415442d1acd7467ba2e907dd671b3ddb_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

415442d1acd7467ba2e907dd671b3ddb_JaffaCakes118
Size

656KB
MD5

415442d1acd7467ba2e907dd671b3ddb
SHA1

1999db69380ea372421789ef08599af8f760573c
SHA256

0abec1eb56da8f1c5200acf534bad48391fc43b6748d77abcd28f8cc02967e37
SHA512

d31fca4ec953d4920c6f982dbe42aa3c9890a29c019b67b883c6c32497496570dd0b87f51a3c10474d67a5f2ace11d6340945d758aecd60c73b3e27b3a26e3fd
SSDEEP

12288:eyITy6YmSF0lfDeDwdmy9Yc2VScJPhU0PcEO+4hEyESn3Jvu1:Mfnm0lftoWMVb4hEynw

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
415442d1acd7467ba2e907dd671b3ddb_JaffaCakes118

Files

415442d1acd7467ba2e907dd671b3ddb_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

c6ce214cdce5b4acefcf01dd8b7c9de5

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winmm

PlaySoundA

setupapi

SetupIterateCabinetA

kernel32

WideCharToMultiByte
MultiByteToWideChar
CreateDirectoryA
GetTempPathA
SetCurrentDirectoryA
LoadLibraryA
DebugBreak
GlobalUnlock
GlobalLock
FreeLibrary
lstrcpyA
lstrcatA
GetModuleFileNameA
WaitForSingleObject
ResetEvent
CreateEventA
RemoveDirectoryA
MoveFileExA
DeleteFileA
WriteFile
CreateFileA
CopyFileA
MoveFileA
GetTempFileNameA
FindFirstFileA
FindNextFileA
FindClose
GlobalFree
GlobalAlloc
lstrcmpA
GetVersion
Sleep
GetTickCount
GetShortPathNameA
DisableThreadLibraryCalls
InitializeCriticalSection
HeapDestroy
DeleteCriticalSection
ReadFile
GetFileType
GetStdHandle
SetHandleCount
SetUnhandledExceptionFilter
GetDriveTypeA
UnhandledExceptionFilter
TlsGetValue
TlsFree
lstrlenW
HeapCreate
GetEnvironmentVariableA
IsBadWritePtr
VirtualAlloc
VirtualFree
GetStringTypeW
GetStringTypeA
HeapSize
TerminateProcess
GetOEMCP
GetACP
GetCPInfo
ExitProcess
GetCommandLineA
RaiseException
GetLocalTime
GetSystemTime
GetTimeZoneInformation
GetFullPathNameA
GetCurrentDirectoryA
SetEnvironmentVariableA
ExitThread
TlsSetValue
CreateThread
ResumeThread
HeapReAlloc
RtlUnwind
LocalFree
InterlockedExchange
LCMapStringW
FreeEnvironmentStringsA
FreeEnvironmentStringsW
GetEnvironmentStrings
GetEnvironmentStringsW
HeapFree
GetProcessHeap
HeapAlloc
CloseHandle
GetCurrentThread
GetVersionExA
GetCurrentProcess
FlushInstructionCache
GetCurrentThreadId
lstrlenA
InterlockedIncrement
GetModuleHandleW
GetModuleHandleA
GetProcAddress
GetModuleFileNameW
LoadLibraryW
OutputDebugStringA
GetLastError
SetLastError
EnterCriticalSection
LeaveCriticalSection
InterlockedDecrement
FlushFileBuffers
IsBadReadPtr
IsBadCodePtr
SetStdHandle
SetEndOfFile
CompareStringA
GetStartupInfoA
CompareStringW
LocalAlloc
SetFilePointer
TlsAlloc
LCMapStringA

