63d155df0385f81b280a24c7d8e74ed1_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

63d155df0385f81b280a24c7d8e74ed1_JaffaCakes118
Size

308KB
MD5

63d155df0385f81b280a24c7d8e74ed1
SHA1

b5693b2084d09af05393eef4c6a97b4d957552f7
SHA256

d444f0b3df693fc02dcb1c3c64258977f8e0d16e32e5910b3ee0d510cb96bedf
SHA512

eccc8e30322a9e8c88120c81ab5b2b31b6eab5245d6d1fda996aa1a4010328089dea939a99b949d4f17192503fa178c0787a55d878e41e462a217b2bf4d4b94d
SSDEEP

6144:VKd/vwEpsTVgPWu2nZcN6CUkZE/c0yKSIkT1QSA7/iuqHX3NRSmnt0:AdgEpqVVu2/ctvIkCSANqHXio

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
63d155df0385f81b280a24c7d8e74ed1_JaffaCakes118

Files

63d155df0385f81b280a24c7d8e74ed1_JaffaCakes118
.dll regsvr32 windows:5 windows x86 arch:x86

4f066652a3a48d9cb35c4edf22cce4f6

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

user32

DefWindowProcW
CallWindowProcW
GetFocus
IsChild
BeginPaint
LoadStringW
SetWindowLongW
GetWindowLongW
IsWindow
EndPaint
SendMessageW
IntersectRect
EqualRect
GetKeyState
DestroyAcceleratorTable
RegisterClassExW
OffsetRect
SetWindowRgn
GetClassInfoExW
CreateWindowExW
InvalidateRect
SetWindowPos
GetClientRect
MoveWindow
UnionRect
PtInRect
DestroyWindow
SetFocus
ShowWindow
LoadImageW
GetMenuItemInfoW
GetMenuItemCount
DestroyMenu
RegisterClipboardFormatW
WinHelpW
PostMessageW
GetActiveWindow
CharPrevW
EndDialog
InsertMenuW
GetWindowTextLengthW
SetWindowTextW
DialogBoxParamW
GetWindowTextW
GetDlgItem
GetParent
CharNextW
MessageBoxW
LoadCursorW
SetCursor
wsprintfW
LoadBitmapW
GetDC
ReleaseDC
LoadIconW
EnableWindow

kernel32

GlobalUnlock
ExitProcess
GlobalSize
GetCurrentProcess
FlushInstructionCache
HeapAlloc
GetCurrentThreadId
GlobalAlloc
GlobalLock
lstrcatW
lstrlenW
GetModuleFileNameW
InterlockedIncrement
InterlockedDecrement
ExpandEnvironmentStringsW
MultiByteToWideChar
lstrcpyW
HeapFree
GetProcessHeap
InitializeCriticalSection
DeleteCriticalSection
lstrcmpiW
lstrcpynW
LeaveCriticalSection
EnterCriticalSection
HeapDestroy
GlobalFree
DisableThreadLibraryCalls
FreeLibrary
GetProcAddress
LoadLibraryW
lstrlenA
SizeofResource
LoadResource
FindResourceW
GetLastError
LoadLibraryExW
GetShortPathNameW

gdi32

GetDIBColorTable
CreatePalette
CreateMetaFileW
SetWindowExtEx
CloseMetaFile
DeleteMetaFile
CreateDCW
GetDeviceCaps
LPtoDP
SaveDC
SetMapMode
SetWindowOrgEx
SetViewportOrgEx
RestoreDC
DeleteObject
CreateCompatibleDC
SelectObject
DeleteDC
CreateRectRgnIndirect

ole32

CreateOleAdviseHolder
CreateStreamOnHGlobal
StringFromGUID2
CoUninitialize
CoInitialize
CLSIDFromString
OleSaveToStream
WriteClassStm
OleLoadFromStream
CreateDataAdviseHolder
OleRegGetMiscStatus
OleRegGetUserType
OleRegEnumVerbs
CoTaskMemRealloc
CoTaskMemFree
ReleaseStgMedium
CoCreateGuid
StringFromCLSID
CoCreateInstance
CoTaskMemAlloc

oleaut32

SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayPutElement
SafeArrayCreate
SafeArrayDestroy
VariantInit
SafeArrayGetElement
VariantClear
RegisterTypeLi
LoadTypeLi
VarUI4FromStr
SysAllocString
SysFreeString
OleCreatePropertyFrame
SysStringLen
LoadRegTypeLi
SysStringByteLen
VariantChangeType
SysAllocStringByteLen

advapi32

RegSetValueExW
RegOpenKeyExW
RegCreateKeyExW
RegQueryInfoKeyW
RegDeleteValueW
RegDeleteKeyW
RegEnumValueW
RegEnumKeyExW
RegCloseKey

comctl32

CreatePropertySheetPageW
DestroyPropertySheetPage
ImageList_Create
ImageList_ReplaceIcon
PropertySheetW

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

mfc42

ord823
ord825

msvcrt

_except_handler3
wcstok
??1type_info@@UAE@XZ
?terminate@@YAXXZ
wcscpy
wcslen
__CxxFrameHandler
malloc
free
realloc
_purecall
__RTDynamicCast
swprintf
swscanf
wcsstr
_vsnwprintf
_wcsicmp
_snwprintf
_CxxThrowException
wcscmp
_wcsdup
_wcsupr
_initterm
_adjust_fdiv

comres

COMResModuleInstance

msvcp60

??1_Lockit@std@@QAE@XZ
??0_Lockit@std@@QAE@XZ

activeds

ord7
ord3
ord9

dsuiext

ord10

shell32

SHGetMalloc
SHChangeNotify

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
InstallDsExtension

Sections

.text
Size: 115KB - Virtual size: 114KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 171KB - Virtual size: 170KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 12KB - Virtual size: 12KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 8KB - Virtual size: 8KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

4f066652a3a48d9cb35c4edf22cce4f6

Headers

File Characteristics

Imports

user32

kernel32

gdi32

ole32

oleaut32

advapi32

comctl32

version

mfc42

msvcrt

comres

msvcp60

activeds

dsuiext

shell32

Exports

Exports

Sections

.text Size: 115KB - Virtual size: 114KB

.data Size: 171KB - Virtual size: 170KB

.rsrc Size: 12KB - Virtual size: 12KB

.reloc Size: 8KB - Virtual size: 8KB

.text
Size: 115KB - Virtual size: 114KB

.data
Size: 171KB - Virtual size: 170KB

.rsrc
Size: 12KB - Virtual size: 12KB

.reloc
Size: 8KB - Virtual size: 8KB