31efb5880b0042adfb83dc8cb7e3611e_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

31efb5880b0042adfb83dc8cb7e3611e_JaffaCakes118
Size

351KB
MD5

31efb5880b0042adfb83dc8cb7e3611e
SHA1

b2f630ed985683c3115d8159f012497c1f4d6cfa
SHA256

fd0f63b21ce70db00e332db4ae095db522418f2e0464ab18657f8e87e3170a80
SHA512

8d95b8b93d2992cd34b80bbda27eee60dc78e5fca71cd4adfa1f25a54d4408998a7f29932895e0720eead2c6f9b3dbd923c0da372d0ff5d76dd83829f0f053f6
SSDEEP

6144:KcfLlCOjRsKKcsQu7tcb/d6wTcVpto0A8UKrNuJJXFt+gXx+YEB4s6m:KcfLlCuBR/d9okQrwJpFt9oYEB

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
31efb5880b0042adfb83dc8cb7e3611e_JaffaCakes118

Files

31efb5880b0042adfb83dc8cb7e3611e_JaffaCakes118
.dll regsvr32 windows:5 windows x86 arch:x86

ab7b16e5df2c434f2b58054570c2d46c

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

C:\Users\Jin\Desktop\DragSearch III\Release\DragSearch.pdb

Imports

wininet

InternetReadFile
InternetOpenW
InternetCloseHandle
InternetQueryDataAvailable
InternetOpenUrlW

winmm

timeKillEvent
timeSetEvent
timeGetDevCaps

imm32

ImmGetVirtualKey

kernel32

GetVolumeInformationW
GetFullPathNameW
CreateFileW
FileTimeToLocalFileTime
GetFileAttributesW
GetFileSizeEx
GetFileTime
HeapAlloc
HeapFree
RtlUnwind
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
HeapReAlloc
Sleep
ExitProcess
HeapSize
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
SetEndOfFile
VirtualFree
HeapCreate
HeapDestroy
GetStdHandle
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
GetConsoleCP
GetConsoleMode
GetLocaleInfoA
LCMapStringA
GetStringTypeA
GetStringTypeW
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
FindFirstFileW
lstrlenA
GetModuleHandleA
GlobalFlags
SetErrorMode
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
FileTimeToSystemTime
GetTickCount
GetCurrentProcessId
CloseHandle
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
lstrcmpA
GetLocaleInfoW
CompareStringA
InterlockedExchange
WideCharToMultiByte
FreeResource
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
lstrcmpW
GetVersionExA
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
LocalFree
MulDiv
SetLastError
LoadLibraryW
GetThreadLocale
SetThreadLocale
CreateTimerQueue
CreateTimerQueueTimer
LeaveCriticalSection
EnterCriticalSection
GetCurrentThreadId
GetVersionExW
GetModuleFileNameW
LoadLibraryExW
FreeLibrary
InterlockedDecrement
InterlockedIncrement
WaitForSingleObject
DeleteTimerQueue
GetCurrentProcess
FlushInstructionCache
lstrcmpiW
GetModuleHandleW
GetProcAddress
MultiByteToWideChar
GetLastError
FindResourceW
LoadResource
LockResource
SizeofResource
DeleteCriticalSection
InitializeCriticalSection
RaiseException
lstrlenW
FindClose
DuplicateHandle
WritePrivateProfileStringW
GetFileSize
InterlockedCompareExchange
GetProcessHeap
IsProcessorFeaturePresent

