6817925bc756c2a0cae8f4c3afa22c63_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6817925bc756c2a0cae8f4c3afa22c63_JaffaCakes118
Size

1.3MB
MD5

6817925bc756c2a0cae8f4c3afa22c63
SHA1

b22861400b680b48f7a2bd1b70bd0321eab064ff
SHA256

20f7f2573a10debf614ad12983c75a2cdd4bebb8eb46d3de7a8e3be715c684e8
SHA512

6fe804bb26f9d97b05d6e2b99501114590deca5ab079bd0eb95027e0694362255841845bc688f07f2f0233097dbcbe5949562065650741bdd86b941fab602044
SSDEEP

12288:GjCcFzPWuHCpWavduw4q7hWYv0wtGyILyf/vInxXuWuYxfjNDzQme/tx6UjFsa9q:kAuHCLvduOWY8x2cXuWuYhjNDv6ncZf

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6817925bc756c2a0cae8f4c3afa22c63_JaffaCakes118

Files

6817925bc756c2a0cae8f4c3afa22c63_JaffaCakes118
.exe windows:5 windows x86 arch:x86

cbcf99dd899e551df7cafe3d5f0d6f15

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE

PDB Paths

d:\Work Station\SourceCode\AVerTVDiagnostic tool\AVerTVDiag\Release\A369H324 Diagnostic Tool.pdb

Imports

setupapi

SetupDiGetClassDevsExA
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiGetDeviceInstanceIdA

kernel32

GetFileSizeEx
GetFileTime
SetErrorMode
RtlUnwind
GetSystemTimeAsFileTime
ExitProcess
GetLocalTime
HeapAlloc
HeapFree
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
RaiseException
GetCommandLineA
GetStartupInfoA
ExitThread
CreateThread
HeapReAlloc
SetStdHandle
GetFileType
HeapSize
GetACP
GetFileAttributesA
LCMapStringA
LCMapStringW
GetTimeZoneInformation
GetStdHandle
FatalAppExitA
SetConsoleCtrlHandler
InitializeCriticalSectionAndSpinCount
VirtualFree
HeapCreate
HeapDestroy
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
SetHandleCount
QueryPerformanceCounter
GetConsoleCP
GetConsoleMode
GetStringTypeA
GetStringTypeW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetLocaleInfoW
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CompareStringW
SetEnvironmentVariableA
SetFileAttributesA
SetFileTime
LocalFileTimeToFileTime
FileTimeToLocalFileTime
SystemTimeToFileTime
FileTimeToSystemTime
GetAtomNameA
GetOEMCP
GetCPInfo
GetModuleHandleW
GetShortPathNameA
GetFullPathNameA
GetVolumeInformationA
FindFirstFileA
FindClose
GetCurrentProcess
DuplicateHandle
GetFileSize
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
ReadFile
lstrcmpiA
GetThreadLocale
GetStringTypeExA
MoveFileA
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
LocalAlloc
GlobalFlags
GetPrivateProfileStringA
WritePrivateProfileStringA
GetPrivateProfileIntA
InterlockedDecrement
GetModuleFileNameW
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
CopyFileA
GlobalSize
FormatMessageA
LocalFree
lstrlenW
MulDiv
GetTickCount
InterlockedIncrement
GlobalUnlock
GlobalFree
FreeResource
SetLastError
GlobalAddAtomA
CreateEventA
SetEvent
WaitForSingleObject
ResumeThread
SetThreadPriority
GlobalDeleteAtom
GetCurrentThread
GetCurrentThreadId
ConvertDefaultLocale
EnumResourceLanguagesA
GetLocaleInfoA
LoadLibraryA
CompareStringA
InterlockedExchange
GlobalLock
lstrcmpA
GlobalAlloc
FreeLibrary
GetModuleHandleA
GetProcAddress
lstrcpynW
lstrlenA
GetModuleFileNameA
SetFilePointer
WriteFile
CloseHandle
GetCurrentDirectoryA
CreateFileA
GetVersionExA
GetCurrentProcessId
OutputDebugStringA
DeleteFileA
Sleep
GetLastError
TerminateThread
SuspendThread
WideCharToMultiByte
MultiByteToWideChar
FindResourceA
LoadResource
LockResource
SizeofResource
IsValidCodePage