user32

OffsetRect
GetMenuItemInfoA
EnableMenuItem
LoadMenuA
GetSubMenu
InsertMenuA
PeekMessageA
GetMessagePos
LoadBitmapA
DrawFrameControl
GetCursorPos
PostMessageA
ClientToScreen
GetAsyncKeyState
SetWindowRgn
DrawEdge
InflateRect
CopyRect
GetMenu
AdjustWindowRectEx
UpdateWindow
DrawTextA
LoadImageA
IsWindowVisible
SetWindowsHookExA
TrackPopupMenu
UnhookWindowsHookEx
IsWindowEnabled
GetDlgItem
IsChild
SetCapture
RedrawWindow
InvalidateRgn
InvalidateRect
ReleaseCapture
CreateAcceleratorTableA
GetDC
ReleaseDC
BeginPaint
FillRect
EndPaint
GetSysColor
SystemParametersInfoA
MapWindowPoints
EndDialog
RegisterWindowMessageA
GetDlgCtrlID
SetWindowPos
GetWindow
GetSystemMetrics
UnregisterClassA
DialogBoxIndirectParamA
WindowFromPoint
CallNextHookEx
SetCursor
ScreenToClient
PtInRect
GetKeyState
GetClassNameA
DestroyCursor
DrawFocusRect
EndMenu
GetCapture
SetActiveWindow
SetFocus
GetWindowRect
GetClientRect
GetWindowTextA
TranslateMessage
DispatchMessageA
GetWindowTextLengthA
CharUpperA
GetWindowLongA
CharNextA
wvsprintfA
CallWindowProcA
DefWindowProcA
SetTimer
LoadCursorFromFileA
CharLowerA
OpenClipboard
EmptyClipboard
CloseClipboard
MessageBoxA
CreateWindowExA
SetWindowLongA
LoadStringA
GetParent
GetClassInfoExA
RegisterClassExA
LoadCursorA
wsprintfA
ShowWindow
MoveWindow
SetWindowTextA
SendMessageA
GetFocus
IsWindow
DestroyWindow
DestroyMenu
CreatePopupMenu
AppendMenuA
GetDesktopWindow
KillTimer

gdi32

DeleteObject
CreateFontA
CreateRectRgn
SetBkMode
GetTextMetricsA
CreateBrushIndirect
CreateRectRgnIndirect
CreatePatternBrush
SelectClipRgn
GetClipBox
SetBkColor
RestoreDC
SaveDC
SetTextColor
GetTextExtentPointA
GetStockObject
GetObjectA
GetDeviceCaps
CreateSolidBrush
CreateCompatibleBitmap
CreateCompatibleDC
BitBlt
DeleteDC
GetTextExtentPoint32A
SelectObject
ExtTextOutA

shell32

SHAddToRecentDocs
ShellExecuteA
DragQueryFileA
SHEmptyRecycleBinA

ole32

StringFromCLSID
CoTaskMemFree
OleLockRunning
CoTaskMemAlloc
CoCreateGuid
CLSIDFromProgID
OleInitialize
CreateStreamOnHGlobal
OleUninitialize
ReleaseStgMedium
RegisterDragDrop
CoCreateInstance
CoInitialize
CoUninitialize
CLSIDFromString

oleaut32

SysFreeString
SysAllocStringByteLen
SysStringLen
VariantInit
SysStringByteLen
SysAllocStringLen
SysAllocString
VariantClear
LoadTypeLi
OleCreateFontIndirect
LoadRegTypeLi
SafeArrayDestroy
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayCreateVector
DispCallFunc
VariantCopy
VariantChangeType
SafeArrayPutElement
SafeArrayCreate
RegisterTypeLi

wininet

FindFirstUrlCacheEntryA
FindNextUrlCacheEntryA
DeleteUrlCacheEntry
FindCloseUrlCache

shlwapi

PathFileExistsA
PathRemoveFileSpecA

Exports

Exports

CanReload
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
TBStudioReg

Sections

.text
Size: 528KB - Virtual size: 527KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 48KB - Virtual size: 59KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.SHARED
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 20KB - Virtual size: 18KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

c6ce214cdce5b4acefcf01dd8b7c9de5

Headers

File Characteristics

Imports

winmm

setupapi

kernel32

user32

gdi32

shell32

ole32

oleaut32

wininet

shlwapi

Exports

Exports

Sections

.text Size: 528KB - Virtual size: 527KB

.rdata Size: 28KB - Virtual size: 27KB

.data Size: 48KB - Virtual size: 59KB

.SHARED Size: 4KB - Virtual size: 2KB

.rsrc Size: 20KB - Virtual size: 18KB

.reloc Size: 24KB - Virtual size: 23KB

.text
Size: 528KB - Virtual size: 527KB

.rdata
Size: 28KB - Virtual size: 27KB

.data
Size: 48KB - Virtual size: 59KB

.SHARED
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 20KB - Virtual size: 18KB

.reloc
Size: 24KB - Virtual size: 23KB