391bc498f1b62cc88e8ca18c2ada04d6_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

391bc498f1b62cc88e8ca18c2ada04d6_JaffaCakes118
Size

294KB
MD5

391bc498f1b62cc88e8ca18c2ada04d6
SHA1

8711f409404fe903ff2f313ecc3ee9f9fd16e8e7
SHA256

288ce202e139548b874ba8e7e893886d65e3a5d906bb040dc25323148c555058
SHA512

340b489a59cca9b684eb6e5fcc48e5dcb0e04ef2ebec80fa6ed0dab61bdf5e17e800e74bf38d1c87faf9a4a0d930619362fd604bc1b92a869574ac2ca157d6b9
SSDEEP

3072:N4cXEDZxGaEiItJQkt4KvB6A944P0Aw0/8i+IWCnI07HLEVCNVWkbJAopawyB59o:bEDZ+igJQw4Kp6A9jsS80WCoFtSa2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
391bc498f1b62cc88e8ca18c2ada04d6_JaffaCakes118

Files

391bc498f1b62cc88e8ca18c2ada04d6_JaffaCakes118
.dll windows:5 windows x86 arch:x86

6ebde55153e24264e2484ba5337bed15

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

CreateWaitableTimerW
DebugActiveProcess
DefineDosDeviceW
DeleteAtom
DeleteTimerQueueEx
DeleteVolumeMountPointA
DeviceIoControl
DisableThreadLibraryCalls
DosDateTimeToFileTime
EndUpdateResourceW
EnumCalendarInfoA
EnumCalendarInfoExA
EnumCalendarInfoW
EnumDateFormatsA
EnumResourceNamesA
EnumResourceTypesW
EnumUILanguagesW
ExitThread
FileTimeToLocalFileTime
FileTimeToSystemTime
FindCloseChangeNotification
FindFirstFileExA
FindNextFileA
FindNextVolumeMountPointA
FindNextVolumeMountPointW
FindNextVolumeW
FindResourceA
FindVolumeClose
FlushConsoleInputBuffer
FlushFileBuffers
FreeEnvironmentStringsA
FreeLibraryAndExitThread
FreeUserPhysicalPages
GenerateConsoleCtrlEvent
GetBinaryTypeA
GetBinaryTypeW
GetCPInfoExW
GetCommConfig
GetCommProperties
GetCommTimeouts
GetCommandLineW
GetConsoleAliasesA
GetConsoleAliasesW
GetConsoleMode
GetConsoleScreenBufferInfo
GetCurrentConsoleFont
GetCurrentDirectoryA
GetCurrentThread
GetCurrentThreadId
GetDevicePowerState
GetDiskFreeSpaceA
GetDiskFreeSpaceExA
GetDiskFreeSpaceExW
GetDriveTypeW
GetEnvironmentStrings
GetEnvironmentVariableW
GetHandleInformation
GetLargestConsoleWindowSize
GetLastError
GetMailslotInfo
GetNamedPipeHandleStateA
GetPrivateProfileIntW
GetPrivateProfileSectionNamesW
GetPrivateProfileStructA
GetProcessHeap
GetProcessIoCounters
GetProfileSectionA
GetProfileSectionW
GetStartupInfoA
GetStartupInfoW
GetSystemDefaultLangID
GetSystemDirectoryA
GetSystemTime
GetTapeStatus
GetThreadSelectorEntry
GetVersionExW
CreateToolhelp32Snapshot
GetVolumeNameForVolumeMountPointW
GlobalFix
GlobalMemoryStatus
GlobalUnfix
HeapDestroy
InitializeCriticalSection
InterlockedCompareExchange
IsBadCodePtr
IsValidCodePage
LoadLibraryExW
LockFile
LockFileEx
MapUserPhysicalPages
MapViewOfFileEx
Module32Next
Module32NextW
MoveFileExA
MoveFileW
MoveFileWithProgressA
OpenEventA
OpenJobObjectA
OpenMutexW
OpenWaitableTimerA
Process32FirstW
Process32Next
ProcessIdToSessionId
QueryInformationJobObject
ReadDirectoryChangesW
ReadFile
ReleaseSemaphore
RemoveDirectoryA
ReplaceFileA
RtlUnwind
RtlZeroMemory
SetCalendarInfoA
SetCommBreak
SetCommMask
SetComputerNameExW
SetConsoleCP
SetConsoleCursorInfo
SetConsoleScreenBufferSize
SetConsoleTitleW
SetCurrentDirectoryW
SetEndOfFile
SetEnvironmentVariableW
SetErrorMode
SetEvent
SetFileApisToOEM
SetFileAttributesW
SetLocaleInfoW
SetPriorityClass
SetSystemTime
SetThreadExecutionState
SetUnhandledExceptionFilter
SuspendThread
TerminateProcess
TryEnterCriticalSection
UnlockFile
VerLanguageNameA
VerifyVersionInfoA
VirtualQueryEx
VirtualUnlock
WaitForSingleObject
WaitNamedPipeA
WriteConsoleOutputA
WriteConsoleW
WritePrivateProfileStructA
WriteTapemark
_lcreat
lstrcmpi
lstrcpyn
lstrlen
lstrlenW
UnhandledExceptionFilter
GetCurrentProcess
CreateRemoteThread
CreateProcessW
VirtualAlloc
CreateNamedPipeA
CreateMailslotW
CreateMailslotA
CopyFileA
CompareFileTime
CommConfigDialogW
BuildCommDCBAndTimeoutsA
BeginUpdateResourceA
BackupWrite
BackupSeek
AssignProcessToJobObject
AllocateUserPhysicalPages
AddConsoleAliasA
LoadLibraryA
GetProcAddress
GetWindowsDirectoryW
lstrcatW
CreateFileW
GetVolumeNameForVolumeMountPointA
IsDebuggerPresent

