719150653b8603e6d78022d32dc70c5d_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

719150653b8603e6d78022d32dc70c5d_JaffaCakes118
Size

112KB
MD5

719150653b8603e6d78022d32dc70c5d
SHA1

af57eeaa354d3785e9fb0f617ee50461de677237
SHA256

f7380f95b554682f54ebbadbb6f46c8ad439ee9611a234bfdb52cff2f9e3d621
SHA512

9164d3bee4de0f8af4eb13a669164a6ab5788b6b60de4a4811c383c23bc7511e8a2463e16f3eac44539b9ab996bde81878f2d457346eab4c5daadb99e0d01e1f
SSDEEP

1536:/7H+0Cas0cYMcgFgQWXlweFN5IRXEve/2jOIOyj5YTGZhZiSaTawe/zHfFyzGcK:/7W3Yr+z7eFfItUjVRWoite/bF

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
719150653b8603e6d78022d32dc70c5d_JaffaCakes118

Files

719150653b8603e6d78022d32dc70c5d_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

108cc884f475839d447f0bb197a0f959

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

kernel32

VirtualProtect
GetProcAddress
CopyFileA
EnterCriticalSection
LoadLibraryA
WaitForSingleObject
Sleep
GlobalAlloc
HeapAlloc
GetModuleFileNameA
MapViewOfFile
ReleaseMutex
MoveFileA
InterlockedDecrement
GetModuleHandleA
CreateMutexA
GetProcessHeap
WriteFile
CreateFileMappingA
CloseHandle
ExpandEnvironmentStringsA
UnmapViewOfFile
LeaveCriticalSection
ReadFile
CreateThread
VirtualQuery
GetTickCount
DeleteFileA
InterlockedExchange
InitializeCriticalSection
CreateWaitableTimerA
CreatePipe
CreateNamedPipeW
OpenMutexA
DuplicateHandle
ResetEvent
GetDriveTypeW
GetCommandLineA
CreateFileMappingW
GetCompressedFileSizeW
SetLastError
PostQueuedCompletionStatus
SearchPathA
GetLongPathNameW
CreateRemoteThread
FindFirstChangeNotificationW
GetSystemDirectoryW
GlobalMemoryStatus
GetTempPathW
GetVersion
CreateMailslotW
SetFileAttributesA
GetTapeParameters
PeekConsoleInputA
GlobalAddAtomW
WaitForMultipleObjects
lstrcpynA
CancelWaitableTimer
EnumSystemLocalesA
ResumeThread
GetUserDefaultLangID
GetModuleHandleExW
GetDiskFreeSpaceW
OpenEventW
SetInformationJobObject
GetEnvironmentVariableA
FindVolumeClose
FindNextChangeNotification
ReplaceFileW
GetProfileStringA
GetConsoleOutputCP
GetSystemInfo
OpenMutexW
GetComputerNameExW
lstrcmpA
GetCommandLineW
GetCurrentThreadId
FlushFileBuffers
GetConsoleMode
lstrlenW
GlobalDeleteAtom
SetFilePointer
GetShortPathNameW
DosDateTimeToFileTime
LockFileEx
SetCurrentDirectoryA
GetLogicalDrives
LoadResource
HeapCompact
CompareStringA
GetDiskFreeSpaceExW
GetConsoleCP
GlobalFindAtomW
HeapSetInformation
SleepEx
lstrlenA
EnumResourceNamesW
GetThreadTimes
IsValidLocale
ReadFileEx
CancelIo
ExpandEnvironmentStringsW
ReadConsoleA
FindNextFileA
WriteConsoleInputA
GetSystemWindowsDirectoryA
GetUserDefaultUILanguage
OpenFileMappingA
SuspendThread
GetAtomNameW
GetCurrentDirectoryA
CreateMutexW
ReleaseSemaphore
FlushViewOfFile
SetTimeZoneInformation
ReadProcessMemory
CreateEventA
GetEnvironmentVariableW
FreeEnvironmentStringsW
FreeResource
SetVolumeLabelA
LCMapStringA
GetProfileIntW
GetStringTypeW
VirtualAlloc
SetConsoleScreenBufferSize
SetHandleInformation
RtlUnwind
TerminateJobObject
DeleteFileW
GetFileAttributesExW
GetLogicalDriveStringsA
AddAtomA
VerSetConditionMask
CreateProcessW
lstrcmpiA
SetErrorMode
GetLocaleInfoA

ole32

OleTranslateAccelerator
CreateGenericComposite
SetConvertStg
OleCreateLinkToFile
GetHGlobalFromStream
GetRunningObjectTable
OleLoadFromStream
CreatePointerMoniker
CoUnmarshalInterface
CoAllowSetForegroundWindow
IIDFromString
CoSwitchCallContext
MkParseDisplayName
CoGetCallContext
CoCreateGuid
FreePropVariantArray
StringFromGUID2
GetHGlobalFromILockBytes
CoRevertToSelf
CoMarshalInterface
OleCreateFromData
CoUninitialize
OleSetContainedObject
CoTaskMemFree
CoCreateInstance
CoInitialize
OleCreate
CoRegisterMessageFilter

