3b4d715a4691ffb4cfff90be6a49c9fc_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3b4d715a4691ffb4cfff90be6a49c9fc_JaffaCakes118
Size

656KB
MD5

3b4d715a4691ffb4cfff90be6a49c9fc
SHA1

de60773aef48f3a312d1faa367ff5ab518e8771b
SHA256

c5f3a859da8ec70434592d82db62f6e38e5b0fe19f6b1a2f344c898f2117d39e
SHA512

07853559be20e282c53cfe2612bf26fa06c7c7e5add9542c2955b99ed6901ddb312c2f71b7b56f925ca3330cc0bcd92b0e411bab07fc7f12584138ba17ce6cf3
SSDEEP

12288:+XaGGilVHhmLWUwO4BeuHZJ/TtOi4hjsy5fYA8n:IaDuVHhmyUwO4HHZJ/zi9C

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3b4d715a4691ffb4cfff90be6a49c9fc_JaffaCakes118

Files

3b4d715a4691ffb4cfff90be6a49c9fc_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

908f6bc7d0f17cb3867bb7baad787566

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msimg32

TransparentBlt

mfc42

ord5794
ord5678
ord5736
ord5579
ord5571
ord6061
ord5864
ord3596
ord2452
ord816
ord562
ord2381
ord5590
ord2571
ord3701
ord500
ord772
ord6142
ord3986
ord5981
ord3619
ord2405
ord2859
ord2754
ord4133
ord4297
ord5787
ord5788
ord283
ord2753
ord932
ord6759
ord5933
ord3880
ord3425
ord3054
ord6716
ord6692
ord3797
ord3055
ord3056
ord3296
ord2862
ord3754
ord3914
ord3297
ord4125
ord3803
ord4060
ord2937
ord3920
ord3293
ord6762
ord6678
ord4123
ord6696
ord6734
ord3546
ord3766
ord861
ord273
ord603
ord3693
ord2713
ord6157
ord6605
ord4023
ord5785
ord2841
ord2107
ord5450
ord6394
ord559
ord812
ord5862
ord6144
ord3566
ord2975
ord3757
ord3481
ord1168
ord1176
ord3752
ord1949
ord5572
ord1116
ord1575
ord1577
ord1182
ord342
ord1243
ord1197
ord1570
ord1253
ord1255
ord1578
ord600
ord826
ord269
ord825
ord860
ord800
ord537
ord823
ord858
ord540
ord539
ord6467
ord909
ord394
ord4185
ord5628
ord535
ord4274
ord3953
ord2725
ord4191
ord3435
ord3441
ord1131
ord5860
ord5606
ord6375
ord4486
ord2554
ord2512
ord5731
ord3922
ord1089
ord5199
ord2396
ord3346
ord5300
ord5302
ord4079
ord5873
ord6021
ord6189
ord4330
ord6186
ord5756
ord6192
ord5759
ord2971
ord289
ord613
ord3571
ord5781
ord696
ord3643
ord472
ord2380
ord1641
ord2414
ord3626
ord3706
ord323
ord1640
ord2714
ord2450
ord640
ord6880
ord702
ord912
ord5593
ord5596
ord400
ord3649
ord5634
ord915
ord4188
ord879
ord4204
ord4129
ord5710
ord6662
ord2740
ord2846
ord5440
ord404
ord703
ord354
ord350
ord5186
ord924
ord3663
ord3616
ord3127
ord5651
ord882
ord2801
ord2915
ord4698
ord5307
ord5289
ord5714
ord2982
ord3147
ord3259
ord4465
ord3136
ord3262
ord2985
ord3081
ord2976
ord3830
ord3831
ord3825
ord3079
ord4080
ord4622
ord4424
ord3738
ord561
ord815
ord4275
ord2379
ord939
ord755
ord5875
ord6172
ord5789
ord3438
ord470
ord2860
ord2864
ord3646
ord397
ord699
ord665
ord1979
ord1969
ord6383

