309e2921cad888268824c2da800612ef_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

309e2921cad888268824c2da800612ef_JaffaCakes118
Size

913KB
MD5

309e2921cad888268824c2da800612ef
SHA1

2ec70b42c1918f9cf9e59cb16bcb1e8b32fe13df
SHA256

f2937158e27946db58831885a1c7da198830311505e26109cb0803bf9f0b0dc2
SHA512

68c3f15182d81714fee6148089da8d0dfab12f440794ca15f34e8a763a639865277c3f3776fd3d8dae72a28993518f0072577cb88d54b64067c9c8dd57366c6f
SSDEEP

24576:zI53A7a/nKRH7y/6JLA2UXvYDHcqQaRX/r:UYa/K97E+U2AgDH8aRP

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
309e2921cad888268824c2da800612ef_JaffaCakes118

Files

309e2921cad888268824c2da800612ef_JaffaCakes118
.dll .ps1 windows:5 windows x86 arch:x86 polyglot

536aeaf33c1ae1969144d9bcda3932bc

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT
IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

IsDebuggerPresent
SizeofResource
GetModuleFileNameA
LoadLibraryW
LCMapStringW
LeaveCriticalSection
GetCommandLineW
EnterCriticalSection
GetFileSize
MulDiv
OutputDebugStringW
SetErrorMode
SetEndOfFile
lstrcpynW
ConvertDefaultLocale
FileTimeToLocalFileTime
InterlockedDecrement
GlobalDeleteAtom
GetTickCount
LockResource
GlobalFindAtomW
SetLastError
lstrlenA
GetStartupInfoA
InterlockedExchange
GetTimeFormatW
FreeResource
GlobalReAlloc
WriteConsoleW
SetUnhandledExceptionFilter
CreateThread
TlsSetValue
HeapReAlloc
ResumeThread
Sleep
GetCurrentThreadId
CreateFileA
lstrcmpA
GetStdHandle
LoadLibraryA
WideCharToMultiByte
GetCurrentProcess
GetCPInfo
GetFullPathNameW
VirtualQuery
GetStartupInfoW
FindClose
GetFileType
LoadResource
FlushFileBuffers
GetFileAttributesW
RaiseException
GetDriveTypeA
EnumResourceLanguagesW
GetProcAddress
WriteFile
SetFilePointer
GetDateFormatW
GetCurrentThread
lstrcatA
VirtualProtect
ResetEvent
UnhandledExceptionFilter
GetVolumeInformationW
FreeLibrary
GetFileTime
CreateEventW
SetEnvironmentVariableA
GlobalHandle
GetEnvironmentStrings
GetProcessHeap
GetStringTypeA
LCMapStringA
TerminateProcess
GetWindowsDirectoryW
FindFirstFileW
GetVersion
GlobalFree
GetStringTypeW
GetCommandLineA
GetSystemTimeAsFileTime
MultiByteToWideChar
FreeEnvironmentStringsW
GetModuleHandleA
LocalReAlloc
FindNextFileW
VirtualFree
GetUserDefaultUILanguage
UnlockFile
FindResourceExW
CreateProcessW
GetPrivateProfileStringW
QueryPerformanceCounter
HeapCreate
lstrcmpW
HeapDestroy
SetHandleCount
CreateFileW
VirtualProtectEx
SetStdHandle
GetCurrentDirectoryA
GetLastError
WaitForSingleObject
FindResourceW
GetEnvironmentStringsW
GlobalAddAtomW
GetPrivateProfileIntW
GlobalLock
GetConsoleCP
CloseHandle
GetLocalTime
GetConsoleOutputCP
GlobalUnlock
DeviceIoControl
CompareStringW
GetThreadLocale
GetSystemDirectoryA
lstrlenW
InitializeCriticalSection
HeapFree
HeapAlloc
SetThreadPriority
InterlockedIncrement
LocalFree
TlsFree
GetModuleFileNameW
GlobalAlloc
GetACP
EnumUILanguagesW
CompareStringA
ExitProcess
HeapSize
GetSystemDefaultLangID
DeleteCriticalSection
SuspendThread
GetModuleHandleW
VirtualAlloc
GetOEMCP
TlsGetValue
FileTimeToSystemTime
WaitForMultipleObjects
FormatMessageW
FreeEnvironmentStringsA
DuplicateHandle
GetTimeZoneInformation
GetVersionExW
GetVersionExA
GetLocaleInfoA
GetCurrentProcessId
GlobalFlags
RtlUnwind
LocalAlloc
TlsAlloc
GetSystemInfo
ReadFile
WritePrivateProfileStringW