user32

CharToOemA
AttachThreadInput
BeginDeferWindowPos
DlgDirSelectComboBoxExW
DragDetect
DrawFrameControl
DrawIconEx
EnableScrollBar
EndPaint
EnumDisplaySettingsExA
EnumThreadWindows
FindWindowExA
FindWindowW
FlashWindow
FreeDDElParam
GetAltTabInfoA
GetCaretPos
GetClassInfoA
GetDialogBaseUnits
GetDlgItem
GetGUIThreadInfo
GetIconInfo
GetLastInputInfo
GetMenuStringA
GetNextDlgGroupItem
GetPriorityClipboardFormat
GetWindowTextA
HiliteMenuItem
IMPSetIMEW
IntersectRect
InvalidateRect
IsDialogMessage
IsDialogMessageA
IsWindowVisible
LoadMenuIndirectA
MapVirtualKeyW
MessageBoxExA
MessageBoxExW
ModifyMenuW
MonitorFromRect
MsgWaitForMultipleObjectsEx
OpenWindowStationA
PostMessageW
PostQuitMessage
PostThreadMessageW
RemovePropW
SendInput
SendMessageTimeoutW
SetCapture
SetClassLongA
SetClassWord
SetClipboardData
SetDlgItemTextW
SetKeyboardState
SetLastErrorEx
SetMenuDefaultItem
SetProcessDefaultLayout
SetProcessWindowStation
SetTimer
SetWinEventHook
SetWindowLongW
SetWindowTextA
SetWindowsHookA
SetWindowsHookExA
SwitchDesktop
TileWindows
ToAsciiEx
ToUnicode
TrackMouseEvent
VkKeyScanExA
WindowFromDC
keybd_event
DestroyAcceleratorTable
DefFrameProcA
DefDlgProcW
DdeInitializeW
DdeGetLastError
DdeGetData
DdeFreeStringHandle
DdeDisconnect
DdeCreateDataHandle
DdeConnect
CreateIconFromResourceEx
CreateIcon
BeginPaint
BroadcastSystemMessageW
CallMsgFilter
CallMsgFilterW
ChangeDisplaySettingsExW
DlgDirListComboBoxA
CloseClipboard
CloseWindowStation
CopyImage
CreateDialogIndirectParamW

comdlg32

ReplaceTextA
ChooseColorW
ChooseFontA
ChooseFontW
CommDlgExtendedError
FindTextA
FindTextW
GetFileTitleA
GetFileTitleW
GetOpenFileNameA
GetOpenFileNameW
GetSaveFileNameA
GetSaveFileNameW
PageSetupDlgA
PageSetupDlgW
PrintDlgA
PrintDlgExA
PrintDlgExW
PrintDlgW
ReplaceTextW
ChooseColorA

