65ae779acb8d8e372c8656245aeabf53_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

65ae779acb8d8e372c8656245aeabf53_JaffaCakes118
Size

196KB
MD5

65ae779acb8d8e372c8656245aeabf53
SHA1

3c2f4c1ec187add2fb64b7a9e9f247563991add8
SHA256

772b8c81e38d063eeab2d42f10d8b086e45b75fc50ea278bc0c048516eda4ed1
SHA512

5e61c2c7b67494e282d3b648861287fb8cf786019982ea197cb98dec456143d991eedb9a08ec153611e379da96a4767827b31ee933c96aa2b971368fb98bd316
SSDEEP

6144:lBo2lh2lK6Z8a5PDpScD7lwqzMCHvdirzJRh:Q2lhOK6bN1ScD7lqCPCRh

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
unpack001/spl.exe

Files

65ae779acb8d8e372c8656245aeabf53_JaffaCakes118
.zip
SPL.GID
samples/hello/HELLO.CO_
samples/hello/HELLO1.com
samples/hello/HELLO2.com
samples/hello/hello.INC
samples/hello/hello.SPL
samples/hello/hello1.asm
samples/hello/hello2.asm
samples/hello/splVM.inc
samples/hello/splrand.inc
samples/overwr/OVERWR.com
samples/overwr/overwr.asm
samples/overwr/overwr.inc
samples/overwr/overwr.spl
.ps1
samples/overwr/splVM.inc
samples/overwr/splrand.inc
samples/thevir/THEVIR.COM
samples/thevir/splVM.INC
samples/thevir/splrand.INC
samples/thevir/thevir.INC
samples/thevir/thevir.SPL
samples/thevir/thevir.asm
spl.cnt
spl.exe
.exe windows:4 windows x86 arch:x86

68df3ca731c5b03e9bcad93ff2580c22

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

kernel32

GetEnvironmentStringsW
FreeEnvironmentStringsW
GetFileType
GetEnvironmentStrings
FreeEnvironmentStringsA
SetHandleCount
SetUnhandledExceptionFilter
GetStdHandle
IsBadReadPtr
IsBadWritePtr
IsBadCodePtr
HeapCreate
GetStringTypeA
UnhandledExceptionFilter
GetFullPathNameA
GetStringTypeW
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
MultiByteToWideChar
WideCharToMultiByte
InterlockedDecrement
InterlockedIncrement
GlobalFree
LockResource
FindResourceA
LoadResource
lstrcpyA
lstrcatA
lstrlenA
GlobalLock
lstrcpynA
HeapReAlloc
GetTimeZoneInformation
HeapSize
GetACP
RaiseException
TerminateProcess
ExitProcess
GetCommandLineA
HeapFree
HeapAlloc
RtlUnwind
GetStartupInfoA
GetModuleHandleA
FileTimeToLocalFileTime
FileTimeToSystemTime
SystemTimeToFileTime
SetErrorMode
GetOEMCP
LocalFileTimeToFileTime
GetFileSize
WritePrivateProfileStringA
GetCPInfo
GetCurrentDirectoryA
SizeofResource
GetPrivateProfileStringA
GetPrivateProfileIntA
LocalReAlloc
SetLastError
GlobalFlags
EnterCriticalSection
TlsSetValue
TlsGetValue
GlobalReAlloc
LeaveCriticalSection
TlsAlloc
GlobalHandle
DeleteCriticalSection
GetProcessVersion
InitializeCriticalSection
GetVersion
GetFileTime
GetDiskFreeSpaceA
GetTempFileNameA
GetModuleFileNameA
SetFileTime
GetFileAttributesA
GetStringTypeExA
GetShortPathNameA
GetThreadLocale
FindFirstFileA
GetVolumeInformationA
GlobalUnlock
GlobalGetAtomNameA
GetProcAddress
FindClose
LoadLibraryA
MoveFileA
FreeLibrary
DeleteFileA
SetStdHandle
LockFile
SetEndOfFile
GetCurrentThreadId
UnlockFile
WriteFile
FlushFileBuffers
SetFilePointer
GetCurrentProcess
ReadFile
CreateFileA
lstrcmpiA
DuplicateHandle
GetLastError
LocalUnlock
LocalAlloc
LocalLock
LocalFree
MulDiv
CloseHandle
GetCurrentThread
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
GetLocaleInfoA
LCMapStringA
LCMapStringW
GlobalAddAtomA
GetProfileStringA