user32

EndPaint
BeginPaint
GetWindowDC
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
ClientToScreen
DestroyMenu
LoadCursorW
GetDC
ReleaseDC
GetSysColorBrush
UnregisterClassW
GetDesktopWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
SetWindowContextHelpId
MapDialogRect
RegisterClipboardFormatW
GetWindowThreadProcessId
SetCursor
GetMessageW
TranslateMessage
GetCursorPos
ValidateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
PostQuitMessage
RegisterWindowMessageW
LoadIconW
SendDlgItemMessageA
WinHelpW
IsChild
GetCapture
MessageBeep
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetForegroundWindow
GetLastActivePopup
DispatchMessageW
GetTopWindow
GetMessageTime
GetMessagePos
PeekMessageW
MapWindowPoints
SetMenu
UpdateWindow
GetClientRect
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
EqualRect
CopyRect
PtInRect
GetMenu
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
UnhookWindowsHookEx
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetWindowTextW
GetFocus
SetWindowPos
SetFocus
GetDlgCtrlID
SetWindowTextW
IsDialogMessageW
GetNextDlgGroupItem
ReleaseCapture
SetCapture
InvalidateRgn
InvalidateRect
SetRect
IsRectEmpty
CopyAcceleratorTableW
PostThreadMessageW
CharUpperW
GetClassLongW
SendDlgItemMessageW
GetDlgItem
GetWindow
GetActiveWindow
SetLayeredWindowAttributes
SetActiveWindow
KillTimer
IsWindowVisible
PostMessageW
GetKeyState
MoveWindow
EnableWindow
CallWindowProcW
SetWindowsHookExW
FindWindowExW
GetSystemMetrics
CallNextHookEx
DefWindowProcW
SetTimer
SendMessageW
GetWindowLongW
SetWindowLongW
CharNextW
SetParent
ShowWindow
IsWindow
DestroyWindow
GetParent
GetWindowRect
IsWindowEnabled
SetForegroundWindow

gdi32

ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
SetWindowExtEx
CreateRectRgnIndirect
GetRgnBox
GetMapMode
GetWindowExtEx
GetViewportExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SetTextColor
GetClipBox
SelectObject
Escape
TextOutW
RectVisible
GetDeviceCaps
SetMapMode
RestoreDC
SaveDC
DeleteObject
ExtTextOutW
GetTextColor
GetBkColor
GetStockObject
CreateBitmap
GetObjectW
SetBkColor
PtVisible

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
OpenPrinterW
DocumentPropertiesW

advapi32

RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegQueryValueExW
RegEnumKeyExW
RegQueryInfoKeyW
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegCloseKey
RegDeleteValueW
RegDeleteKeyW

shlwapi

PathFindFileNameW
PathStripToRootW
PathIsUNCW
PathFindExtensionW

oledlg

OleUIBusyW

ole32

CoGetClassObject
CLSIDFromString
CLSIDFromProgID
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StringFromGUID2
CoCreateInstance
CoTaskMemFree
CoTaskMemRealloc
CoTaskMemAlloc
CoRevokeClassObject
OleFlushClipboard
OleIsCurrentClipboard
CoRegisterMessageFilter
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes

oleaut32

SystemTimeToVariantTime
VariantTimeToSystemTime
SafeArrayDestroy
VariantCopy
OleCreateFontIndirect
VariantChangeType
SysAllocStringLen
RegisterTypeLi
UnRegisterTypeLi
LoadTypeLi
LoadRegTypeLi
SysStringLen
DispCallFunc
VariantClear
VariantInit
VarUI4FromStr
SysAllocString
SysFreeString

iphlpapi

GetAdaptersInfo

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllInstall
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 262KB - Virtual size: 261KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 68KB - Virtual size: 68KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 13KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SHARED_
Size: 2.0MB - Virtual size: 2.0MB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 6KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 43KB - Virtual size: 42KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

ab7b16e5df2c434f2b58054570c2d46c

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

wininet

winmm

imm32

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shlwapi

oledlg

ole32

oleaut32

iphlpapi

Exports

Exports

Sections

.text Size: 262KB - Virtual size: 261KB

.rdata Size: 68KB - Virtual size: 68KB

.data Size: 13KB - Virtual size: 28KB

.SHARED_ Size: 2.0MB - Virtual size: 2.0MB

.rsrc Size: 6KB - Virtual size: 6KB

.reloc Size: 43KB - Virtual size: 42KB

.text
Size: 262KB - Virtual size: 261KB

.rdata
Size: 68KB - Virtual size: 68KB

.data
Size: 13KB - Virtual size: 28KB

.SHARED_
Size: 2.0MB - Virtual size: 2.0MB

.rsrc
Size: 6KB - Virtual size: 6KB

.reloc
Size: 43KB - Virtual size: 42KB