ole32

CLIPFORMAT_UserSize
CLSIDFromProgID
CoBuildVersion
CoCreateGuid
CoCreateInstance
CoDeactivateObject
CoDisconnectObject
CoEnableCallCancellation
CoGetInterfaceAndReleaseStream
CoGetStandardMarshal
CoGetTreatAsClass
CoInitializeEx
CoIsHandlerConnected
CoIsOle1Class
CoLockObjectExternal
CoQueryAuthenticationServices
CoQueryReleaseObject
CoReactivateObject
CoRegisterChannelHook
CoRegisterClassObject
CoResumeClassObjects
CoRevertToSelf
CoRevokeClassObject
CoRevokeMallocSpy
CoSetCancelObject
CoSetProxyBlanket
CoSuspendClassObjects
CoTaskMemFree
CoUnloadingWOW
CoWaitForMultipleHandles
CreateAntiMoniker
CreateGenericComposite
CreateStreamOnHGlobal
DcomChannelSetHResult
FreePropVariantArray
GetClassFile
GetConvertStg
GetHGlobalFromILockBytes
HACCEL_UserMarshal
HACCEL_UserSize
HBITMAP_UserSize
HBRUSH_UserFree
HBRUSH_UserMarshal
HDC_UserSize
HENHMETAFILE_UserFree
HENHMETAFILE_UserMarshal
HGLOBAL_UserFree
HGLOBAL_UserUnmarshal
HICON_UserFree
HMENU_UserMarshal
HMETAFILEPICT_UserUnmarshal
HMETAFILE_UserFree
HMETAFILE_UserMarshal
HMETAFILE_UserUnmarshal
HWND_UserUnmarshal
IIDFromString
IsAccelerator
MonikerRelativePathTo
OleConvertOLESTREAMToIStorage
OleCreate
OleCreateFromDataEx
OleCreateMenuDescriptor
OleDoAutoConvert
OleDraw
OleFlushClipboard
OleGetIconOfClass
OleIsCurrentClipboard
OleLoadFromStream
OleNoteObjectVisible
OleRegGetUserType
OleSave
OpenOrCreateStream
ReadClassStg
ReadFmtUserTypeStg
ReleaseStgMedium
STGMEDIUM_UserFree
STGMEDIUM_UserSize
SetConvertStg
StgCreatePropStg
StgOpenStorage
StringFromCLSID
UtConvertDvtd32toDvtd16
UtGetDvtd32Info
WdtpInterfacePointer_UserUnmarshal

