38547af51e7789cf058df77ca587f445_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

38547af51e7789cf058df77ca587f445_JaffaCakes118
Size

472KB
MD5

38547af51e7789cf058df77ca587f445
SHA1

205d2200b0347072d8170761785f3fde89410161
SHA256

7eb402dcdc898e89723fa5bb9dd482f6b756be7395130a9df8540c9f12b456d7
SHA512

46368479bab3c9f1e692c5a6d0ae3e5ce414d25f6459a0eb2ecef86ca00562202504fa1b5494f0fe479886ff149db77f1f6619df1b088adc0d416c4c94fc1dac
SSDEEP

6144:+bbE2ZHTpnIdp3zz/hxGI6BxQWg3shgyzSac60FMeMHjZEAItt1wPo5a:ETRWb3zzUxQW9hrSaryMeMDaxwPUa

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
38547af51e7789cf058df77ca587f445_JaffaCakes118

Files

38547af51e7789cf058df77ca587f445_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

98b3ff83831972a0e186d5e7646d7e38

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

PlaySoundW

shlwapi

PathFileExistsW

wininet

DeleteUrlCacheEntryW
HttpQueryInfoW
InternetCloseHandle
InternetOpenUrlW
InternetOpenW
InternetReadFile
FindCloseUrlCache
FindNextUrlCacheEntryW
FindFirstUrlCacheEntryW

setupapi

SetupIterateCabinetW

kernel32

GetProcAddress
SetLastError
GetLastError
FreeLibrary
LoadLibraryW
OutputDebugStringA
GetModuleHandleA
GetModuleFileNameW
CreateFileW
lstrcpyW
GetCurrentProcessId
LoadLibraryA
Sleep
GlobalUnlock
GlobalLock
LeaveCriticalSection
EnterCriticalSection
GetModuleHandleW
lstrcatW
DebugBreak
OutputDebugStringW
GetVersion
MultiByteToWideChar
WideCharToMultiByte
FindClose
GetTempFileNameW
FlushInstructionCache
GetCurrentProcess
GetVersionExW
lstrcmpW
GetCurrentThreadId
GetTempPathW
GetShortPathNameW
SizeofResource
LoadResource
FindResourceW
LoadLibraryExW
lstrcmpiW
lstrcpynW
DisableThreadLibraryCalls
InitializeCriticalSection
HeapDestroy
DeleteCriticalSection
CompareStringA
CompareStringW
SetEnvironmentVariableA
lstrlenA
MoveFileExW
GetTempPathA
CreateFileA
WriteFile
CloseHandle
InterlockedIncrement
DeleteFileW
RemoveDirectoryW
lstrlenW
InterlockedDecrement
SetEndOfFile
GetACP
GetOEMCP
FindFirstFileW
FindNextFileW
GlobalAlloc
TerminateThread
GetStartupInfoA
GetSystemTime
GetStdHandle
SetHandleCount
ReadFile
LCMapStringW
LCMapStringA
UnhandledExceptionFilter
IsBadWritePtr
VirtualAlloc
VirtualFree
HeapCreate
GetVersionExA
GetEnvironmentVariableA
GetModuleFileNameA
SetUnhandledExceptionFilter
HeapSize
TerminateProcess
ExitProcess
TlsGetValue
TlsFree
TlsAlloc
GetCommandLineA
HeapReAlloc
HeapAlloc
SetCurrentDirectoryW
GetCurrentDirectoryW
SetEnvironmentVariableW
GetFullPathNameW
GetLocalTime
GetTimeZoneInformation
ExitThread
TlsSetValue
CreateThread
ResumeThread
CreateDirectoryW
HeapFree
RtlUnwind
RaiseException
LocalAlloc
GetFileType
SetFilePointer
InterlockedExchange
LocalFree
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
IsBadReadPtr
IsBadCodePtr
SetStdHandle
FlushFileBuffers
GetStringTypeA
GetStringTypeW
GetDriveTypeA
GetCPInfo

