6845d8787f9d8ff5f66107b783628397_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

6845d8787f9d8ff5f66107b783628397_JaffaCakes118
Size

84KB
MD5

6845d8787f9d8ff5f66107b783628397
SHA1

d20b12aa0ca3802cf70af2208fb3581ca8d15ea4
SHA256

cdca82f97794e732bdbc217fd1eadec2bf28227357a212423225ee416fe183d2
SHA512

f6023722a160c1c8e3178f4cc328de7b054980b95e0ed2f1cdabdffdd8e2fb8a5894751d55ccaf1772d378d88a61527658c68a9488b8cea46bb57dce21a09ae8
SSDEEP

1536:Ae4wcGZbaSyZfyIRU1uwGT3e1v0Sv/n5bh4VHr6Lf/UD+ouPu3dTzv2ZkCZ:Ae3c8bakIRItHv/nneHr6bMlA8dH2T

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
6845d8787f9d8ff5f66107b783628397_JaffaCakes118

Files

6845d8787f9d8ff5f66107b783628397_JaffaCakes118
.dll windows:4 windows x86 arch:x86

2cbf483f18cd1d2831236788321d383b

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

GetSystemDirectoryW
GetVolumePathNamesForVolumeNameW
SetEnvironmentVariableA
GetThreadContext
WriteFileEx
GetLogicalDriveStringsA
lstrcmpiW
DeleteCriticalSection
CallNamedPipeA
lstrcpyA
SetFileApisToOEM
GetSystemInfo
SetCurrentDirectoryA
LocalSize
LockFileEx
GetCurrentThreadId
CopyFileExW
HeapCreate
GetWindowsDirectoryA
GetEnvironmentVariableA
GlobalFindAtomW
GetLocalTime
HeapUnlock
SetNamedPipeHandleState
FindResourceW
HeapValidate
GetCommandLineA
GetDateFormatA
SetConsoleCursorPosition
GetLogicalDriveStringsW
FindAtomW
ChangeTimerQueueTimer
SuspendThread
FileTimeToDosDateTime
GlobalAddAtomW
LockFile
FreeResource
GetNumberFormatA
OpenProcess
lstrcpynW
FindFirstChangeNotificationW
GetEnvironmentStringsW
ConvertDefaultLocale
CreateWaitableTimerA
HeapSetInformation
CreateDirectoryW
GetFileSize
SetEndOfFile
GetCurrentDirectoryW
TerminateJobObject
FindNextFileA
UnregisterWaitEx
OpenMutexA
QueryPerformanceFrequency
SetInformationJobObject
HeapWalk
UnlockFile
FlushConsoleInputBuffer
CreateJobObjectW
WriteConsoleA
ClearCommError
HeapLock
SetErrorMode
ExitThread
RtlMoveMemory
InterlockedExchangeAdd
SetConsoleActiveScreenBuffer
SetDefaultCommConfigW
SetFileTime
CreateProcessW
CreateConsoleScreenBuffer
GetFileInformationByHandle
TerminateProcess
IsBadHugeWritePtr
GetFullPathNameW
DosDateTimeToFileTime
GetConsoleMode
IsWow64Process
CompareFileTime
CreateFileW
OpenEventA
SetComputerNameExW
GetSystemDirectoryA
lstrcmpA
GetDriveTypeA
DisconnectNamedPipe
WaitForMultipleObjectsEx
CreateFileA
CreateSemaphoreA
SetTimeZoneInformation
SetHandleCount
SetStdHandle
lstrcmpiA
GetSystemPowerStatus
GetAtomNameA
GetQueuedCompletionStatus
FormatMessageW
SetConsoleTextAttribute
WinExec
GetExitCodeProcess
GetSystemWindowsDirectoryA
VirtualProtect
MoveFileA
GetVersion
GetModuleFileNameW
GetBinaryTypeW
FindResourceExW
PeekNamedPipe
GetProfileSectionA
FindFirstVolumeW
SetVolumeLabelW
InterlockedIncrement
GetStringTypeExW
GetFileTime
GetTimeFormatW
GlobalAddAtomA
GetCompressedFileSizeW
SizeofResource
GetStdHandle
GetDiskFreeSpaceExW
MapViewOfFile
CreateDirectoryA
ReleaseMutex
InterlockedExchange
CreateProcessA
HeapAlloc
LoadLibraryA
GetProcAddress
CreateFileMappingA
GetProcessHeap
HeapFree
GetComputerNameA
UnmapViewOfFile
CopyFileA
GetModuleHandleA
lstrcpyW
VirtualQuery
CreateMutexA
lstrcatA