user32

BringWindowToTop
SetRectEmpty
CreatePopupMenu
InsertMenuItemA
LoadAcceleratorsA
GetMenuBarInfo
LoadMenuA
ReuseDDElParam
UnpackDDElParam
GetSystemMenu
SetParent
UnionRect
GetDCEx
TranslateAcceleratorA
UnregisterClassA
DestroyMenu
GetMenuItemInfoA
MessageBeep
GetNextDlgGroupItem
InvalidateRgn
SetRect
IsRectEmpty
CopyAcceleratorTableA
CharNextA
PostThreadMessageA
GetDialogBaseUnits
CharUpperA
DestroyIcon
GetSysColorBrush
WaitMessage
ReleaseCapture
LoadCursorA
WindowFromPoint
SetCapture
DeleteMenu
InflateRect
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
MapVirtualKeyA
GetKeyNameTextA
ReleaseDC
GetDC
RegisterWindowMessageA
WinHelpA
IsChild
GetCapture
GetClassLongA
GetClassNameA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
BeginDeferWindowPos
EndDeferWindowPos
GetTopWindow
UnhookWindowsHookEx
GetMessageTime
GetMessagePos
MapWindowPoints
ScrollWindow
TrackPopupMenuEx
SetMenu
SetScrollRange
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
AdjustWindowRectEx
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
SetWindowPlacement
DefWindowProcA
CallWindowProcA
GetMenu
IntersectRect
SystemParametersInfoA
GetWindowPlacement
GetWindowTextLengthA
GetWindowTextA
ScrollWindowEx
SetFocus
ShowWindow
MoveWindow
GetDlgCtrlID
SetWindowTextA
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
SendDlgItemMessageA
GetDlgItemTextA
GetDlgItemInt
CheckRadioButton
CheckDlgButton
DrawIcon
SendMessageA
IsIconic
GetClientRect
GetMenuStringA
AppendMenuA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
RemoveMenu
GetWindow
SetWindowContextHelpId
MapDialogRect
SetWindowPos
RegisterClipboardFormatA
GetDesktopWindow
SetActiveWindow
CreateDialogIndirectParamA
DestroyWindow
GetDlgItem
GetNextDlgTabItem
EndDialog
GetWindowThreadProcessId
EnableWindow
LoadIconA
GetSystemMetrics
PostMessageA
wsprintfA
OffsetRect
FillRect
GetWindowRect
UpdateWindow
InvalidateRect
RedrawWindow
SetTimer
KillTimer
GetParent
SetCursor
IsWindow
GetSysColor
MessageBoxA
PtInRect
CopyRect
LockWindowUpdate
GetFocus
SetWindowLongA
GetWindowLongA
PostQuitMessage
CheckMenuItem
EnableMenuItem
GetMenuState
ModifyMenuA
LoadBitmapA
GetMenuCheckMarkDimensions
SetMenuItemBitmaps
ValidateRect
GetCursorPos
PeekMessageA
GetKeyState
IsWindowVisible
GetActiveWindow
DispatchMessageA
TranslateMessage
GetMessageA
CallNextHookEx
GetLastActivePopup
IsWindowEnabled
ShowOwnedPopups
SetWindowsHookExA
TrackPopupMenu

gdi32

PlayMetaFileRecord
GetObjectType
EnumMetaFile
PlayMetaFile
CreatePen
ExtCreatePen
CreateHatchBrush
SetRectRgn
CombineRgn
SelectPalette
DPtoLP
GetTextExtentPoint32A
GetTextMetricsA
GetBkColor
GetTextColor
GetRgnBox
GetCharWidthA
CreateFontA
StretchDIBits
CreateDIBPatternBrushPt
CreatePatternBrush
DeleteDC
ExtSelectClipRgn
PolyBezierTo
PolylineTo
PolyDraw
ArcTo
GetCurrentPositionEx
ScaleWindowExtEx
Rectangle
CreateCompatibleDC
CreateCompatibleBitmap
CreateFontIndirectA
GetMapMode
GetObjectA
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
StartDocA
GetPixel
GetWindowExtEx
GetViewportExtEx
SelectClipPath
CreateRectRgn
GetClipRgn
SelectClipRgn
SetColorAdjustment
SetArcDirection
SetMapperFlags
SetTextCharacterExtra
SetTextJustification
SetTextAlign
MoveToEx
LineTo
OffsetClipRgn
IntersectClipRect
ExcludeClipRect
SetMapMode
ModifyWorldTransform
SetWorldTransform
SetGraphicsMode
SetStretchBltMode
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
PatBlt
CreateRectRgnIndirect
SetBkColor
SetTextColor
GetClipBox
GetDCOrgEx
CreateDCA
CopyMetaFileA
GetDeviceCaps
CreateBitmap
GetViewportOrgEx
SetViewportOrgEx
GetStockObject
DeleteObject
CreateSolidBrush
BitBlt
SetWindowExtEx