user32

GetParent
SendMessageW
wsprintfA
UnhookWindowsHookEx
IsWindow
CharLowerW
PostMessageW
UnregisterClassW
DispatchMessageW
SetActiveWindow
MoveWindow
GetWindowRect
EmptyClipboard
LoadCursorFromFileW
CreateWindowExW
GetDlgItem
InvalidateRgn
SetCapture
ReleaseCapture
DestroyAcceleratorTable
DefWindowProcW
MessageBoxW
CharNextW
GetWindowLongW
GetClipboardData
GetWindowTextLengthW
SetWindowLongW
IsWindowVisible
CloseClipboard
SetWindowTextW
OpenClipboard
GetSysColor
RegisterWindowMessageW
GetSystemMetrics
LoadCursorW
GetWindow
RegisterClassExW
GetClassInfoExW
DestroyCursor
EnableMenuItem
GetWindowTextW
CreateAcceleratorTableW
GetDesktopWindow
BeginPaint
GetClientRect
EndPaint
IsChild
CallWindowProcW
GetDC
ReleaseDC
FillRect
DrawEdge
OffsetRect
GetMenuItemInfoW
CopyRect
DestroyWindow
SetFocus
ShowWindow
LoadMenuW
GetSubMenu
InsertMenuW
MapWindowPoints
LoadImageW
GetMessagePos
GetCursorPos
GetFocus
LoadStringW
SetWindowsHookExW
WindowFromPoint
SetCursor
ScreenToClient
PtInRect
GetKeyState
GetClassNameW
CallNextHookEx
InvalidateRect
wvsprintfW
wsprintfW
TrackPopupMenu
SetTimer
CreatePopupMenu
AppendMenuW
CheckMenuItem
DestroyMenu
KillTimer
SetWindowPos
RedrawWindow
TranslateMessage

gdi32

CreateFontW
ExtTextOutW
GetTextExtentPoint32W
GetTextMetricsW
SetTextColor
SetBkColor
SetBkMode
SelectObject
CreateBrushIndirect
DeleteDC
BitBlt
CreateCompatibleDC
CreateCompatibleBitmap
CreateSolidBrush
GetDeviceCaps
GetStockObject
GetTextExtentPointW
GetObjectW
DeleteObject

advapi32

RegEnumValueW
RegQueryInfoKeyW
RegEnumKeyExW
RegDeleteKeyW
RegDeleteValueW
RegCloseKey
RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegQueryValueExW

shell32

ShellExecuteA
SHEmptyRecycleBinW
SHAddToRecentDocs
ShellExecuteW

ole32

OleInitialize
CLSIDFromProgID
CoCreateInstance
CoCreateGuid
OleUninitialize
CLSIDFromString
CoUninitialize
CoTaskMemFree
StringFromCLSID
CoTaskMemAlloc
OleLockRunning
RegisterDragDrop
ReleaseStgMedium
CoTaskMemRealloc
OleRun
CreateStreamOnHGlobal
CoInitialize

oleaut32

VariantInit
SysStringByteLen
RegisterTypeLi
VarUI4FromStr
OleCreateFontIndirect
SysAllocStringLen
SafeArrayCreate
LoadRegTypeLi
SafeArrayCreateVector
DispCallFunc
SafeArrayUnaccessData
SafeArrayDestroy
SafeArrayAccessData
VariantClear
SysStringLen
LoadTypeLi
SysAllocString
SysFreeString
SysAllocStringByteLen
VariantCopy
GetErrorInfo
VariantChangeType

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
TBStudioReg

Sections

.text
Size: 332KB - Virtual size: 330KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 36KB - Virtual size: 39KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SHARED
Size: 4KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

98b3ff83831972a0e186d5e7646d7e38

Headers

File Characteristics

Imports

winmm

shlwapi

wininet

setupapi

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 332KB - Virtual size: 330KB

.rdata Size: 56KB - Virtual size: 54KB

.data Size: 36KB - Virtual size: 39KB

.SHARED Size: 4KB - Virtual size: 1KB

.rsrc Size: 12KB - Virtual size: 9KB

.reloc Size: 28KB - Virtual size: 27KB

.text
Size: 332KB - Virtual size: 330KB

.rdata
Size: 56KB - Virtual size: 54KB

.data
Size: 36KB - Virtual size: 39KB

.SHARED
Size: 4KB - Virtual size: 1KB

.rsrc
Size: 12KB - Virtual size: 9KB

.reloc
Size: 28KB - Virtual size: 27KB