5e2a9d188ebbe5bdca267ee140941fae_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5e2a9d188ebbe5bdca267ee140941fae_JaffaCakes118
Size

132KB
MD5

5e2a9d188ebbe5bdca267ee140941fae
SHA1

5269a8abf12abc9a019ed1eee3569cf9bc41be2a
SHA256

d0fcd73dbd165d101ea9eaf6eede423b655a9695cb6c720cb0bca52f5e4a7bae
SHA512

9cebdd3229474c7f696a9c085c929eeeb4d2158958dc46d70ee11f189350f8cbb9bc749b63ebec77aae7311b2569847fad9c7101337188176719d4f0ebb2607b
SSDEEP

3072:C7ay9rop7RzZWxrFGvSfx0tpFruVpSagUYs2bqed:CGQsp7RKGvSepFmph+d

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5e2a9d188ebbe5bdca267ee140941fae_JaffaCakes118

Files

5e2a9d188ebbe5bdca267ee140941fae_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

4cba6cfbb51a0eba22614c9715fb773d

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

DeleteFileW
CreateTimerQueue
GlobalFindAtomW
SetHandleCount
ExpandEnvironmentStringsW
FindFirstChangeNotificationA
CopyFileExW
SetFileApisToOEM
FreeResource
ExitThread
GetConsoleOutputCP
GetProcessVersion
lstrlenW
GlobalAddAtomW
GetFileSize
QueueUserWorkItem
GetDateFormatA
LocalSize
DosDateTimeToFileTime
SwitchToThread
ResetEvent
FindVolumeClose
SearchPathW
FindClose
SetFilePointerEx
CreateToolhelp32Snapshot
GlobalFindAtomA
CreateWaitableTimerA
LocalReAlloc
UnlockFile
GetModuleHandleW
GetConsoleCP
RaiseException
FindNextFileW
GetTempFileNameA
SystemTimeToFileTime
GetSystemWindowsDirectoryA
GetSystemInfo
GlobalReAlloc
FindFirstChangeNotificationW
SetHandleInformation
GetTimeFormatA
UpdateResourceA
IsValidLanguageGroup
SetFileAttributesA
GetCurrentThread
GetUserDefaultLangID
GetTempFileNameW
WriteProfileStringA
GlobalMemoryStatus
GetShortPathNameW
SetTimeZoneInformation
IsWow64Process
GetCurrentDirectoryA
EnumSystemLocalesA
GlobalGetAtomNameA
PurgeComm
WriteConsoleInputA
GetProfileSectionA
TerminateProcess
FlushFileBuffers
DeleteTimerQueueEx
GetStdHandle
GetFileTime
FormatMessageA
ReadFileEx
ProcessIdToSessionId
SetConsoleCursorPosition
IsValidLocale
GetCompressedFileSizeW
MapViewOfFileEx
GetLogicalDriveStringsW
GetDateFormatW
GetDriveTypeA
OpenFileMappingA
ResumeThread
CreateWaitableTimerW
DeviceIoControl
TerminateThread
UnlockFileEx
WaitForSingleObjectEx
HeapWalk
FindFirstFileExW
GetSystemDirectoryA
WriteFileEx
SetCurrentDirectoryW
SetInformationJobObject
VerSetConditionMask
ReadConsoleW
LocalHandle
GetSystemDefaultLangID
GetProfileIntW
GetDiskFreeSpaceExW
WaitForMultipleObjectsEx
GetTickCount
RtlMoveMemory
GetTimeFormatW
WinExec
lstrcatW
GetFileAttributesW
lstrcmpiW
WriteConsoleW
RemoveDirectoryA
AddAtomW
GetBinaryTypeA
CreateSemaphoreA
OpenMutexA
GetCurrentThreadId
ExitProcess
lstrcatA
ReadConsoleA
CreatePipe
OpenProcess
SleepEx
UnregisterWaitEx
CreateMutexA
CloseHandle
UnmapViewOfFile
InitializeCriticalSection
InterlockedIncrement
GetCurrentProcessId
CreateFileMappingA
EnterCriticalSection
CreateThread
DeleteFileA
GetSystemTimeAsFileTime
ReadFile
LocalFree
GlobalAlloc
InterlockedDecrement
HeapFree
WriteFile
GetLastError
CreateFileA
ExpandEnvironmentStringsA
GetProcAddress
CopyFileA
GetModuleHandleA
VirtualProtect
VirtualQuery
InterlockedExchange
LoadLibraryA
MoveFileA
CreateNamedPipeW