user32

CopyRect
SendDlgItemMessageA
GetDlgItem
InflateRect
GetTopWindow
LoadMenuIndirectW
CharNextW
GetCursorPos
UnhookWindowsHookEx
IntersectRect
GetMenuItemCount
GetLastActivePopup
SetCapture
OffsetRect
IsIconic
GetMessageTime
GrayStringW
GetWindowThreadProcessId
MoveWindow
GetMenuCheckMarkDimensions
SetWindowsHookExW
ModifyMenuW
AdjustWindowRectEx
SetRectEmpty
GetClassInfoW
DrawFocusRect
SetCursor
InsertMenuW
GetCapture
EqualRect
SystemParametersInfoA
TabbedTextOutW
CallNextHookEx
SetActiveWindow
CheckMenuItem
GetWindowDC
GetSystemMenu
PtInRect
GetMessagePos
PostQuitMessage
LoadBitmapW
InvalidateRgn
EnableWindow
GetNextDlgTabItem
IsChild
RemoveMenu
KillTimer
WinHelpW
SetWindowContextHelpId
ShowWindow
ClientToScreen
IsDialogMessageW
DestroyMenu
IsWindow
SendMessageW
UnregisterClassW
GetSysColorBrush
ScreenToClient
MapWindowPoints
RedrawWindow
MsgWaitForMultipleObjects
GetWindowInfo
GetClassInfoExW
GetDlgCtrlID
GetWindowTextW
SetWindowLongW
CallWindowProcW
SetForegroundWindow
DefWindowProcW
GetForegroundWindow
GetSubMenu
RegisterClassW
UpdateWindow
DestroyWindow
GetSysColor
CreateWindowExW
LoadMenuW
GetDC
SetMenuItemBitmaps
SetWindowPlacement
GetMessageW
DispatchMessageW
GetWindow
MessageBoxW
MessageBeep
ExitWindowsEx
DrawTextExW
GetParent
CharUpperW
GetActiveWindow
SetTimer
MapDialogRect
CopyAcceleratorTableW
GetWindowTextLengthW
ReleaseCapture
PostMessageW
BeginPaint
SendDlgItemMessageW
SetPropW
GetWindowLongW
GetNextDlgGroupItem
ReleaseDC
GetPropW
SetWindowTextW
IsRectEmpty
RegisterClipboardFormatW
TrackPopupMenu
ValidateRect
SetWindowPos
PostThreadMessageW
GetMenuItemID
AllowSetForegroundWindow
TrackMouseEvent
DrawTextW
SetCursorPos
EnableMenuItem
GetFocus
SetFocus
CreateDialogIndirectParamW
InvalidateRect
GetSystemMetrics
LoadIconW
UnregisterClassA
GetClassLongW
GetMenu
RegisterWindowMessageW
RemovePropW
WindowFromPoint
GetWindowRect
IsWindowEnabled
GetDesktopWindow
EndPaint
EndDialog
GetWindowPlacement
TranslateMessage
GetClassNameW
GetMenuState
IsWindowVisible
SetMenuDefaultItem
GetClientRect
SetRect
FindWindowW
GetKeyState
LoadCursorW
PeekMessageW
AppendMenuW

gdi32

CreateRectRgnIndirect
GetPixel
RectVisible
CreatePen
StretchBlt
LineTo
CreateSolidBrush
GetObjectW
CreateCompatibleDC
GetBkColor
TextOutW
SetViewportOrgEx
MoveToEx
CreateBitmapIndirect
PatBlt
GetViewportExtEx
SelectPalette
GetDeviceCaps
SelectObject
GetMapMode
Polyline
GetStockObject
GetWindowExtEx
RestoreDC
SetStretchBltMode
ScaleWindowExtEx
ScaleViewportExtEx
ExtSelectClipRgn
ExcludeClipRect
SetWindowExtEx
SetMapMode
SetPixel
OffsetViewportOrgEx
DPtoLP
SetViewportExtEx
GetRgnBox
CreateCompatibleBitmap
DeleteObject
DeleteDC
ExtTextOutW
SetBkColor
Escape
StretchDIBits
PtVisible
GetClipBox
CreateBitmap
GetTextColor
CreateFontIndirectW
SetTextColor
GetTextExtentPoint32W
BitBlt
SetBkMode
SaveDC

comdlg32

GetFileTitleW

advapi32

RegNotifyChangeKeyValue
AdjustTokenPrivileges
RegCreateKeyExW
RegCloseKey
OpenProcessToken
RegSetValueExW
RegDeleteValueW
RegQueryValueExW
RegEnumKeyW
RegQueryValueW
RegEnumKeyExW
CloseServiceHandle
OpenServiceW
RegOpenKeyExW
StartServiceW
LookupPrivilegeValueW
RegOpenKeyW
OpenSCManagerW
RegDeleteKeyW
RegCreateKeyW

