41bb96e64769bb3bbdc6cd26322890c9_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

41bb96e64769bb3bbdc6cd26322890c9_JaffaCakes118
Size

231KB
MD5

41bb96e64769bb3bbdc6cd26322890c9
SHA1

bdfbb3fffa04be9c1b1a8fa9554c1ea1ce1d26ac
SHA256

4f5a10628a7d5688d69dc9e501a985884e12486b9ea3da5a782f10f489bd0b4e
SHA512

e53f6c9fe2aff096abb8c901465a16260da2c1dad5dd5cb2e37959446b02296cc82f0c784e12158c3a1b890630d22c57ecfcb35b81f08e48ab227e16658c8095
SSDEEP

6144:AFIjqTVXbmJHTkEEE3or9wz5+DMDVPJYiFUK9u2t6d:ACjqxrmZTrL3oCXPNQ2t6d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
41bb96e64769bb3bbdc6cd26322890c9_JaffaCakes118

Files

41bb96e64769bb3bbdc6cd26322890c9_JaffaCakes118
.dll windows:4 windows x86 arch:x86

9df0706e2937d4d2b05cde776766fd22

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

shlwapi

SHGetValueA
SHDeleteValueA
SHSetValueA

msvcrt

_except_handler3
fclose
atoi
malloc
free
vsprintf
mktime
fwrite
fopen
printf
sprintf
strrchr
_strlwr
_strnicmp
localtime
_mbsnbicmp
memmove
__CxxFrameHandler
strstr
fread
??2@YAPAXI@Z
ftell
fseek
time
getenv
rand
srand
_stat
_CxxThrowException
strncmp
wprintf
_purecall
_ftol
_CIasin
_mbscmp
??1type_info@@UAE@XZ
_CIacos
_CIpow
_setjmp3
__CxxLongjmpUnwind
longjmp
_adjust_fdiv
_initterm
?terminate@@YAXXZ
rename
_onexit
__dllonexit
_mkdir
strftime
_stricmp
isspace
strchr
abort
strtok
strncpy
wcscpy
wcscat
wcslen
atol
sscanf
_snprintf
_access

ws2_32

gethostbyname
ntohl
inet_addr
htons
ntohs
WSAStartup
sendto
socket
bind
recvfrom
gethostname

iphlpapi

GetAdaptersInfo

rasapi32

RasGetEntryDialParamsA
RasEnumEntriesA
RasEnumConnectionsA

setupapi

SetupDiCallClassInstaller
SetupDiSetClassInstallParamsA
SetupDiGetDeviceRegistryPropertyA
SetupDiEnumDeviceInfo
SetupDiGetClassDevsA
SetupDiDestroyDeviceInfoList

netapi32

Netbios

advapi32

RegOpenKeyExA
RegQueryValueExW
RegCloseKey
RegQueryValueExA
DeleteService
CloseServiceHandle
ControlService
OpenServiceA
OpenSCManagerA
RegSetValueExA
RegCreateKeyExA
RegEnumKeyExA
RegQueryInfoKeyA
CreateServiceA
StartServiceA
RegEnumValueA
GetUserNameA
LookupAccountNameA
ConvertSidToStringSidW
LsaOpenPolicy
LsaRetrievePrivateData
LsaClose
RegConnectRegistryA
RegOpenKeyA
RegEnumKeyA
RegOpenKeyExW

user32

ChangeClipboardChain
PostQuitMessage
SetClipboardViewer
DefWindowProcA
GetPriorityClipboardFormat
OpenClipboard
GetClipboardData
GetForegroundWindow
GetWindowTextA
CloseClipboard
SendMessageA
RegisterClassExA
CreateWindowExA
SetTimer
GetMessageA
TranslateMessage
DispatchMessageA
IsCharAlphaNumericA
wsprintfW
wsprintfA
GetProcessWindowStation
GetThreadDesktop
OpenWindowStationA
SetProcessWindowStation
OpenDesktopA
SetThreadDesktop
GetDC
ReleaseDC
CloseWindowStation
CloseDesktop
GetSystemMetrics