comdlg32

GetFileTitleA

winspool.drv

DocumentPropertiesA
ClosePrinter
OpenPrinterA

advapi32

RegDeleteValueA
RegSetValueA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA
RegQueryValueExA
RegDeleteTreeA
RegCreateKeyExA
RegSetValueExA
RegCloseKey
RegCreateKeyA

shell32

ShellExecuteA
SHGetFileInfoA
DragFinish
DragQueryFileA
ExtractIconA

oledlg

ord8

ole32

StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
OleSetClipboard
CoGetClassObject
StringFromGUID2
CoDisconnectObject
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CreateBindCtx
CoTreatAsClass
ReadClassStg
ReadFmtUserTypeStg
OleRegGetUserType
CreateILockBytesOnHGlobal
WriteFmtUserTypeStg
SetConvertStg
CLSIDFromString
CLSIDFromProgID
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
StringFromCLSID
CoRevokeClassObject
CoRegisterClassObject
GetRunningObjectTable
CreateItemMoniker
StgCreateDocfile
CoInitialize
CoUninitialize
CoTaskMemFree
CoCreateInstance
CoInitializeEx
OleRun
CreateStreamOnHGlobal
WriteClassStg

oleaut32

SafeArrayGetElemsize
VarBstrFromDec
VarBstrFromCy
SysReAllocStringLen
SafeArrayDestroyDescriptor
OleCreatePropertyFrame
VarCyFromStr
VariantInit
VariantClear
SysAllocStringLen
SysFreeString
SysAllocString
VarDateFromStr
VarBstrFromDate
SysStringByteLen
SysStringLen
VariantChangeType
SysAllocStringByteLen
VariantCopy
RegisterTypeLi
LoadTypeLi
LoadRegTypeLi
OleCreateFontIndirect
VariantTimeToSystemTime
SystemTimeToVariantTime
SafeArrayDestroy
SafeArrayUnaccessData
SafeArrayAccessData
SafeArrayGetUBound
SafeArrayGetLBound
SafeArrayDestroyData
SafeArrayGetDim
SafeArrayCreate
SafeArrayRedim
SafeArrayAllocData
SafeArrayAllocDescriptor
SafeArrayCopy
SafeArrayGetElement
SafeArrayPtrOfIndex
SafeArrayPutElement
SafeArrayLock
SafeArrayUnlock
VarDecFromStr

shlwapi

PathRemoveFileSpecW
PathFindFileNameA
PathRemoveExtensionA
PathFindExtensionA
PathIsUNCA
PathStripToRootA

Sections

.text
Size: 795KB - Virtual size: 795KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 191KB - Virtual size: 190KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 17KB - Virtual size: 33KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.idata
Size: 16KB - Virtual size: 16KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.didat
Size: 1024B - Virtual size: 793B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 299KB - Virtual size: 300KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

cbcf99dd899e551df7cafe3d5f0d6f15

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

setupapi

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shell32

oledlg

ole32

oleaut32

shlwapi

Sections

.text Size: 795KB - Virtual size: 795KB

.rdata Size: 191KB - Virtual size: 190KB

.data Size: 17KB - Virtual size: 33KB

.idata Size: 16KB - Virtual size: 16KB

.didat Size: 1024B - Virtual size: 793B

.rsrc Size: 299KB - Virtual size: 300KB

.text
Size: 795KB - Virtual size: 795KB

.rdata
Size: 191KB - Virtual size: 190KB

.data
Size: 17KB - Virtual size: 33KB

.idata
Size: 16KB - Virtual size: 16KB

.didat
Size: 1024B - Virtual size: 793B

.rsrc
Size: 299KB - Virtual size: 300KB