5ad432fd8e47180cf3a464129b946229_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

5ad432fd8e47180cf3a464129b946229_JaffaCakes118
Size

478KB
MD5

5ad432fd8e47180cf3a464129b946229
SHA1

79ff58c35623e59dfe8bb728f0a8f0f25db75b36
SHA256

58c634a1478217b51a2076aba162a1123d3a84c3b3c6371087d2973a96f68810
SHA512

653dc2628aa8d1529d376abd221bd7f6baa422160244d7bf19e7eac700bdf47df891d8ea8ea8468cc2198cadf3db210656a3fa3c4ce8d67a00afb1ab40713243
SSDEEP

6144:BAqCqFbo6wP09gNDSBGilnrWWJM5nPVfRUu88ipjsTxO0MqeOt/ICX3:BAqCqVolMailKWS5nPVfmsipo3MWQCn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5ad432fd8e47180cf3a464129b946229_JaffaCakes118

Files

5ad432fd8e47180cf3a464129b946229_JaffaCakes118
.dll windows:5 windows x86 arch:x86

9b0ea325601dc44d20f10d5b131e1057

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

F:\PC_Test\bin\UIPlugIn\UIVoice.pdb

Imports

kernel32

UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetSystemTimeAsFileTime
VirtualAlloc
GetCommandLineA
RtlUnwind
RaiseException
HeapReAlloc
ExitProcess
HeapSize
VirtualFree
HeapCreate
HeapDestroy
GetStdHandle
GetModuleFileNameA
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
GetTimeZoneInformation
GetConsoleCP
TerminateProcess
GetTimeFormatA
GetDateFormatA
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetTickCount
InitializeCriticalSectionAndSpinCount
LCMapStringA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
SetStdHandle
CreateFileA
SetEnvironmentVariableA
HeapFree
GetCurrentProcess
FlushFileBuffers
SetFilePointer
WriteFile
InterlockedIncrement
GlobalFlags
SetErrorMode
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
TlsGetValue
LocalAlloc
GetCurrentThread
ConvertDefaultLocale
EnumResourceLanguagesW
GetLocaleInfoW
CompareStringA
lstrcmpA
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
GetVersionExA
GlobalFree
GlobalAlloc
LocalFree
GetCurrentProcessId
GlobalLock
GlobalUnlock
MulDiv
GetModuleHandleA
HeapAlloc
GetProcessHeap
FormatMessageW
InterlockedDecrement
lstrcmpW
lstrcpyW
WideCharToMultiByte
FreeLibrary
InterlockedExchange
LeaveCriticalSection
EnterCriticalSection
CloseHandle
GetCurrentThreadId
CreateMutexW
Sleep
WritePrivateProfileStringW
GetPrivateProfileIntW
GetPrivateProfileStringW
GetModuleFileNameW
lstrcmpiW
lstrlenW
FreeResource
FindResourceW
LoadResource
LockResource
SizeofResource
GetProcAddress
GetModuleHandleW
LoadLibraryW
GetLastError
SetLastError
GetCPInfo
MultiByteToWideChar
lstrlenA
GetVersionExW
GetConsoleMode
GetVersion