user32

IsCharAlphaA
wsprintfA
DrawFrameControl
GetDlgItemInt
GetMenu
GetInputState
ShowOwnedPopups
WinHelpW
WindowFromDC
CreateWindowExA
GetClassInfoExA
SetMenuItemInfoW
BringWindowToTop
SendInput
AttachThreadInput
GetMenuStringW
GetProcessDefaultLayout
GetClassInfoA
ClientToScreen
GetDC
wvsprintfW
AppendMenuW
DefDlgProcW
GetScrollInfo
InternalGetWindowText
GrayStringW
GetActiveWindow
SetRect
GetMessageW
GetWindowTextW
GetClassNameW
GetScrollRange
ReleaseCapture
CheckRadioButton
GetDlgItemTextW
DefMDIChildProcW
PeekMessageW
DrawFocusRect
LoadStringW
GetProcessWindowStation
ChangeDisplaySettingsA
LoadCursorA
ShowWindowAsync
GetDlgCtrlID
GetUserObjectInformationA
RemovePropA
CopyImage
BeginDeferWindowPos
CopyIcon
CallWindowProcW
GrayStringA
IsDialogMessageW
CharNextW
SetWindowPlacement
SetFocus
CallMsgFilterW
SwitchToThisWindow
GetSysColor
GetQueueStatus
ExitWindowsEx
ShowCaret
NotifyWinEvent
EnumWindows
wvsprintfA
DrawStateA
SetMenuItemBitmaps
RegisterWindowMessageA
ChangeMenuA
SetWindowRgn
CopyAcceleratorTableA
CopyRect
PostThreadMessageA
ReleaseDC
SetWindowContextHelpId
UnregisterClassW
CopyAcceleratorTableW
GetMenuState
InvalidateRect
CreateDialogIndirectParamW
DefWindowProcA
CallWindowProcA
GetUserObjectInformationW
SetPropW
AdjustWindowRect
DialogBoxIndirectParamA
GetAsyncKeyState
LoadCursorW
GetWindow
EndTask
UnhookWindowsHook
EnableWindow
GetMenuItemRect
SetScrollRange
PostMessageA
SetScrollInfo
CharPrevA
SetProcessWindowStation
DrawMenuBar
IsDialogMessageA
PeekMessageA
CreateDialogParamW
GetWindowPlacement
LoadStringA
DrawTextExW
GetUpdateRgn
CharPrevW
GetKeyNameTextW
MapVirtualKeyA
LoadImageA
GetWindowRect
SetWindowTextW
CreateIcon
EnumDisplaySettingsW
GetPropW
DrawTextA
GetMenuCheckMarkDimensions
UnionRect
DispatchMessageA
UnhookWindowsHookEx
KillTimer
SetTimer
SetWindowsHookExA
GetMessageA
LoadMenuW

shlwapi

StrCmpIW
wnsprintfW
StrChrW
StrNCatW
StrCmpNIA
PathFileExistsW
SHGetValueA
StrStrIA
StrStrIW
PathFileExistsA
SHRegGetBoolUSValueW
StrCmpW
PathFindFileNameW
StrChrA
SHDeleteValueW
UrlCanonicalizeW
PathQuoteSpacesW
StrRetToBufW
StrCatBuffW
SHRegGetValueW
PathCombineW
StrToIntW
SHCreateStreamOnFileW
UrlCreateFromPathW
PathParseIconLocationW
PathGetDriveNumberW
PathIsRelativeW
PathCreateFromUrlW
PathCommonPrefixW
SHDeleteKeyA
PathBuildRootW
PathIsUNCServerShareW
PathRenameExtensionW
PathRemoveExtensionW
StrDupW
StrToIntA
SHSetValueA
PathRemoveBlanksW

