403862bf37a926a005b597fb4e40f273_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

403862bf37a926a005b597fb4e40f273_JaffaCakes118
Size

653KB
MD5

403862bf37a926a005b597fb4e40f273
SHA1

610df5f5c6e50376fb036941014010563f4e7523
SHA256

ca3238b43f65ae090839aacd0cb91b4e040c6596d730cbcc454aa81296fbf230
SHA512

f7c995c3736a2c7cb1e2bfd08e1311bbe60ae8dae5245bfc220db700f56706c2fd035cfcf74d3e40a3260ded365aedb552b401e07010932903a74b43470cf3bc
SSDEEP

12288:udsaVSiUxCOfz7edC/Ih4GrlSB7NLx/k0ornjw:udskSTfz7ek/uUB7Nd/bornj

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
403862bf37a926a005b597fb4e40f273_JaffaCakes118

Files

403862bf37a926a005b597fb4e40f273_JaffaCakes118
.dll windows:5 windows x86 arch:x86

5ad9dfe95287823ef681235f0636f6d6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

PathFindExtensionA
PathFindFileNameA
PathFileExistsA
PathRemoveFileSpecA

winmm

PlaySoundA

ws2_32

WSASetLastError
inet_addr
WSACloseEvent
closesocket
WSAGetOverlappedResult
WSAGetLastError
WSARecv
WSAResetEvent
WSASend
WSAEnumNetworkEvents
WSAConnect
WSAEventSelect
WSASetEvent
WSACreateEvent
WSASocketA
getaddrinfo
freeaddrinfo
WSACleanup
WSAStartup

kernel32

GetLocaleInfoA
EnumResourceLanguagesA
ConvertDefaultLocale
GetCurrentThread
GetCurrentProcessId
LocalAlloc
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
SetErrorMode
GlobalFlags
GetModuleHandleW
InterlockedIncrement
GetCPInfo
GetOEMCP
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
SetEndOfFile
InterlockedExchange
ExitThread
CreateThread
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetLocalTime
GetSystemTimeAsFileTime
HeapSize
GetCommandLineA
RtlUnwind
VirtualAlloc
HeapCreate
HeapDestroy
VirtualFree
GetACP
IsValidCodePage
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
SetStdHandle
GetConsoleCP
GetConsoleMode
GetTimeZoneInformation
GetTimeFormatA
GetDateFormatA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
InitializeCriticalSectionAndSpinCount
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringW
SetEnvironmentVariableA
lstrcmpA
SuspendThread
ResumeThread
SetThreadPriority
GetCurrentThreadId
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
CompareStringA
lstrcmpW
GetVersionExA
FreeLibrary
InterlockedDecrement
GetModuleFileNameW
GetModuleHandleA
GetProcAddress
SetLastError
FormatMessageA
LocalFree
MulDiv
GlobalFree
FreeResource
IsBadReadPtr
GlobalSize
GlobalUnlock
GlobalLock
GlobalAlloc
UnmapViewOfFile
GetFileSize
CreateFileMappingA
MapViewOfFileEx
CreateFileA
GetProcessHeap
HeapAlloc
HeapReAlloc
HeapFree
Sleep
ExitProcess
LoadLibraryA
CreateMutexA
GetTickCount
lstrlenA
MultiByteToWideChar
Process32Next
Process32First
CreateToolhelp32Snapshot
GetCurrentProcess
VirtualProtect
FlushInstructionCache
WriteProcessMemory
VirtualProtectEx
GetPrivateProfileStringA
GetPrivateProfileIntA
WritePrivateProfileStringA
GetModuleFileNameA
LeaveCriticalSection
EnterCriticalSection
WaitForMultipleObjects
RaiseException
SetEvent
SetWaitableTimer
CreateWaitableTimerA
WaitForSingleObject
CreateEventA
lstrlenW
GetLastError
DeleteCriticalSection
InitializeCriticalSection
FindResourceA
LoadResource
LockResource
SizeofResource
WideCharToMultiByte
CloseHandle