user32

ToUnicodeEx
DrawAnimatedRects
SetCursor
ShowOwnedPopups
ClientToScreen
ChangeMenuA
GetTopWindow
InsertMenuA
ValidateRect
DestroyCursor
RedrawWindow
NotifyWinEvent
SetMenuItemInfoA
SetFocus
RemoveMenu
FillRect
GetMonitorInfoW
LoadBitmapA
LoadIconW
SetCursorPos
GetAsyncKeyState
DestroyAcceleratorTable
GetDlgItemTextA
InvalidateRect
MessageBoxIndirectW
GetSubMenu
DestroyCaret
GetSystemMenu
WaitMessage
UnregisterClassW
MsgWaitForMultipleObjectsEx
GetMenuStringW
OpenIcon
CallWindowProcA
UnionRect
OpenWindowStationA
InsertMenuW
GetWindowContextHelpId
GetPropW
DrawTextExW
FindWindowExA
GetDesktopWindow
UnhookWindowsHook
MessageBoxW
GetSysColor
EndPaint
GetInputState
GetGUIThreadInfo
GetMenuStringA
GetWindowTextLengthA
UnpackDDElParam
RemovePropA
MapVirtualKeyA
PackDDElParam
GetUpdateRgn
ReleaseDC
GetFocus
SetRectEmpty
BeginPaint
PostMessageA
MessageBoxA
IsDialogMessageA
IsZoomed
EnumDisplaySettingsA
OemToCharBuffA
LoadMenuW
CharUpperBuffW
LoadImageA
CloseWindowStation
MsgWaitForMultipleObjects
GetProcessDefaultLayout
GetMonitorInfoA
MapDialogRect
GetUserObjectInformationW
DefDlgProcA
CreateIconIndirect
wvsprintfA
GetSystemMetrics
InvertRect
GetWindowRgn
GetCursorPos
AppendMenuW
DrawIconEx
SetPropA
WaitForInputIdle
SetMenuItemInfoW
SetWindowPos
IsWindowVisible
GetMenuItemCount
DefWindowProcW
GetWindowLongW
TranslateMDISysAccel
DeferWindowPos
TabbedTextOutW
MapVirtualKeyExW
SendNotifyMessageA
MessageBoxExA
CharUpperW
CharLowerW
SendDlgItemMessageW
GetQueueStatus
DrawTextA
GetUpdateRect
SetCapture
TrackPopupMenuEx
CreateWindowExW
DrawStateA
SetClassLongW
UpdateLayeredWindow
MonitorFromRect
CharToOemW
EqualRect
AdjustWindowRect
DialogBoxParamW
DialogBoxIndirectParamW
CreateDialogIndirectParamA
WinHelpA
LoadImageW
DispatchMessageW
SetParent
CreateCaret
LoadBitmapW
GetCaretPos
DefMDIChildProcA
CharPrevA
EnableWindow
GetTabbedTextExtentA
AllowSetForegroundWindow
DeleteMenu
DefWindowProcA
GetWindowThreadProcessId
CallNextHookEx
DispatchMessageA
SendMessageA
GetClassNameA
UnhookWindowsHookEx
FindWindowA
GetClientRect
GrayStringA

shlwapi

PathRemoveArgsW
PathCreateFromUrlW
StrFormatKBSizeW
UrlCanonicalizeW
SHGetValueW
SHDeleteKeyW
wnsprintfW
PathIsUNCServerShareW
PathAddExtensionW
UrlUnescapeW
SHDeleteKeyA
PathIsURLW
StrStrIA
StrCpyW
SHDeleteValueW
PathFindNextComponentW
SHCreateShellPalette
PathSetDlgItemPathW
UrlIsW
PathIsRelativeW
PathIsPrefixW
SHRegSetPathW
SHRegGetValueW
StrStrIW
SHRegSetUSValueW
PathRemoveFileSpecW
PathIsRootW
StrCpyNW
PathGetCharTypeW
SHAutoComplete
PathFileExistsW
StrCmpNIW
PathRemoveFileSpecA
PathRenameExtensionW
StrRetToBufW