advapi32

GetUserNameA
RegQueryValueExA
RegDeleteValueA
RegCreateKeyExW
QueryServiceLockStatusW
QueryServiceStatusEx
RegQueryInfoKeyA
ClearEventLogW
MakeAbsoluteSD
RegCreateKeyExA
OpenEventLogA
OpenServiceA
QueryServiceLockStatusA
SetTokenInformation
RegDeleteKeyW
RegOpenKeyA
QueryServiceConfigW
RegisterServiceCtrlHandlerW
ReadEventLogA
RegSetValueExW
GetUserNameW
RegUnLoadKeyW
RegSaveKeyExW
RegEnumValueA
ControlService
RegSetValueA
ImpersonateSelf
GetServiceDisplayNameW
CreateProcessWithLogonW
RegisterEventSourceA
StartServiceA
RegFlushKey
IsTokenRestricted
StartServiceCtrlDispatcherW

shell32

SHBrowseForFolderW
ShellAboutW
DragQueryFileW
ExtractIconA
SHFileOperationW
SHGetPathFromIDListA
SHGetFolderPathAndSubDirW
SHGetPathFromIDListW

gdi32

ExtCreateRegion
ResizePalette
AbortPath
GetCurrentObject
CreateScalableFontResourceA
MoveToEx
GetGraphicsMode
Polygon
EnumFontFamiliesA
AddFontResourceA
SetViewportExtEx
GetDIBits
SetSystemPaletteUse
ExtCreatePen
WidenPath
GetLayout
SetPixel
GetTextExtentExPointW
RemoveFontResourceA
GetTextMetricsA
CreateHatchBrush
SetBkMode
GetGlyphOutlineA
SetArcDirection
CreateBitmap
DeleteObject
EnumFontFamiliesExW
CopyMetaFileW
GetTextExtentPoint32A
GetEnhMetaFileHeader
CreateRectRgn
CreatePalette
AbortDoc
CreateCompatibleBitmap
ScaleWindowExtEx
CombineRgn
EnumFontsA
SetColorAdjustment
GetCharWidth32W
CreateBitmapIndirect
SetGraphicsMode
GetRgnBox
GetCharABCWidthsW
GetTextColor
SetBrushOrgEx
GetBitmapDimensionEx
GetWorldTransform
OffsetViewportOrgEx
ModifyWorldTransform
DeleteDC
SetWindowExtEx
GetGlyphOutlineW
PolyBezierTo
GetMapMode
SetMiterLimit
CreateDIBitmap
CreateEnhMetaFileA
CloseEnhMetaFile
PolyBezier
GetCharWidthA
GetOutlineTextMetricsA
CreateCompatibleDC
CopyMetaFileA
SetTextColor
CreateDIBPatternBrushPt
SetMetaRgn
ResetDCA
GetMetaFileA
CreateFontW
GetBkMode
GetViewportOrgEx
StretchBlt

Exports

Exports

DllInit
DllInstall

Sections

.text
Size: 60KB - Virtual size: 58KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 4KB - Virtual size: 1008B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

2cbf483f18cd1d2831236788321d383b

Headers

File Characteristics

Imports

kernel32

user32

shlwapi

advapi32

shell32

gdi32

Exports

Exports

Sections

.text Size: 60KB - Virtual size: 58KB

.rdata Size: 12KB - Virtual size: 10KB

.data Size: 4KB - Virtual size: 1008B

.reloc Size: 4KB - Virtual size: 2KB

.text
Size: 60KB - Virtual size: 58KB

.rdata
Size: 12KB - Virtual size: 10KB

.data
Size: 4KB - Virtual size: 1008B

.reloc
Size: 4KB - Virtual size: 2KB