63ce40dffc1aa5998cfd7724f77090b7_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

63ce40dffc1aa5998cfd7724f77090b7_JaffaCakes118
Size

396KB
MD5

63ce40dffc1aa5998cfd7724f77090b7
SHA1

b11cd5f95ef3954b2bcbec4243b7a9197e367448
SHA256

6320d5054678e8dae37e4bb745039a4edaac645a8dd3c133e58bbd56ce46b2b3
SHA512

7e7f8278668aba91f6c369746750a915480a0ab5962976107e79b2a0afb1371dc8d1d312f06b72d6296ebf58a53d298c581ccceeaa000c8b1211dfc08871c4c7
SSDEEP

6144:hnuYNQHNW/vwCrWPPqdArYdLpRyAxtLdtBjgZLWYCfoL71zV:hn3iNo9ynqdaY77/0ZydoL77

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
63ce40dffc1aa5998cfd7724f77090b7_JaffaCakes118

Files

63ce40dffc1aa5998cfd7724f77090b7_JaffaCakes118
.dll windows:4 windows x86 arch:x86

fb04083364b8c08aa7fcf6361967163b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\UPLOAD\Remover\syslgm\Release\syslgm.pdb

Imports

kernel32

GetCPInfo
GetOEMCP
ExitProcess
HeapFree
RtlUnwind
HeapAlloc
GetCommandLineA
RaiseException
HeapReAlloc
HeapSize
QueryPerformanceCounter
GetSystemTimeAsFileTime
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
GetStringTypeW
SetHandleCount
GetStdHandle
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetUnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
VirtualProtect
GetSystemInfo
VirtualQuery
SetStdHandle
FlushFileBuffers
SetFilePointer
WriteFile
ReadFile
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GlobalFlags
WritePrivateProfileStringA
InterlockedIncrement
SetErrorMode
lstrcatA
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
TlsGetValue
EnterCriticalSection
GlobalHandle
GlobalReAlloc
LeaveCriticalSection
LocalAlloc
InterlockedDecrement
GlobalAddAtomA
GetCurrentThread
FreeLibrary
GlobalDeleteAtom
lstrcmpA
GetModuleFileNameA
GetModuleHandleA
ConvertDefaultLocale
EnumResourceLanguagesA
lstrcpyA
SetLastError
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageA
lstrcpynA
LocalFree
CreateToolhelp32Snapshot
Process32First
GetCurrentProcessId
Process32Next
GetFileAttributesA
GetDriveTypeA
SetFileAttributesA
DeleteFileA
GetLastError
OpenProcess
GetExitCodeProcess
TerminateProcess
CloseHandle
GetCurrentProcess
GetCurrentThreadId
GetTickCount
LoadResource
LockResource
SizeofResource
FindResourceA
LoadLibraryA
GetProcAddress
CreateThread
CreateEventA
WaitForSingleObject
lstrlenA
lstrcmpiA
WideCharToMultiByte
MultiByteToWideChar
GetVersion
GetThreadLocale
GetLocaleInfoA
GetACP
GetVersionExA
GetStringTypeA
InterlockedExchange

user32

CallWindowProcA
SystemParametersInfoA
IsIconic
GetWindowPlacement
CopyRect
SetWindowPos
ShowWindow
SetWindowLongA
GetDlgItem
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
ClientToScreen
GetWindow
GetDlgCtrlID
GetWindowRect
PtInRect
GetWindowTextA
SetWindowTextA
GetClassNameA
GetSystemMetrics
GetDC
ReleaseDC
GetSysColor
GetSysColorBrush
UnhookWindowsHookEx
SetMenuItemBitmaps
ModifyMenuA
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageA
GetCursorPos
SetForegroundWindow
ValidateRect
MessageBoxA
GetParent
GetWindowLongA
GetLastActivePopup
IsWindowEnabled
EnableWindow
SendMessageA
SetCursor
PostMessageA
PostQuitMessage
wsprintfA
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
DefWindowProcA
LoadCursorA
RegisterClassExA
CreateWindowExA
RegisterClassA
GetClassInfoA
RegisterDeviceNotificationA
AdjustWindowRectEx
GetMenu
GetFocus
GetClientRect
DestroyMenu
RegisterWindowMessageA
WinHelpA
GetCapture
GetClassLongA
GetClassInfoExA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
LoadIconA
MapWindowPoints
UnregisterClassA

gdi32

PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
SelectObject
SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
DeleteDC
GetStockObject
DeleteObject
GetClipBox
SetMapMode
SetTextColor
SetBkColor
RestoreDC
CreateBitmap
GetDeviceCaps
SaveDC

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

EnumServicesStatusA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyA
QueryServiceStatus
ChangeServiceConfigA
ControlService
OpenServiceA
QueryServiceConfigA
RegSetValueExA
OpenSCManagerA
CloseServiceHandle
RegEnumValueA
RegDeleteValueA
RegOpenKeyExA
RegQueryValueExA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegCreateKeyExA
RegCloseKey

shell32

SHGetSpecialFolderPathA

comctl32

ord17

shlwapi

PathFindExtensionA
PathFindFileNameA

oleaut32

VariantInit
VariantChangeType
VariantClear

wininet

InternetSetOptionA
InternetOpenA
InternetOpenUrlA
InternetReadFile
InternetCloseHandle

oleacc

LresultFromObject
CreateStdAccessibleObject

Exports

Exports

LogonEvent
Start

Sections

.text
Size: 312KB - Virtual size: 309KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 36KB - Virtual size: 32KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 16KB - Virtual size: 14KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 20KB - Virtual size: 19KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

fb04083364b8c08aa7fcf6361967163b

Headers

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

winspool.drv

advapi32

shell32

comctl32

shlwapi

oleaut32

wininet

oleacc

Exports

Exports

Sections

.text Size: 312KB - Virtual size: 309KB

.rdata Size: 36KB - Virtual size: 32KB

.data Size: 8KB - Virtual size: 19KB

.rsrc Size: 16KB - Virtual size: 14KB

.reloc Size: 20KB - Virtual size: 19KB

.text
Size: 312KB - Virtual size: 309KB

.rdata
Size: 36KB - Virtual size: 32KB

.data
Size: 8KB - Virtual size: 19KB

.rsrc
Size: 16KB - Virtual size: 14KB

.reloc
Size: 20KB - Virtual size: 19KB