shell32

SHGetFolderPathW
Shell_NotifyIconW
ShellExecuteW

ole32

CoFreeUnusedLibraries
OleInitialize
CoUninitialize
CreateStreamOnHGlobal
StgOpenStorageOnILockBytes
CoTaskMemFree
CoGetClassObject
OleUninitialize
OleIsCurrentClipboard
CLSIDFromProgID
StgCreateDocfileOnILockBytes
CoCreateInstance
PropVariantClear
CoInitialize
CoRevokeClassObject
CLSIDFromString
CreateILockBytesOnHGlobal
OleFlushClipboard
CoTaskMemAlloc
CoRegisterMessageFilter

oleaut32

SysStringLen
SysFreeString
VariantChangeType
VariantCopy
VariantTimeToSystemTime
SysAllocString
OleCreateFontIndirect
SystemTimeToVariantTime
VariantClear
VariantInit
SysAllocStringLen
SafeArrayDestroy

shlwapi

PathIsUNCW
PathFindFileNameW
PathFindExtensionW
PathStripToRootW

winmm

waveInStart
waveInStop
waveInGetNumDevs
waveInClose
waveInUnprepareHeader
waveInPrepareHeader
PlaySoundW
waveInAddBuffer
waveInOpen
waveInReset
waveInGetDevCapsW

rpcrt4

UuidCreate

setupapi

SetupDiGetDeviceInterfaceDetailW
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInterfaces
SetupDiGetClassDevsW

gdiplus

GdipDeleteGraphics
GdipCreateFromHDC
GdipFillRectangleI
GdipAlloc
GdipDrawString
GdipSetTextRenderingHint
GdipFree
GdipDrawImageRectRect
GdipCreateBitmapFromHBITMAP
GdipGetGenericFontFamilySansSerif
GdipCreateBitmapFromScan0
GdipCreateFontFamilyFromName
GdipGetImageHeight
GdipDrawImageRect
GdipDrawImagePointRectI
GdipDrawImageRectI
GdipDeleteBrush
GdipCreateBitmapFromStream
GdipGetImageWidth
GdipDeleteFontFamily
GdipCreateSolidFill
GdipDrawImageI
GdipGetImageBounds
GdipFlush
GdipMeasureString
GdipGetImageGraphicsContext
GdipCloneImage
GdipCloneBrush
GdiplusStartup
GdipDeleteFont
GdipGetFontSize
GdipImageRotateFlip
GdipFillRectangle
GdipCreateHBITMAPFromBitmap
GdipCreateBitmapFromGraphics
GdipCreateFont
GdipDisposeImage
GdipCreateBitmapFromResource

msvcrt

fread
fclose
exit
fopen

oleacc

ObjectFromLresult

esent

JetGotoPosition
JetTerm

Sections

.text
Size: 509KB - Virtual size: 509KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.55
Size: - Virtual size: 173KB

IMAGE_SCN_CNT_UNINITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 824B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.11
Size: 512B - Virtual size: 422B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.22
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.33
Size: 46KB - Virtual size: 46KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.zx
Size: 225KB - Virtual size: 224KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.44
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.66
Size: 61KB - Virtual size: 61KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 512B - Virtual size: 320B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 5KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

536aeaf33c1ae1969144d9bcda3932bc

Headers

DLL Characteristics

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

shlwapi

winmm

rpcrt4

setupapi

gdiplus

msvcrt

oleacc

esent

Sections

.text Size: 509KB - Virtual size: 509KB

.55 Size: - Virtual size: 173KB

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 512B - Virtual size: 824B

.11 Size: 512B - Virtual size: 422B

.22 Size: 5KB - Virtual size: 4KB

.33 Size: 46KB - Virtual size: 46KB

.zx Size: 225KB - Virtual size: 224KB

.44 Size: 45KB - Virtual size: 45KB

.66 Size: 61KB - Virtual size: 61KB

.rsrc Size: 512B - Virtual size: 320B

.reloc Size: 5KB - Virtual size: 4KB

.text
Size: 509KB - Virtual size: 509KB

.55
Size: - Virtual size: 173KB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 512B - Virtual size: 824B

.11
Size: 512B - Virtual size: 422B

.22
Size: 5KB - Virtual size: 4KB

.33
Size: 46KB - Virtual size: 46KB

.zx
Size: 225KB - Virtual size: 224KB

.44
Size: 45KB - Virtual size: 45KB

.66
Size: 61KB - Virtual size: 61KB

.rsrc
Size: 512B - Virtual size: 320B

.reloc
Size: 5KB - Virtual size: 4KB