advapi32

RegQueryInfoKeyA
GetSecurityDescriptorSacl
RegQueryValueExA
ConvertSidToStringSidA
RegEnumKeyExA
SetNamedSecurityInfoA
RegCreateKeyExA
ConvertStringSecurityDescriptorToSecurityDescriptorA
EnumDependentServicesA
RegisterServiceCtrlHandlerExA
UnlockServiceDatabase
OpenEventLogW
RegNotifyChangeKeyValue
SetTokenInformation
RegOpenKeyW
GetNumberOfEventLogRecords
ImpersonateAnonymousToken
DuplicateToken
RegUnLoadKeyW
CreateServiceA
CreateServiceW
RegSetValueExW
ReportEventA
GetUserNameW
RegEnumKeyA
RegLoadKeyA
RegEnumKeyExW
ClearEventLogW
QueryServiceConfigW
DuplicateTokenEx
StartServiceCtrlDispatcherA
ReadEventLogW
RegConnectRegistryA
OpenProcessToken
CloseEventLog
RegisterEventSourceW
RegQueryInfoKeyW
OpenSCManagerA
DeregisterEventSource
RegRestoreKeyW
GetUserNameA
RegCreateKeyA
ImpersonateSelf
RegUnLoadKeyA
RegQueryValueW
NotifyChangeEventLog
MakeAbsoluteSD
GetServiceDisplayNameW
ControlService
CreateProcessAsUserW

gdi32

CloseFigure
CreateDiscardableBitmap
RoundRect
CreatePalette
CreateFontW
GetTextAlign
SetDIBColorTable
PtInRegion
SetWindowExtEx
MoveToEx
GetNearestPaletteIndex
DeleteObject
SetPolyFillMode
SetPixelV
GetDCOrgEx
GetMetaFileBitsEx
EnumFontFamiliesExW
CreateRectRgnIndirect
EnumEnhMetaFile
PtVisible
SetAbortProc
GetBrushOrgEx
OffsetWindowOrgEx
CopyEnhMetaFileA
SetLayout
EnumFontFamiliesW
SetBitmapDimensionEx
EndDoc
GetCharABCWidthsW
GetSystemPaletteUse
SetGraphicsMode
GetPixel
AnimatePalette
InvertRgn
PolylineTo
PolyPolygon
SetMetaFileBitsEx
EnumFontFamiliesA
SetMiterLimit
DeleteDC
GetEnhMetaFileHeader
GetCharABCWidthsA
IntersectClipRect
PlayMetaFileRecord
ResetDCA
CreateHatchBrush
StartDocW
RealizePalette
GetDIBits
SetBkColor
GetWindowOrgEx
GetTextFaceW
GetObjectType
StartPage
LPtoDP
GetTextColor
UpdateColors
GetMapMode
ExtEscape
GetSystemPaletteEntries
EnumFontFamiliesExA
GetTextCharset
GetFontResourceInfoW
CreateDCW
SelectPalette
GetStockObject
SetMagicColors
GetTextExtentPoint32A
RemoveFontResourceA
CreateDIBPatternBrushPt
ScaleWindowExtEx
SetMetaRgn
PaintRgn
CombineRgn
ExtTextOutA
PolyPolyline
GetViewportExtEx
GetTextExtentExPointA
SetBrushOrgEx

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 104KB - Virtual size: 100KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 11KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4cba6cfbb51a0eba22614c9715fb773d

Headers

File Characteristics

Imports

kernel32

user32

shlwapi

advapi32

gdi32

Exports

Exports

Sections

.text Size: 104KB - Virtual size: 100KB

.rdata Size: 12KB - Virtual size: 11KB

.data Size: 8KB - Virtual size: 7KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 104KB - Virtual size: 100KB

.rdata
Size: 12KB - Virtual size: 11KB

.data
Size: 8KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 3KB