW
CharLowerW
CallNextHookEx

advapi32

OpenProcessToken
LookupPrivilegeValueW
AdjustTokenPrivileges
RegOpenKeyExW
RegQueryValueExW
RegCloseKey

shell32

ShellExecuteW

comctl32

ord17

shlwapi

PathStripToRootW
PathFindFileNameW
PathIsUNCW

wininet

InternetOpenUrlW
InternetOpenW
HttpQueryInfoW
InternetCloseHandle
InternetReadFile
InternetQueryDataAvailable

psapi

GetModuleBaseNameW
EnumProcessModules
EnumProcesses

oleacc

CreateStdAccessibleObject
LresultFromObject

gdi32

GetStockObject
CreateBitmap
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutW
TextOutW
SaveDC
RestoreDC
SetBkColor
DeleteDC
ScaleWindowExtEx
SetWindowExtEx
SetTextColor
SetMapMode
GetClipBox
DeleteObject
PtVisible
ScaleViewportExtEx
RectVisible
GetDeviceCaps
SetViewportExtEx

winspool.drv

OpenPrinterW
DocumentPropertiesW
ClosePrinter

comdlg32

GetFileTitleW

oleaut32

VariantChangeType
VariantClear
VariantInit

Exports

Exports

WSPStartup

Sections

.text
Size: 108KB - Virtual size: 106KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.inidata
Size: 4KB - Virtual size: 24B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 20KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

8c8a4796bad2c64862c71b466d5d7329

Headers

File Characteristics

Imports

kernel32

user32

advapi32

shell32

comctl32

shlwapi

wininet

psapi

oleacc

gdi32

winspool.drv

comdlg32

oleaut32

Exports

Exports

Sections

.text Size: 108KB - Virtual size: 106KB

.rdata Size: 28KB - Virtual size: 24KB

.data Size: 8KB - Virtual size: 21KB

.inidata Size: 4KB - Virtual size: 24B

.reloc Size: 20KB - Virtual size: 16KB

.text
Size: 108KB - Virtual size: 106KB

.rdata
Size: 28KB - Virtual size: 24KB

.data
Size: 8KB - Virtual size: 21KB

.inidata
Size: 4KB - Virtual size: 24B

.reloc
Size: 20KB - Virtual size: 16KB