5fd9fd461118d781994c96deec8f2f75_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

5fd9fd461118d781994c96deec8f2f75_JaffaCakes118
Size

276KB
MD5

5fd9fd461118d781994c96deec8f2f75
SHA1

6f5b7aeb45f47a827683edc7ba0434bc8edca575
SHA256

aed1bbcb8b907b31e0395fd72d4fbf203007de91968a08c565137dcc4addac04
SHA512

9e5e7c93c9314488dc17cbc6ed610b7b017815e214a8fb913f73a711916ccb2852be6ae3df141b2c4451298a7a64b4dc5b9b709af24869cccfed7b7f708b559a
SSDEEP

3072:Pm3cqBaHrvPe3TQiJkoZ9nA+kOzQxbxTD0pmxLi4ocbhu+AQsdazB3bCwQwwo+S:gcqErbi39nA+kOzOup4iBPdazBk1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
5fd9fd461118d781994c96deec8f2f75_JaffaCakes118

Files

5fd9fd461118d781994c96deec8f2f75_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

135a079e0c0d8870142e79a21fbcb3db

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

HeapAlloc
HeapReAlloc
RtlUnwind
GetCommandLineA
RaiseException
GetCurrentThreadId
TlsSetValue
TlsAlloc
TlsFree
TlsGetValue
ExitProcess
GetACP
GetOEMCP
GetStringTypeA
GetEnvironmentVariableA
GetVersionExA
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
TerminateProcess
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
WriteFile
HeapSize
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
LCMapStringA
SetFilePointer
SetStdHandle
FlushFileBuffers
CloseHandle
GetLastError
InterlockedExchange
LoadLibraryA
GetSystemDirectoryA
GetWindowsDirectoryA
GetModuleHandleA
CompareStringA
FreeLibrary
FormatMessageA
LocalAlloc
GetCurrentProcess
FlushInstructionCache
GetVersion
DisableThreadLibraryCalls
MulDiv
FindResourceA
LoadResource
LockResource
SetLastError
lstrcpynA
FindFirstFileA
FindNextFileA
FindClose
OutputDebugStringA
DebugBreak
GetCurrentDirectoryA
GetModuleFileNameA
GlobalAlloc
GlobalLock
lstrcpyA
GlobalUnlock
GlobalFree
LocalFree
lstrlenA
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InterlockedIncrement
InterlockedDecrement
InitializeCriticalSection
HeapFree

user32

GetSysColor
GetWindowTextA
ReleaseDC
GetDC
DrawTextA
GetSystemMetrics
SetWindowTextA
GetScrollBarInfo
GetClientRect
DestroyWindow
MoveWindow
SetFocus
EndPaint
SendMessageA
BeginPaint
GetUpdateRect
GetWindowRect
GetActiveWindow
wsprintfA
DrawEdge
CopyRect
DrawFocusRect
GetMessagePos
GetScrollInfo
SetScrollPos
DrawStateA
GetIconInfo
GetWindow
GetNextDlgTabItem
IsDialogMessageA
InflateRect
MapWindowPoints
GetWindowDC
LoadBitmapA
InvertRect
ScrollWindowEx
GetCapture
UpdateWindow
SetCapture
RegisterWindowMessageA
CreateWindowExA
IntersectRect
EqualRect
OffsetRect
SetWindowRgn
UnionRect
PtInRect
GetFocus
IsChild
ClientToScreen
GetDialogBaseUnits
EndDialog
EnumChildWindows
SetWindowPos
SetRectEmpty
SetScrollInfo
SystemParametersInfoA
GetParent
DefWindowProcA
LoadCursorA
SetCursor
IsWindow
CharNextA
wvsprintfA
LoadStringA
GetDlgItem
ShowWindow
GetCursorPos
GetKeyState
ScreenToClient
CreateCaret
ShowCaret
SetCaretPos
HideCaret
DestroyCaret
InvalidateRect
FillRect
ReleaseCapture

gdi32

GetTextExtentPointA
GetObjectA
CreateFontIndirectA
StretchDIBits
Rectangle
SetTextAlign
TextOutA
GetStockObject
CreateCompatibleDC
GetTextMetricsA
CreateSolidBrush
CreatePen
SetBkMode
SetTextColor
DeleteObject
SelectObject
GetDeviceCaps
LPtoDP
SaveDC
SetMapMode
SetWindowOrgEx
SetViewportOrgEx
DeleteDC
RestoreDC
SetBkColor
CreateRectRgnIndirect
DeleteMetaFile
CloseMetaFile
SetWindowExtEx
CreateMetaFileA
ExcludeClipRect
SetRectRgn
PtInRegion
CreateRectRgn
SetPixel
GetPixel
GetDIBits
CreateDIBitmap
RoundRect
SetDIBitsToDevice
SetStretchBltMode
CreateRoundRectRgn
CreateDIBPatternBrushPt
FillRgn
CreatePolygonRgn
CombineRgn
BitBlt
PatBlt
StretchBlt
CreatePatternBrush
CreateBitmap
CreateCompatibleBitmap
SetROP2

comdlg32

GetSaveFileNameA
GetOpenFileNameA
ChooseFontA
ChooseColorA

shell32

DragQueryFileA

ole32

CoCreateInstance
CLSIDFromProgID
CoInitialize
OleRun
CoTaskMemFree
OleRegEnumVerbs
OleRegGetUserType
CreateOleAdviseHolder
OleRegGetMiscStatus
CreateDataAdviseHolder
CoTaskMemAlloc
RegisterDragDrop
CoUninitialize
DoDragDrop
ReleaseStgMedium

oleaut32

SafeArrayUnaccessData
GetErrorInfo
VariantInit
VariantCopy
DispCallFunc
OleCreatePropertyFrame
OleTranslateColor
SysStringLen
LoadRegTypeLi
SysAllocStringLen
SysStringByteLen
SysAllocStringByteLen
SysAllocString
SafeArrayCreate
SysFreeString
VariantClear
SafeArrayGetElement
SafeArrayAccessData

atl

ord23
ord21
ord16
ord15
ord18
ord32
ord26
ord27
ord46
ord10
ord11
ord30
ord36
ord48
ord47
ord54
ord43
ord38
ord50
ord44
ord31
ord51
ord28
ord58
ord57

comctl32

ImageList_Add
ImageList_Create
ImageList_Draw
ImageList_AddMasked
ImageList_Replace
ImageList_LoadImageA
ImageList_Destroy

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 152KB - Virtual size: 148KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 28KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 21KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 60KB - Virtual size: 57KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 16KB - Virtual size: 15KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

135a079e0c0d8870142e79a21fbcb3db

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

shell32

ole32

oleaut32

atl

comctl32

Exports

Exports

Sections

.text Size: 152KB - Virtual size: 148KB

.rdata Size: 28KB - Virtual size: 26KB

.data Size: 16KB - Virtual size: 21KB

.rsrc Size: 60KB - Virtual size: 57KB

.reloc Size: 16KB - Virtual size: 15KB

.text
Size: 152KB - Virtual size: 148KB

.rdata
Size: 28KB - Virtual size: 26KB

.data
Size: 16KB - Virtual size: 21KB

.rsrc
Size: 60KB - Virtual size: 57KB

.reloc
Size: 16KB - Virtual size: 15KB