oleaut32

VariantTimeToSystemTime
VariantCopy
VariantClear
VariantChangeType
VarWeekdayName
VarUdateFromDate
VarUI4FromUI2
VarUI4FromUI1
VarUI4FromR4
VarUI4FromI4
VarUI4FromI2
VarUI4FromI1
VarUI4FromDec
VarUI4FromDate
VarUI4FromCy
VarUI4FromBool
VarUI2FromUI1
VarUI2FromStr
VarUI2FromR8
VarUI2FromR4
VarUI2FromI4
VarUI2FromI2
VarUI2FromDec
VarUI1FromStr
VarUI1FromI2
VarUI1FromI1
VarUI1FromDisp
VarUI1FromCy
VarUI1FromBool
VarTokenizeFormatString
VarRound
VarR8FromUI4
VarR8FromUI1
VarR8FromR4
VarR8FromI2
VarR8FromI1
VarR8FromDisp
VarR8FromDec
VarR8FromCy
VarR4FromUI4
VarR4FromR8
VarR4FromI2
VarR4FromI1
VarR4FromCy
VarR4FromBool
VarR4CmpR8
VarPow
VarParseNumFromStr
VarOr
VarNeg
VarMul
VarMonthName
VarMod
VarInt
VarImp
VarI4FromUI2
VarI4FromUI1
VarI4FromR4
VarI4FromDisp
VarI4FromDec
VarI4FromDate
VarI4FromBool
VarI2FromUI2
VarI2FromR8
VarI2FromR4
VarI2FromI4
VarI2FromI1
VarI2FromDisp
VarI2FromDec
VarI2FromDate
VarI2FromCy
VarI2FromBool
VarI1FromUI4
VarI1FromUI2
VarI1FromR8
VarI1FromI2
VarI1FromDisp
VarI1FromCy
VarI1FromBool
VarFormatPercent
VarFormatNumber
VarFormatFromTokens
VarFormatCurrency
VarFormat
VarDecMul
VarDecInt
VarDecFromUI4
VarDecFromUI1
VarDecFromI4
VarDecFromI2
VarDecFromDate
VarDecFromCy
VarDecDiv
VarDecCmp
VarDecAdd
VarDateFromUdateEx
VarDateFromUdate
VarDateFromUI4
VarDateFromUI2
VarDateFromUI1
VarDateFromStr
VarDateFromR4
VarDateFromI4
VarDateFromI2
VarDateFromI1
VarDateFromDec
VarDateFromCy
VarCySu
VarCyNeg
VarCyMul
VarCyInt
VarCyFromUI4
VarCyFromStr
VarCyFromR8
VarCyFromR4
VarCyFromI4
VarCyFromI2
VarCyFromDisp
VarCyFromDec
VarCyFromBool
VarCyCmpR8
VarCmp
VarCat
VarBstrFromUI4
VarBstrFromUI2
VarBstrFromR4
VarBstrFromI4
VarBstrFromI1
VarBstrFromDisp
VarBstrFromDec
VarBstrFromDate
VarBstrFromCy
VarBstrFromBool
VarBstrCmp
VarBstrCat
VarBoolFromStr
VarBoolFromR8
VarBoolFromI2
VarBoolFromI1
VarBoolFromCy
VarAnd
VarAdd
VARIANT_UserSize
VARIANT_UserFree
SystemTimeToVariantTime
SysStringLen
SysReAllocStringLen
SysAllocStringLen
SysAllocString
SetErrorInfo
SafeArrayUnlock
SafeArraySetIID
SafeArrayRedim
SafeArrayPutElement
SafeArrayLock
SafeArrayGetLBound
SafeArrayGetElemsize
SafeArrayGetElement
SafeArrayGetDim
SafeArrayDestroyDescriptor
SafeArrayDestroyData
SafeArrayCreateVector
SafeArrayCreateEx
SafeArrayCreate
SafeArrayCopy
SafeArrayAllocDescriptorEx
SafeArrayAllocData
RevokeActiveObject
RegisterTypeLi
RegisterActiveObject
QueryPathOfRegTypeLi
OleSavePictureFile
OleLoadPicturePath
OleLoadPictureFileEx
OleLoadPictureFile
OleLoadPictureEx
BSTR_UserFree
BSTR_UserMarshal
BSTR_UserSize
BstrFromVector
CreateErrorInfo
DispGetParam
DosDateTimeToVariantTime
GetActiveObject
GetAltMonthNames
GetErrorInfo
GetRecordInfoFromTypeInfo
LHashValOfNameSysA
LPSAFEARRAY_UserMarshal
LPSAFEARRAY_UserSize
LoadTypeLi
LoadTypeLibEx
OACreateTypeLib2
OleCreatePropertyFrameIndirect
OleIconToCursor

Sections

.text
Size: 271KB - Virtual size: 271KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 512B - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.CRT
Size: 512B - Virtual size: 4B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.rsrc
Size: 3KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

6ebde55153e24264e2484ba5337bed15

Headers

File Characteristics

Imports

kernel32

user32

comdlg32

ole32

oleaut32

Sections

.text Size: 271KB - Virtual size: 271KB

.rdata Size: 12KB - Virtual size: 12KB

.data Size: 512B - Virtual size: 1KB

.CRT Size: 512B - Virtual size: 4B

.rsrc Size: 3KB - Virtual size: 2KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 271KB - Virtual size: 271KB

.rdata
Size: 12KB - Virtual size: 12KB

.data
Size: 512B - Virtual size: 1KB

.CRT
Size: 512B - Virtual size: 4B

.rsrc
Size: 3KB - Virtual size: 2KB

.reloc
Size: 4KB - Virtual size: 3KB