user32

CharUpperA
SetClassLongA
ScrollWindow
UnregisterClassW
GetMenuItemCount
DefDlgProcA
WaitMessage
SetWindowPos
GetDlgItemTextW
DrawIcon
LoadImageA
LoadBitmapW
CheckMenuItem
GetProcessDefaultLayout
DefFrameProcA
CopyImage
GetMenuItemID
GetWindowTextA
EnumDisplaySettingsA
SetProcessWindowStation
PackDDElParam
EndDialog
GetDCEx
IntersectRect
SendNotifyMessageW
PostMessageA
GetMenuState
IsDlgButtonChecked
LoadStringW
SubtractRect
GetKeyNameTextW
RemoveMenu
DrawFrameControl
GetCursorPos
SetSysColors
GetCaretPos
CharPrevW
BeginPaint
RegisterWindowMessageW
GetShellWindow
GetGUIThreadInfo
NotifyWinEvent
CreateMenu
AllowSetForegroundWindow
SendNotifyMessageA
CharPrevA
CreateIcon
EnumWindows
DrawStateA
EnableScrollBar
SetDlgItemTextA
GetPropA
LoadStringA
GetUserObjectInformationW
IsMenu
OpenWindowStationW
MessageBeep
CloseDesktop
BringWindowToTop
DefMDIChildProcW
TrackPopupMenuEx
InvalidateRect
CharNextExA
WaitForInputIdle
CallNextHookEx
GetClassLongW
SetCapture
DestroyIcon
SetForegroundWindow
EnumChildWindows
InSendMessage
MapVirtualKeyW
EndTask
IsDialogMessageW
GetMessageTime
OpenInputDesktop
RedrawWindow
DestroyWindow
ChangeMenuA
GetClassInfoA
SendInput
ModifyMenuA
IsWindow
DestroyCursor
GetScrollInfo
GetUpdateRgn
SystemParametersInfoW
GetMonitorInfoA
DestroyMenu
CharLowerA
PostMessageW
InsertMenuItemW
RemovePropW
GetWindowTextLengthA
GetDC
AttachThreadInput
ReleaseDC
MessageBoxIndirectA
SendMessageW
SetThreadDesktop
GetWindowRect
GetLastActivePopup
GetUserObjectInformationA
SwitchToThisWindow
SetClassLongW
GetMenu
ShowScrollBar
CreateDialogIndirectParamW
CreatePopupMenu
CopyAcceleratorTableW
LoadIconA
LookupIconIdFromDirectory
GetSysColorBrush
BroadcastSystemMessageW
IsChild
CreateCursor
CreateAcceleratorTableW
WinHelpA
DrawTextA
GetWindowLongA
SendMessageA
CreateWindowExA
DispatchMessageA
GetClassNameA
RegisterClassExA
GetWindowThreadProcessId
SetWindowLongA
SetWindowsHookExA
GetClientRect
InvalidateRgn
CheckMenuRadioItem

shlwapi

StrCatBuffW
StrToIntExW
PathAddBackslashW
StrStrIA
SHSetValueW
wvnsprintfW
SHRegGetValueW
UrlCombineW
PathStripToRootW
PathCompactPathW
PathRemoveArgsW
UrlCreateFromPathW
PathGetCharTypeW
StrCpyW
PathIsDirectoryW
SHGetValueW
StrCmpNIA
SHRegSetPathW
StrRetToBufW
PathCreateFromUrlW
StrRChrW
PathRemoveBackslashW
StrCmpNIW
UrlGetPartW
StrToIntW
StrTrimW
PathFindExtensionA
UrlIsW
StrChrIW
SHDeleteKeyA
SHRegGetBoolUSValueW

shell32

SHBrowseForFolderW
SHParseDisplayName
SHGetMalloc
SHFileOperationA
DragFinish
ShellAboutW
SHFileOperationW
SHGetSettings
SHOpenFolderAndSelectItems
SHPathPrepareForWriteW
SHGetSpecialFolderPathW
ExtractIconA
SHGetFolderPathA

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 84KB - Virtual size: 82KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 12KB - Virtual size: 9KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 7KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 4KB - Virtual size: 3KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

108cc884f475839d447f0bb197a0f959

Headers

File Characteristics

Imports

kernel32

ole32

user32

shlwapi

shell32

Exports

Exports

Sections

.text Size: 84KB - Virtual size: 82KB

.rdata Size: 12KB - Virtual size: 9KB

.data Size: 8KB - Virtual size: 7KB

.reloc Size: 4KB - Virtual size: 3KB

.text
Size: 84KB - Virtual size: 82KB

.rdata
Size: 12KB - Virtual size: 9KB

.data
Size: 8KB - Virtual size: 7KB

.reloc
Size: 4KB - Virtual size: 3KB