msvcrt

_wcsnset
_strcmpi
__CxxFrameHandler
_mbscmp
_purecall
free
malloc
realloc
_CxxThrowException
atoi
_except_handler3
wcscmp
__RTDynamicCast
strstr
strncmp
_strnicmp
mbstowcs
wcschr
swprintf
wcslen
wcscpy
_itow
_ftol
toupper
wcsstr
_snprintf
printf
rand
isdigit
_strupr
srand
sscanf
strncpy
__dllonexit
_onexit
?terminate@@YAXXZ
_initterm
_adjust_fdiv
??1type_info@@UAE@XZ
_stricmp

kernel32

GlobalLock
InterlockedExchange
HeapFree
GetProcessHeap
HeapAlloc
GetVersion
MulDiv
GetUserDefaultLangID
FindResourceExA
GetTimeFormatW
GetDateFormatW
GetLocaleInfoW
GetLocalTime
LocalFree
LocalReAlloc
lstrcmpA
LoadLibraryW
GlobalAlloc
GlobalFree
LocalAlloc
GetVersionExA
RaiseException
GlobalUnlock
Sleep
OutputDebugStringA
lstrcatA
lstrcpyA
LoadLibraryA
GetProcAddress
IsDBCSLeadByte
lstrcpynA
lstrcmpiA
LoadLibraryExA
GetLastError
FindResourceA
LoadResource
SizeofResource
FreeLibrary
GetModuleFileNameA
GetModuleHandleA
GetShortPathNameA
lstrlenA
lstrlenW
InterlockedDecrement
InterlockedIncrement
LocalSize
LocalLock
LocalUnlock
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
HeapDestroy
InitializeCriticalSection
GetCurrentThreadId
MultiByteToWideChar
WideCharToMultiByte

user32

TrackMouseEvent
DestroyWindow
RegisterClassA
GetClassInfoA
CreateWindowExA
DefWindowProcA
GetTabbedTextExtentA
MessageBoxA
GetMessageA
GetDCEx
AdjustWindowRectEx
GetSystemMenu
DrawMenuBar
TrackPopupMenu
GetMenu
IsMenu
GetActiveWindow
SetRectEmpty
GetAncestor
InvalidateRect
SetCapture
ClientToScreen
ReleaseCapture
IsZoomed
LockWindowUpdate
GetCursorPos
GetWindowRgn
GetCapture
SetWindowRgn
GrayStringA
DrawTextA
TabbedTextOutA
ScreenToClient
IsWindowVisible
IsWindowEnabled
ShowScrollBar
GetTopWindow
GetForegroundWindow
RedrawWindow
SetWindowPos
GetWindow
IsWindow
RemovePropA
SetPropA
IsWindowUnicode
SetWindowLongW
SetWindowLongA
GetPropA
DrawStateA
GetDC
ReleaseDC
GetSystemMetrics
ShowWindow
SetForegroundWindow
SetActiveWindow
GetWindowPlacement
WindowFromPoint
CopyRect
IsRectEmpty
SetRect
GetWindowRect
OffsetRect
CopyImage
PtInRect
SetCursor
GetParent
SendMessageA
LoadCursorA
GetClientRect
GetClassNameA
CharNextA
PostMessageA
GetClassLongA
SetClassLongA
EnumThreadWindows
EnumChildWindows
SetScrollPos
SetScrollInfo
EnableScrollBar
GetMessagePos
KillTimer
SetTimer
EndPaint
MapWindowPoints
CallWindowProcA
BeginPaint
DrawEdge
GetSysColorBrush
GetWindowDC
DestroyIcon
EqualRect
UnionRect
GetScrollPos
FillRect
FrameRect
InvertRect
GetDlgCtrlID
IntersectRect
SubtractRect
UpdateWindow
GetSysColor
WindowFromDC
LoadIconA
DrawFrameControl
DrawFocusRect
SystemParametersInfoA
GetMenuItemRect
SetMenuItemInfoA
GetMenuItemInfoA
GetMenuItemCount
GetMenuItemID
GetMenuState
GetDlgItem
GetIconInfo
DrawIconEx
SetFocus
GetNextDlgTabItem
DrawTextW
GetFocus
RemoveMenu
AppendMenuA
GetSubMenu
CallWindowProcW
GetWindowTextLengthW
GetWindowTextW
GetWindowTextLengthA
GetWindowTextA
GetMenuStringA
GetMenuStringW
SetWindowPlacement
SystemParametersInfoW
SendMessageW
HideCaret
ShowCaret
InflateRect
GetCaretPos
SetCaretPos
GetKeyState
GetScrollInfo
CallNextHookEx
GetDesktopWindow
SetWindowsHookExA
UnhookWindowsHookEx
AdjustWindowRect
GetMenuBarInfo
PeekMessageA
GetWindowLongA
DispatchMessageA
IsIconic

