67fed8583a28a218c298ad2a6ade0c94_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

67fed8583a28a218c298ad2a6ade0c94_JaffaCakes118
Size

72KB
MD5

67fed8583a28a218c298ad2a6ade0c94
SHA1

9ef8fe7238636d6bc4209d429e473d50ffbdc935
SHA256

ef8fbe907e4555db3181fba5f0f8c1a9f76ceda103ee8341632738257ff1e9b3
SHA512

ef0ef176fb5a07ccebbf686a729227e6116c54574fb676d8c11e9f5a4d717e500b543e0ce9ab85abda48645dff0937bcecbb1070c6f4f6f492798420130d23a5
SSDEEP

1536:yY/f8/tP+7ZeUwEhfGp89ifohzuAtVa68S4wSTK6keqqe15:xaqZe5EhfGyHzLa6Z169qx1

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
67fed8583a28a218c298ad2a6ade0c94_JaffaCakes118

Files

67fed8583a28a218c298ad2a6ade0c94_JaffaCakes118
.dll windows:4 windows x86 arch:x86

81919929232c0d738876e394f0bb3a90

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetFileAttributesA
ExpandEnvironmentStringsW
FindNextChangeNotification
GetAtomNameA
CreateProcessW
SetConsoleCtrlHandler
GetDateFormatW
AllocConsole
WriteFileEx
lstrcmpiA
LCMapStringA
OpenSemaphoreW
CancelWaitableTimer
GetFileAttributesExA
WriteProfileStringA
GlobalFindAtomA
GetEnvironmentVariableW
CompareStringA
GetCurrentThreadId
AddAtomA
HeapDestroy
ResetEvent
lstrcmpiW
GetTimeFormatW
CallNamedPipeA
GetUserDefaultLCID
SetConsoleWindowInfo
GetFileInformationByHandle
CancelIo
GetWindowsDirectoryW
VirtualAllocEx
GetVersionExW
SetConsoleTitleA
TryEnterCriticalSection
GetQueuedCompletionStatus
SetEvent
GetConsoleOutputCP
SuspendThread
IsValidLanguageGroup
EnumUILanguagesW
DosDateTimeToFileTime
SetConsoleMode
GlobalAlloc
RemoveDirectoryA
CreateMailslotW
HeapReAlloc
OpenEventW
GlobalReAlloc
GlobalFindAtomW
VirtualUnlock
SearchPathW
GetFullPathNameA
GetLocaleInfoW
CreateDirectoryA
GetModuleFileNameW
QueryPerformanceFrequency
VerifyVersionInfoA
FlushConsoleInputBuffer
GetAtomNameW
MoveFileExW
lstrcpynW
FindResourceExA
FlushFileBuffers
GetDriveTypeA
SetDefaultCommConfigW
FindResourceW
CreateFileW
LocalFileTimeToFileTime
TerminateThread
DuplicateHandle
CreateNamedPipeW
lstrcatA
GetProfileIntW
GetShortPathNameW
FindFirstChangeNotificationA
GetStringTypeExA
GetVolumeNameForVolumeMountPointW
FlushViewOfFile
ExpandEnvironmentStringsA
LocalFlags
GetProfileSectionA
GetHandleInformation
IsBadCodePtr
RaiseException
GetLocalTime
ReadDirectoryChangesW
AreFileApisANSI
SetConsoleScreenBufferSize
GetProfileStringA
TerminateProcess
IsBadStringPtrW
lstrcmpA
PeekConsoleInputW
lstrcmpW
HeapLock
FindVolumeClose
FindResourceExW
SetFilePointerEx
BindIoCompletionCallback
Beep
lstrcpynA
VirtualFree
WaitForSingleObjectEx
GetThreadPriority
SetFileAttributesA
FillConsoleOutputCharacterW
GetThreadTimes
CompareFileTime
RegisterWaitForSingleObject
GetSystemWindowsDirectoryA
FindAtomA
FindFirstFileExW
CreatePipe
GetStdHandle
LockResource
GetProfileIntA
GetLocaleInfoA
DisconnectNamedPipe
GetVersion
GetSystemInfo
SetLastError
CompareStringW
SetNamedPipeHandleState
GetTimeZoneInformation
GlobalAddAtomW
OpenEventA
CreateJobObjectW
SetEndOfFile
SetComputerNameA
RtlUnwind
SetVolumeLabelW
VirtualQuery
InterlockedExchange
VirtualProtect
WaitForSingleObject
CreateProcessA
InitializeCriticalSection
LocalFree
CreateFileMappingA
HeapValidate
LeaveCriticalSection
EnterCriticalSection
lstrlenW
CreateMutexA
HeapFree
HeapAlloc
MoveFileExA
CloseHandle
GetComputerNameA
LoadLibraryA
ReleaseMutex
GetProcAddress
GetModuleFileNameA
lstrcpyW
GetSystemTimeAsFileTime
GetLastError
GlobalAddAtomA