user32

ModifyMenuA
LoadBitmapA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
ValidateRect
GetCursorPos
TranslateMessage
GetMessageA
PostQuitMessage
SetCursor
GetWindowThreadProcessId
UnregisterClassA
GetSysColorBrush
LoadCursorA
DestroyMenu
EnableMenuItem
CheckMenuItem
RegisterWindowMessageA
WinHelpA
GetCapture
SetWindowsHookExA
CallNextHookEx
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetLastActivePopup
DispatchMessageA
GetTopWindow
GetMessageTime
GetMessagePos
PeekMessageA
MapWindowPoints
SetMenu
SetForegroundWindow
IsWindowVisible
UpdateWindow
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
CopyRect
DefWindowProcA
CallWindowProcA
PtInRect
GetMenu
SystemParametersInfoA
GetWindowPlacement
EndPaint
BeginPaint
ReleaseDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
GetFocus
SetWindowPos
MoveWindow
GetDlgCtrlID
SetWindowTextA
IsDialogMessageA
SendDlgItemMessageA
GetWindowTextLengthA
GetWindowTextA
GetWindow
SetFocus
UnhookWindowsHookEx
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetDesktopWindow
PostMessageA
LoadIconA
LoadImageA
GetWindowRect
GetActiveWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
IsWindowEnabled
GetParent
GetNextDlgTabItem
EndDialog
ShowWindow
GetKeyState
GetClipboardData
CloseClipboard
SetClipboardData
EmptyClipboard
OpenClipboard
SetTimer
RedrawWindow
SendMessageA
GetWindowLongA
SetWindowLongA
SetLayeredWindowAttributes
IsIconic
GetSystemMetrics
GetClientRect
DrawIcon
ReleaseCapture
InvalidateRect
IsWindow
EnableWindow
SetWindowTextW
SetWindowLongW
GetWindowLongW
KillTimer
MessageBoxA
GetSysColor
FillRect
GetDC

gdi32

SetBkColor
SetBkMode
SetTextColor
SetMapMode
GetClipBox
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
RestoreDC
CreateBitmap
CreateSolidBrush
SaveDC
GetDeviceCaps
CreateFontIndirectA
GetObjectA
GetStockObject
CreatePen
Rectangle
SetPixel
BitBlt
CreateCompatibleBitmap
CreateCompatibleDC
DeleteObject
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
MoveToEx
LineTo

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

advapi32

RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegCloseKey
RegQueryValueExA
RegOpenKeyExA

ole32

CoCreateInstance
CoUninitialize
CoInitialize

oleaut32

VariantClear
VariantChangeType
VariantInit

Exports

Exports

Initialize

Sections

.text
Size: 320KB - Virtual size: 320KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 74KB - Virtual size: 73KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 45KB - Virtual size: 45KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.ptext0
Size: 200KB - Virtual size: 199KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 1024B - Virtual size: 536B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5ad9dfe95287823ef681235f0636f6d6

Headers

File Characteristics

Imports

shlwapi

winmm

ws2_32

kernel32

user32

gdi32

winspool.drv

advapi32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 320KB - Virtual size: 320KB

.rdata Size: 74KB - Virtual size: 73KB

.data Size: 11KB - Virtual size: 36KB

.rsrc Size: 45KB - Virtual size: 45KB

.ptext0 Size: 200KB - Virtual size: 199KB

.reloc Size: 1024B - Virtual size: 536B

.text
Size: 320KB - Virtual size: 320KB

.rdata
Size: 74KB - Virtual size: 73KB

.data
Size: 11KB - Virtual size: 36KB

.rsrc
Size: 45KB - Virtual size: 45KB

.ptext0
Size: 200KB - Virtual size: 199KB

.reloc
Size: 1024B - Virtual size: 536B