3dc2c888a27024e71fba92cc4dd62747_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

3dc2c888a27024e71fba92cc4dd62747_JaffaCakes118
Size

312KB
MD5

3dc2c888a27024e71fba92cc4dd62747
SHA1

18e6c40651a4151ce9a28e78edaf9dd8cd52b382
SHA256

11df49a7001304c98718ff0b943986ce6f889d8d13c9168588587ad9b61305b5
SHA512

cdd970bf7bfea724cd71940f9026856ae0d2d05a8c7430874d6afcc11b903cba1353aae260bfe2399bedd20f1093a16ca8ca059680def89fab8f2f6fc9844b95
SSDEEP

6144:m5WqzDAZIthYJQNM8gNQNmht/+gl7KWKepJwszGZlJK9u2f8:mTAMh+QNM8wQYtrwszdQ2

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
3dc2c888a27024e71fba92cc4dd62747_JaffaCakes118

Files

3dc2c888a27024e71fba92cc4dd62747_JaffaCakes118
.dll windows:4 windows x86 arch:x86

40380fa8bc460d9afb6fc0e5ae2265c2

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

msvcp60

?_Tidy@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEX_N@Z
?_Grow@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAE_NI_N@Z
?_Eos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXI@Z
?find@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?_Xran@std@@YAXXZ
?_Split@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@AAEXXZ
?insert@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@IPBDI@Z
?assign@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAEAAV12@PBDI@Z
?_C@?1??_Nullstr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@CAPBDXZ@4DB
?npos@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@2IB
?rfind@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBEIPBDII@Z
?substr@?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QBE?AV12@II@Z
??1?$basic_string@DU?$char_traits@D@std@@V?$allocator@D@2@@std@@QAE@XZ

shlwapi

SHSetValueA
SHDeleteValueA
SHGetValueA

msvcrt

localtime
_mkdir
fflush
wcslen
__dllonexit
_onexit
_except_handler3
?terminate@@YAXXZ
longjmp
__CxxLongjmpUnwind
_setjmp3
_CIpow
_CIacos
??1type_info@@UAE@XZ
_mbscmp
_CIasin
_ftol
_purecall
wprintf
strncmp
printf
_CxxThrowException
_stat
_strnicmp
_strlwr
_access
sprintf
time
__CxxFrameHandler
??2@YAPAXI@Z
strrchr
getenv
rand
srand
_initterm
_adjust_fdiv
fwrite
fread
fclose
ftell
fseek
fopen
atoi
strstr
exit
malloc
free
vsprintf
mktime
_mbsnbicmp
rename
sscanf
atol
memmove
strncpy
strtok
abort
strchr
isspace
_stricmp
strftime

ws2_32

inet_addr
ntohl
gethostbyname
gethostname
htons
recvfrom
bind
socket
sendto
WSAStartup
WSACleanup
closesocket
ntohs

iphlpapi

GetAdaptersInfo

rasapi32

RasEnumConnectionsA

setupapi

SetupDiDestroyDeviceInfoList
SetupDiCallClassInstaller
SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA
SetupDiSetClassInstallParamsA

netapi32

Netbios

user32

IsWindow
CloseDesktop
CloseWindowStation
ReleaseDC
GetDC
SetThreadDesktop
OpenDesktopA
SetProcessWindowStation
wsprintfA
GetWindowThreadProcessId
IsCharAlphaNumericA
DispatchMessageA
TranslateMessage
GetMessageA
SetTimer
CreateWindowExA
RegisterClassExA
OpenWindowStationA
GetThreadDesktop
GetProcessWindowStation
GetClassNameA
GetWindowLongA
FindWindowExA
GetPriorityClipboardFormat
SendMessageA
CloseClipboard
GetWindowTextA
GetForegroundWindow
GetClipboardData
OpenClipboard
GetSystemMetrics
DefWindowProcA
SetClipboardViewer
PostQuitMessage
ChangeClipboardChain
PeekMessageA

oleaut32

GetErrorInfo
SetErrorInfo
VariantChangeType
SysFreeString
CreateErrorInfo
VariantClear
VariantInit

advapi32

RegOpenKeyExA
RegCloseKey
OpenSCManagerA
OpenServiceA
ControlService
CloseServiceHandle
DeleteService
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
RegEnumKeyExA
RegQueryInfoKeyA
CreateServiceA
StartServiceA
QueryServiceStatus
OpenServiceW
OpenSCManagerW
RegEnumKeyA
RegOpenKeyA
RegConnectRegistryA
RegEnumValueA