user32

PostQuitMessage
CreateDialogIndirectParamW
EndDialog
MoveWindow
SetWindowTextW
IsDialogMessageW
SetDlgItemTextW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
CheckMenuItem
RegisterWindowMessageW
LoadIconW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
GetCapture
GetClassLongW
GetClassNameW
SetPropW
GetPropW
RemovePropW
GetFocus
SetFocus
GetWindowTextLengthW
GetWindowTextW
GetForegroundWindow
SetActiveWindow
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
MapWindowPoints
TrackPopupMenu
SetMenu
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
AdjustWindowRectEx
GetDlgCtrlID
DefWindowProcW
GetMenu
SetWindowPos
SystemParametersInfoA
GetWindowPlacement
SetWindowsHookExW
CallNextHookEx
GetMessageW
GetKeyState
ValidateRect
UnhookWindowsHookEx
DestroyMenu
GetMenuStringW
GetWindowThreadProcessId
GetLastActivePopup
IsWindowEnabled
MessageBoxW
EndPaint
BeginPaint
ScreenToClient
PtInRect
EnableMenuItem
CallWindowProcW
SetWindowLongW
GetWindow
DrawIcon
IsIconic
SetForegroundWindow
IsWindowVisible
LoadMenuW
KillTimer
SetTimer
CopyRect
GetSysColor
FillRect
DrawEdge
IsWindow
ShowWindow
DispatchMessageW
TranslateMessage
PeekMessageW
UpdateWindow
GetCursorPos
DrawStateW
OffsetRect
GetClientRect
LoadCursorW
DrawFocusRect
InflateRect
FrameRect
UnregisterClassW
SetRect
GetMenuItemInfoW
DrawTextW
SystemParametersInfoW
DrawIconEx
DestroyIcon
GetSystemMetrics
GetDesktopWindow
GetDC
ReleaseDC
AppendMenuW
GetMenuItemCount
ModifyMenuW
GetMenuState
GetMenuItemID
CreateMenu
CreatePopupMenu
GetSysColorBrush
LoadBitmapW
PostMessageW
GetWindowRect
GetActiveWindow
WindowFromPoint
ClientToScreen
InvalidateRect
SetCursor
GetParent
GetNextDlgTabItem
IsMenu
SendMessageW
GetWindowLongW
DestroyCursor
GrayStringW
DrawTextExW
TabbedTextOutW
EnableWindow
GetSubMenu

gdi32

SetViewportExtEx
ScaleViewportExtEx
SetWindowOrgEx
SetWindowExtEx
ScaleWindowExtEx
OffsetViewportOrgEx
GetClipBox
SetViewportOrgEx
MoveToEx
LineTo
CreateCompatibleDC
SetMapMode
SetBkMode
RestoreDC
SaveDC
GetDIBColorTable
SetTextColor
SetBkColor
CreateBitmap
GetStockObject
Escape
ExtTextOutW
TextOutW
RectVisible
PtVisible
PatBlt
GetObjectW
DeleteDC
DeleteObject
SelectObject
CreateDIBSection
Ellipse
GetTextExtentPoint32W
CreateFontIndirectW
GetBkMode
CreatePen
CreateSolidBrush
GetDeviceCaps
BitBlt
CreateCompatibleBitmap

msimg32

TransparentBlt

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

RegDeleteKeyW
RegQueryValueExW
RegQueryValueW
RegOpenKeyW
RegEnumKeyW
RegOpenKeyExW
RegSetValueExW
RegCreateKeyExW
RegCloseKey

shell32

ShellExecuteExW
ExtractIconW

comctl32

_TrackMouseEvent

shlwapi

PathFindExtensionW
PathFindFileNameW
PathRemoveFileSpecW

ole32

CoCreateInstance
OleRun

oleaut32

SysAllocString
SysFreeString
SysAllocStringLen
VariantClear
VariantChangeType
VariantInit
GetErrorInfo

gdiplus

GdiplusShutdown

Exports

Exports

PluginGetModule

Sections

.text
Size: 253KB - Virtual size: 252KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 10KB - Virtual size: 27KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 17KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 38KB - Virtual size: 37KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

.text
Size: 94KB - Virtual size: 96KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

9b0ea325601dc44d20f10d5b131e1057

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

msimg32

winspool.drv

advapi32

shell32

comctl32

shlwapi

ole32

oleaut32

gdiplus

Exports

Exports

Sections

.text Size: 253KB - Virtual size: 252KB

.rdata Size: 64KB - Virtual size: 64KB

.data Size: 10KB - Virtual size: 27KB

.rsrc Size: 17KB - Virtual size: 16KB

.reloc Size: 38KB - Virtual size: 37KB

.text Size: 94KB - Virtual size: 96KB

.text
Size: 253KB - Virtual size: 252KB

.rdata
Size: 64KB - Virtual size: 64KB

.data
Size: 10KB - Virtual size: 27KB

.rsrc
Size: 17KB - Virtual size: 16KB

.reloc
Size: 38KB - Virtual size: 37KB

.text
Size: 94KB - Virtual size: 96KB