oleaut32

GetErrorInfo

kernel32

FileTimeToLocalFileTime
FileTimeToSystemTime
lstrcatA
lstrcpyA
SetFilePointer
FindFirstFileA
FindNextFileA
FindClose
GetCurrentProcessId
GetCurrentThread
GetCurrentProcess
CreateToolhelp32Snapshot
GetDriveTypeA
GetLogicalDriveStringsA
Process32First
Process32Next
GetSystemDefaultLCID
GetEnvironmentVariableA
WideCharToMultiByte
GetDiskFreeSpaceExA
GetPrivateProfileStringA
InterlockedCompareExchange
OpenProcess
TerminateProcess
CreatePipe
GetStartupInfoA
GetVersionExA
GetSystemDirectoryA
MoveFileExA
GetModuleHandleW
TerminateThread
LocalFree
LocalAlloc
lstrlenA
SetLastError
CreateFileW
GetVolumeInformationA
GetLogicalDrives
GetModuleFileNameA
GetDiskFreeSpaceExW
GetVolumeInformationW
GetSystemDirectoryW
WritePrivateProfileStringA
DeleteCriticalSection
ResumeThread
GetExitCodeThread
CreateEventA
InitializeCriticalSection
LeaveCriticalSection
WaitForSingleObject
EnterCriticalSection
SetEvent
GetCurrentThreadId
FreeLibrary
GetProcAddress
LoadLibraryA
CreateThread
CreateProcessA
GetLastError
InterlockedExchange
GlobalAlloc
GlobalLock
GlobalHandle
GlobalUnlock
GlobalFree
DeviceIoControl
GetFileSize
SizeofResource
LockResource
LoadResource
FindResourceA
EndUpdateResourceA
UpdateResourceA
BeginUpdateResourceA
MoveFileA
DeleteFileA
CopyFileA
GetTickCount
GetLocalTime
InterlockedDecrement
InterlockedIncrement
GetPrivateProfileIntA
ReadFile
Sleep
SystemTimeToFileTime
GetFileTime
LocalFileTimeToFileTime
SetFileTime
OutputDebugStringA
CreateMutexA
MultiByteToWideChar
CloseHandle
WriteFile
CreateFileA
GetTempPathA
GetWindowsDirectoryA
SetFileAttributesA

mfc42

ord537
ord800
ord535
ord860
ord540
ord6877
ord2818
ord858
ord924
ord4129
ord5683
ord801
ord541
ord2614
ord354
ord665
ord5710
ord6883
ord4278

gdi32

CreateDCA
CreateCompatibleDC
CreateCompatibleBitmap
SelectObject
BitBlt
GetDeviceCaps
GetStockObject
SelectPalette
RealizePalette
GetDIBits
DeleteObject
GetPixel
DeleteDC

shell32

SHGetSpecialFolderPathA
SHGetSpecialFolderLocation
SHGetPathFromIDListA

ole32

CoTaskMemFree
CoInitialize
CoCreateInstance
CoUninitialize
StgOpenStorage
StgIsStorageFile

winmm

waveInStart
mixerOpen
mixerGetLineInfoA
mixerGetLineControlsA
mixerGetNumDevs
waveInUnprepareHeader
waveInOpen
waveInGetErrorTextA
waveInPrepareHeader
waveInAddBuffer
waveInReset
waveInClose
mixerSetControlDetails
mixerGetControlDetailsA
mixerGetDevCapsA
mixerClose

Exports

Exports

DealA
DealB
DealC

Sections

.text
Size: 173KB - Virtual size: 173KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 28KB - Virtual size: 76KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

9df0706e2937d4d2b05cde776766fd22

Headers

File Characteristics

Imports

shlwapi

msvcrt

ws2_32

iphlpapi

rasapi32

setupapi

netapi32

advapi32

user32

oleaut32

kernel32

mfc42

gdi32

shell32

ole32

winmm

Exports

Exports

Sections

.text Size: 173KB - Virtual size: 173KB

.rdata Size: 16KB - Virtual size: 15KB

.data Size: 28KB - Virtual size: 76KB

.reloc Size: 12KB - Virtual size: 11KB

.text
Size: 173KB - Virtual size: 173KB

.rdata
Size: 16KB - Virtual size: 15KB

.data
Size: 28KB - Virtual size: 76KB

.reloc
Size: 12KB - Virtual size: 11KB