user32

ShowOwnedPopups
GetDC
PtInRect
IntersectRect
SetParent
IsRectEmpty
AppendMenuA
DeleteMenu
GetSystemMenu
SetTimer
KillTimer
SetRect
CharUpperA
OffsetRect
ReleaseDC
MessageBoxA
SetMessageQueue
ValidateRect
DestroyCursor
FillRect
GetTabbedTextExtentA
IsClipboardFormatAvailable
MessageBeep
GetClassNameA
LoadStringA
GetWindowDC
BeginPaint
EndPaint
TabbedTextOutA
DrawTextA
PostQuitMessage
GrayStringA
InvertRect
GetDCEx
LockWindowUpdate
InsertMenuA
GetMenuStringA
DestroyIcon
CheckMenuItem
EnableMenuItem
SetWindowTextA
IsDialogMessageA
SetDlgItemTextA
SendDlgItemMessageA
SystemParametersInfoA
MapWindowPoints
GetSysColor
AdjustWindowRectEx
DeferWindowPos
GetClientRect
BeginDeferWindowPos
EndDeferWindowPos
ScrollWindow
GetScrollInfo
SetScrollInfo
ShowScrollBar
GetScrollRange
SetScrollRange
InflateRect
IsZoomed
GetTopWindow
RegisterClassA
SetMenuItemBitmaps
GetWindowTextA
DefWindowProcA
CreateWindowExA
CallNextHookEx
SetPropA
GetForegroundWindow
SetForegroundWindow
GetPropA
RemovePropA
CallWindowProcA
GetMessageTime
GetMessagePos
GetWindowRect
RegisterWindowMessageA
GetNextDlgTabItem
EndDialog
GetSystemMetrics
CreateDialogIndirectParamA
DestroyWindow
BringWindowToTop
IsWindowVisible
IsIconic
EqualRect
CopyRect
SetWindowLongA
InvalidateRect
GetDlgItem
wsprintfA
GetKeyState
SetWindowPos
GetDlgCtrlID
UpdateWindow
GetSubMenu
GetMenuItemCount
GetMenuItemID
UnpackDDElParam
ReuseDDElParam
SetActiveWindow
WinHelpA
SetMenu
GetMenu
LoadIconA
GetClassInfoA
LoadMenuA
DestroyMenu
SetFocus
ShowWindow
IsWindow
IsWindowEnabled
GetWindow
TranslateAcceleratorA
LoadAcceleratorsA
SetRectEmpty
ScreenToClient
ClientToScreen
GetWindowLongA
GetParent
GetMessageA
TranslateMessage
DispatchMessageA
WindowFromPoint
GetActiveWindow
GetWindowThreadProcessId
GetDesktopWindow
ModifyMenuA
SetCursor
GetCursorPos
GetMenuCheckMarkDimensions
LoadBitmapA
GetMenuState
GetScrollPos
SetScrollPos
GetWindowTextLengthA
PeekMessageA
WaitMessage
SetCapture
ReleaseCapture
PostMessageA
LoadCursorA
GetCapture
GetFocus
GetLastActivePopup
EnableWindow
SendMessageA
UnhookWindowsHookEx
SetWindowsHookExA
IsChild
UnregisterClassA
HideCaret
DrawFocusRect
ShowCaret
ExcludeUpdateRgn
IsWindowUnicode
DefDlgProcA
CharNextA

gdi32

SetBkColor
SelectObject
GetTextExtentPointA
CreateBitmap
DeleteDC
StretchDIBits
GetTextMetricsA
CreateCompatibleBitmap
GetDeviceCaps
CreateCompatibleDC
GetStockObject
Rectangle
PatBlt
CreatePen
GetViewportOrgEx
DPtoLP
EndDoc
EndPage
AbortDoc
StartDocA
SetAbortProc
StartPage
CreateFontIndirectA
GetCharWidthA
CreateDCA
DeleteObject
SaveDC
CreateSolidBrush
SetBkMode
SetPolyFillMode
SetStretchBltMode
SetMapMode
SetROP2
OffsetViewportOrgEx
SetViewportExtEx
SetViewportOrgEx
SetWindowOrgEx
ScaleViewportExtEx
ScaleWindowExtEx
GetClipBox
SetWindowExtEx
ExcludeClipRect
IntersectClipRect
SelectClipRgn
MoveToEx
LineTo
SetTextAlign
GetCurrentPositionEx
CreateRectRgn
GetViewportExtEx
GetWindowExtEx
CreatePatternBrush
PtVisible
RectVisible
ExtTextOutA
Escape
TextOutA
CombineRgn
BitBlt
CreateRectRgnIndirect
LPtoDP
SetRectRgn
GetBkColor
GetTextColor
GetNearestColor
GetPolyFillMode
GetTextAlign
GetStretchBltMode
GetROP2
GetTextFaceA
GetBkMode
CreateDIBitmap
GetWindowOrgEx
GetObjectA
RestoreDC
SetTextColor

comdlg32

GetSaveFileNameA
GetOpenFileNameA
ReplaceTextA
FindTextA
GetFileTitleA
PrintDlgA
CommDlgExtendedError

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegQueryValueA
RegDeleteKeyA
RegCloseKey
RegDeleteValueA
RegQueryValueExA
RegSetValueExA
RegSetValueA
RegCreateKeyA
RegCreateKeyExA
RegOpenKeyExA
RegOpenKeyA
SetFileSecurityA
GetFileSecurityA

shell32

DragQueryFileA
DragFinish
DragAcceptFiles
SHGetFileInfoA
ExtractIconA

comctl32

ord17

Sections

.text
Size: 222KB - Virtual size: 222KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 44KB - Virtual size: 44KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 14KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 10KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 24KB - Virtual size: 23KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 25KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ
spl.reg
splVM.inc
splrand.INC
splrand2.INC

Sharing

General

Malware Config

Signatures

Files

68df3ca731c5b03e9bcad93ff2580c22

Headers

File Characteristics

Imports

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

comctl32

Sections

.text Size: 222KB - Virtual size: 222KB

.rdata Size: 44KB - Virtual size: 44KB

.data Size: 14KB - Virtual size: 29KB

.idata Size: 10KB - Virtual size: 9KB

.rsrc Size: 24KB - Virtual size: 23KB

.reloc Size: 25KB - Virtual size: 24KB

.text
Size: 222KB - Virtual size: 222KB

.rdata
Size: 44KB - Virtual size: 44KB

.data
Size: 14KB - Virtual size: 29KB

.idata
Size: 10KB - Virtual size: 9KB

.rsrc
Size: 24KB - Virtual size: 23KB

.reloc
Size: 25KB - Virtual size: 24KB