gdi32

SetWindowOrgEx
SetDIBColorTable
GetDIBColorTable
CreatePalette
CreateHalftonePalette
SelectPalette
RealizePalette
GetPaletteEntries
CreateDIBSection
GetObjectW
GetDeviceCaps
IntersectClipRect
GetClipRgn
GetTextMetricsA
ExtTextOutW
CreateFontIndirectW
SetStretchBltMode
GetClipBox
StretchBlt
Rectangle
CreatePatternBrush
SetBrushOrgEx
UnrealizeObject
SelectClipRgn
GetTextExtentPoint32A
PlayEnhMetaFile
SetPixel
CreateSolidBrush
Arc
Ellipse
GetTextExtentPoint32W
GetObjectA
SaveDC
CreatePen
RestoreDC
CreateFontIndirectA
GetPixel
GetTextExtentPointW
GetTextExtentPointA
GetTextMetricsW
SetBoundsRect
ExcludeClipRect
CreateRoundRectRgn
CreateEllipticRgn
PtInRegion
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
SetViewportOrgEx
GetStockObject
ExtSelectClipRgn
PatBlt
GetBkMode
GetTextColor
GetBkColor
GetCurrentObject
SetBkMode
SetTextColor
CreateRectRgn
OffsetRgn
GetRegionData
ExtCreateRegion
BeginPath
MoveToEx
LineTo
EndPath
WidenPath
PathToRegion
GetRgnBox
CreateRectRgnIndirect
CombineRgn
CreateCompatibleDC
SelectObject
CreateBitmap
CreateCompatibleBitmap
BitBlt
SetBkColor
DeleteObject
DeleteDC

advapi32

RegDeleteKeyA
RegEnumKeyExA
RegCloseKey
RegCreateKeyExA
RegOpenKeyExA
RegSetValueExA
RegQueryInfoKeyA
RegEnumValueA
RegQueryValueExA
RegDeleteValueA

shell32

ShellExecuteA

comctl32

InitializeFlatSB
UninitializeFlatSB
ImageList_DrawEx
ImageList_GetIconSize
ImageList_SetBkColor
ImageList_Draw
ImageList_GetIcon
ImageList_GetImageInfo

ole32

GetHGlobalFromStream
CoCreateInstance
CoTaskMemRealloc
CoTaskMemAlloc
CoTaskMemFree
CreateStreamOnHGlobal

oleaut32

SysAllocStringLen
VariantClear
LoadRegTypeLi
SysStringLen
RegisterTypeLi
LoadTypeLi
VarUI4FromStr
SysFreeString
SysAllocString

oleacc

AccessibleObjectFromWindow

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 356KB - Virtual size: 353KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 52KB - Virtual size: 49KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 200KB - Virtual size: 222KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

908f6bc7d0f17cb3867bb7baad787566

Headers

File Characteristics

Imports

msimg32

mfc42

msvcrt

kernel32

user32

gdi32

advapi32

shell32

comctl32

ole32

oleaut32

oleacc

Exports

Exports

Sections

.text Size: 356KB - Virtual size: 353KB

.rdata Size: 52KB - Virtual size: 49KB

.data Size: 200KB - Virtual size: 222KB

.rsrc Size: 12KB - Virtual size: 8KB

.reloc Size: 32KB - Virtual size: 28KB

.text
Size: 356KB - Virtual size: 353KB

.rdata
Size: 52KB - Virtual size: 49KB

.data
Size: 200KB - Virtual size: 222KB

.rsrc
Size: 12KB - Virtual size: 8KB

.reloc
Size: 32KB - Virtual size: 28KB