kernel32

CreateThread
MoveFileExA
GetWindowsDirectoryA
CreateProcessA
Sleep
GetLastError
MoveFileA
CloseHandle
InterlockedExchange
FreeLibrary
SizeofResource
LockResource
LoadResource
FindResourceA
GetCurrentThreadId
SetEvent
EnterCriticalSection
WaitForSingleObject
LeaveCriticalSection
InitializeCriticalSection
CreateEventA
GetExitCodeThread
ResumeThread
DeleteCriticalSection
WritePrivateProfileStringA
GetLogicalDrives
GetVolumeInformationA
LoadLibraryA
GetLogicalDriveStringsA
GetDriveTypeA
FileTimeToLocalFileTime
FileTimeToSystemTime
lstrlenW
ReadProcessMemory
GetModuleHandleA
lstrcatA
lstrcpyA
SetFilePointer
GetCurrentProcessId
FindFirstFileA
FindNextFileA
FindClose
GetSystemDirectoryA
GetExitCodeProcess
OpenProcess
TerminateProcess
GetCurrentThread
GetCurrentProcess
WideCharToMultiByte
GetLocalTime
CreateToolhelp32Snapshot
Process32First
Process32Next
GetSystemDefaultLCID
GetVersionExA
GetPrivateProfileIntA
GetPrivateProfileStringA
InterlockedCompareExchange
TerminateThread
LocalFree
LocalAlloc
lstrlenA
SetLastError
WriteFile
CreateFileW
MultiByteToWideChar
GlobalAlloc
GlobalLock
GlobalHandle
GlobalUnlock
GlobalFree
DeviceIoControl
GetFileSize
ReadFile
CreateFileA
SystemTimeToFileTime
GetFileTime
LocalFileTimeToFileTime
SetFileTime
OutputDebugStringA
GetModuleFileNameA
CreateMutexA
GetProcAddress
SetFileAttributesA
InterlockedIncrement
EndUpdateResourceA
UpdateResourceA
BeginUpdateResourceA
DeleteFileA
CopyFileA
GetTickCount
GetDiskFreeSpaceExA
InterlockedDecrement
GetTempPathA

mfc42

ord5858
ord2818
ord860
ord800
ord540
ord6877
ord537
ord858
ord924
ord4129
ord5683
ord801
ord541
ord2614
ord354
ord665
ord535
ord5710
ord6883
ord4278
ord2107

gdi32

GetStockObject
SelectPalette
RealizePalette
GetDIBits
DeleteObject
DeleteDC
GetPixel
SetDIBitsToDevice
CreateDCA
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
BitBlt
GetDeviceCaps

shell32

SHGetSpecialFolderLocation
SHGetPathFromIDListA

ole32

StgOpenStorage
CoInitialize
CoCreateInstance
CoUninitialize
StgIsStorageFile
CoTaskMemFree
CoTaskMemAlloc

winmm

mixerGetDevCapsA
mixerOpen
mixerGetLineInfoA
mixerGetLineControlsA
mixerGetNumDevs
waveInUnprepareHeader
waveInOpen
waveInGetErrorTextA
waveInPrepareHeader
waveInAddBuffer
waveInStart
waveInReset
waveInClose
mixerSetControlDetails
mixerClose
mixerGetControlDetailsA

Exports

Exports

DealA
DealB

Sections

.text
Size: 177KB - Virtual size: 177KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 37KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 73KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 11KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

40380fa8bc460d9afb6fc0e5ae2265c2

Headers

File Characteristics

Imports

msvcp60

shlwapi

msvcrt

ws2_32

iphlpapi

rasapi32

setupapi

netapi32

user32

oleaut32

advapi32

kernel32

mfc42

gdi32

shell32

ole32

winmm

Exports

Exports

Sections

.text Size: 177KB - Virtual size: 177KB

.rdata Size: 37KB - Virtual size: 37KB

.data Size: 73KB - Virtual size: 73KB

.reloc Size: 11KB - Virtual size: 11KB

.text
Size: 177KB - Virtual size: 177KB

.rdata
Size: 37KB - Virtual size: 37KB

.data
Size: 73KB - Virtual size: 73KB

.reloc
Size: 11KB - Virtual size: 11KB