ole32

OleCreateMenuDescriptor
OleSave
CoGetMarshalSizeMax
OleRegEnumVerbs
CreateGenericComposite
CoDisconnectObject
CoFreeUnusedLibrariesEx
OleUninitialize
StgIsStorageFile
CoCreateGuid
CoDisableCallCancellation
GetHGlobalFromStream
OleCreateLinkFromData
CreateDataAdviseHolder
OleTranslateAccelerator
CoAllowSetForegroundWindow
CoCreateInstanceEx
OleSetContainedObject
PropVariantCopy
CoFileTimeNow
CreateFileMoniker
OleLoadFromStream
CreateDataCache
StringFromIID
OleDuplicateData
StgOpenStorageEx
CreateBindCtx
CoTaskMemAlloc
CoUninitialize
CoTaskMemFree
OleCreate

shlwapi

StrToIntExW
StrToIntW
PathRemoveBlanksW
SHAutoComplete
StrCpyNW
StrStrW
StrCpyW
PathRemoveExtensionW
PathIsRelativeW
SHDeleteKeyA
StrCatBuffA
PathFindExtensionW
PathIsRootW
StrRetToStrW
PathAddExtensionW
StrChrIW
PathFileExistsA
wvnsprintfW
PathGetCharTypeW
UrlGetPartW
UrlCombineW
PathCompactPathW
StrRetToBufW
SHGetValueA
wnsprintfA
PathRemoveFileSpecA
StrCatBuffW
SHGetValueW
PathStripToRootW
StrFormatKBSizeW
wnsprintfW
PathAddBackslashA
StrChrW
PathGetCharTypeA
StrDupA
UrlIsW
PathAddBackslashW
StrStrIA
StrStrIW

advapi32

CreateProcessWithLogonW
GetUserNameA
GetSecurityDescriptorSacl
RegDeleteValueA
RegCloseKey
EnumServicesStatusW
OpenEventLogA
OpenServiceW
RegLoadKeyA
RegSetValueA
OpenSCManagerA
RegEnumKeyExW
ChangeServiceConfigA
QueryServiceConfigW
RegQueryInfoKeyA
EnumServicesStatusA
EnumDependentServicesA
OpenServiceA
RegOpenKeyA
EnumServicesStatusExW
IsTextUnicode
ImpersonateNamedPipeClient
RegEnumValueW
RegSetValueExA
LockServiceDatabase
RegisterEventSourceA
QueryServiceLockStatusA
RegCreateKeyExA
RegSaveKeyA
RegOpenCurrentUser
IsTokenRestricted
CreateProcessAsUserA
GetOldestEventLogRecord
RegisterServiceCtrlHandlerW
RegQueryValueExW
RegUnLoadKeyW
SetTokenInformation
RegEnumKeyExA
GetTokenInformation
CreateServiceA
ChangeServiceConfigW
RegRestoreKeyA
ConvertStringSecurityDescriptorToSecurityDescriptorW

gdi32

GetWorldTransform
TextOutA
Escape
DeleteDC
ScaleViewportExtEx
GetStockObject
CopyMetaFileW
GetKerningPairsA
GetCharacterPlacementA
GetWinMetaFileBits
SetBitmapBits
CreateRectRgn
GetGlyphOutlineA
Polyline
GetPaletteEntries
InvertRgn
GetRandomRgn
ResizePalette
SetTextColor
StretchDIBits
GetBkColor
GetTextFaceA
CreatePatternBrush
GetMapMode
GetRegionData
GetNearestColor
CreateDIBPatternBrushPt
SetWindowExtEx
OffsetWindowOrgEx
ExtEscape
GetBitmapDimensionEx
EnumFontFamiliesA
PolyPolyline
GetTextCharsetInfo
CloseEnhMetaFile
GetSystemPaletteUse
CreateCompatibleBitmap
CreateICW
GetROP2
SwapBuffers
CreateScalableFontResourceA
GetPixelFormat
CreateBrushIndirect
SetWindowOrgEx
SetTextAlign
GetStretchBltMode
DeleteMetaFile
SetMagicColors
GetEnhMetaFileHeader
PtVisible
StrokeAndFillPath
FillRgn
SetMiterLimit
GetClipRgn
CloseFigure
GetCharWidth32W
RemoveFontResourceW
StartPage
PathToRegion
SetPaletteEntries
CreateEnhMetaFileA
GetPolyFillMode
StrokePath
EnumFontsA
SetDIBColorTable
OffsetRgn
SetMetaFileBitsEx
CreateFontIndirectW
ScaleWindowExtEx
MoveToEx
GetBrushOrgEx
GetCharABCWidthsW
SetRectRgn
GetRgnBox
GetBitmapBits
ModifyWorldTransform

Exports

Exports

DllInit
DllInstall

Sections

.text
Size: 48KB - Virtual size: 46KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 928B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

81919929232c0d738876e394f0bb3a90

Headers

File Characteristics

Imports

kernel32

ole32

shlwapi

advapi32

gdi32

Exports

Exports

Sections

.text Size: 48KB - Virtual size: 46KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 4KB - Virtual size: 928B

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 48KB - Virtual size: 46KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 4KB - Virtual size: 928B

.reloc
Size: 4KB - Virtual size: 2KB