706e18e2692fae5829d8888481ed3d76_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

706e18e2692fae5829d8888481ed3d76_JaffaCakes118
Size

252KB
MD5

706e18e2692fae5829d8888481ed3d76
SHA1

5fcfa8e78175c0a677ca8917efb20d88d8d744f6
SHA256

9c1bec0f0a456f10a7bc28c0cb1bbe6c0301389fd671fb193e1c52e0ed60899d
SHA512

4feaaacdbacad10479a46243cb601f3380311566e0c0e46f3a3f78042885d1caf066d4b3c41852bf85227bf531dd9f0884f006433dfd6c5984f8469a772fe75f
SSDEEP

6144:Ht3r/KVOXU1Iq+kQSbx/MQ9s8YcsSUTKWmnDV:N3rZXUiq+5Sb+Ss818yZ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
706e18e2692fae5829d8888481ed3d76_JaffaCakes118

Files

706e18e2692fae5829d8888481ed3d76_JaffaCakes118
.dll windows:4 windows x86 arch:x86

426fba11f8ba4844063e400fc2b00942

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

user32

WinHelpA
ValidateRect
UnregisterClassA
UnhookWindowsHookEx
TranslateMessage
TabbedTextOutA
SystemParametersInfoA
ShowWindow
SetWindowsHookExA
SetWindowTextA
SetWindowPos
SetWindowLongA
SetPropA
SetMenuItemBitmaps
SetForegroundWindow
SetCursor
SendMessageA
RemovePropA
ReleaseDC
RegisterWindowMessageA
RegisterClassA
PtInRect
PostQuitMessage
PostMessageA
PeekMessageA
ModifyMenuA
MessageBoxA
MapWindowPoints
LoadIconA
LoadCursorA
LoadBitmapA
IsWindowVisible
IsWindowEnabled
IsWindow
IsIconic
GrayStringA
GetWindowThreadProcessId
GetWindowTextA
GetWindowRect
GetWindowPlacement
GetWindowLongA
GetWindow
GetTopWindow
GetSystemMetrics
GetSysColorBrush
GetSysColor
GetSubMenu
GetPropA
GetParent
GetMessageTime
GetMessagePos
GetMessageA
GetMenuState
GetMenuItemID
GetMenuItemCount
GetMenuCheckMarkDimensions
GetMenu
GetLastActivePopup
GetKeyState
GetForegroundWindow
GetFocus
GetDlgItem
GetDlgCtrlID
GetDC
GetCursorPos
GetClientRect
GetClassNameA
GetClassLongA
GetClassInfoExA
GetClassInfoA
GetCapture
GetActiveWindow
EnableWindow
EnableMenuItem
DrawTextExA
DrawTextA
DispatchMessageA
DestroyWindow
DestroyMenu
DefWindowProcA
CreateWindowExA
CopyRect
ClientToScreen
CheckMenuItem
CharUpperA
CallWindowProcA
CallNextHookEx
AdjustWindowRectEx

setupapi

SetupDiGetDeviceInstanceIdA
SetupDiDestroyDeviceInfoList
SetupDiEnumDeviceInfo
SetupDiGetDeviceRegistryPropertyA
SetupDiGetDeviceInterfaceDetailA
CM_Get_DevNode_Status_Ex
SetupDiGetClassDevsA
SetupDiEnumDeviceInterfaces

shlwapi

PathFindFileNameA
PathFindExtensionA

gdi32

TextOutA
SetWindowExtEx
SetViewportOrgEx
SetViewportExtEx
SetTextColor
SetMapMode
SetBkColor
SelectObject
ScaleWindowExtEx
ScaleViewportExtEx
SaveDC
RestoreDC
RectVisible
PtVisible
OffsetViewportOrgEx
GetStockObject
GetDeviceCaps
GetClipBox
ExtTextOutA
Escape
DeleteObject
DeleteDC
CreateBitmap

oleaut32

VariantClear
VariantChangeType
VariantInit

kernel32

SetFilePointer
SetErrorMode
RtlUnwind
ReadFile
RaiseException
QueryPerformanceCounter
MultiByteToWideChar
LockResource
LocalReAlloc
LocalFree
LocalAlloc
LoadResource
LoadLibraryA
LeaveCriticalSection
LCMapStringW
LCMapStringA
IsValidCodePage
IsDebuggerPresent
InterlockedIncrement
InterlockedExchange
InterlockedDecrement
InitializeCriticalSection
HeapSize
SetHandleCount
HeapFree
HeapDestroy
HeapCreate
HeapAlloc
GlobalUnlock
GlobalReAlloc
GlobalLock
GlobalHandle
GlobalGetAtomNameA
GlobalFree
GlobalFlags
GlobalFindAtomA
GlobalDeleteAtom
GlobalAlloc
GlobalAddAtomA
GetWindowsDirectoryA
GetVersionExA
GetVersion
GetTickCount
GetThreadLocale
GetSystemTimeAsFileTime
GetStringTypeW
GetStringTypeA
GetStdHandle
GetStartupInfoA
GetProcessHeap
GetProcAddress
GetOEMCP
GetModuleHandleA
GetModuleFileNameW
GetModuleFileNameA
GetLocaleInfoA
GetLastError
GetFileType
GetFileSize
GetEnvironmentStringsW
GetEnvironmentStringsA
GetCurrentThreadId
GetCurrentThread
GetCurrentProcessId
SetLastError
SetStdHandle
SetUnhandledExceptionFilter
SizeofResource
Sleep
TerminateProcess
TlsAlloc
TlsFree
TlsGetValue
TlsSetValue
UnhandledExceptionFilter
VirtualAlloc
VirtualFree
WideCharToMultiByte
WriteConsoleA
WriteConsoleW
WriteFile
WritePrivateProfileStringA
lstrcatA
lstrcmpA
lstrcmpW
lstrlenA
HeapReAlloc
GetConsoleOutputCP
GetConsoleMode
GetConsoleCP
GetCommandLineA
CloseHandle
CompareStringA
ConvertDefaultLocale
CreateFileA
DeleteCriticalSection
DeviceIoControl
EnterCriticalSection
EnumResourceLanguagesA
ExitProcess
FindResourceA
FlushFileBuffers
FormatMessageA
FreeEnvironmentStringsA
FreeEnvironmentStringsW
FreeLibrary
GetACP
GetCPInfo
GetCurrentProcess

advapi32

RegSetValueExA
RegQueryValueExA
RegQueryValueA
RegOpenKeyExA
RegOpenKeyA
RegEnumValueA
RegEnumKeyExA
RegEnumKeyA
RegDeleteKeyA
RegCreateKeyExA
RegCreateKeyA
RegCloseKey
OpenThreadToken
OpenProcessToken
LookupPrivilegeNameA
GetTokenInformation

Exports

Exports

AddDataToImageItem
BindTexture2D
CopyClickWBCoefs
CreateFolder
EnumDeviceReset
EnumRelCamSettingReset
GetAFDistanceSettingCount
GetDevice
GetDiscErasingTime
GetExposureComp
MallocPitch
RegisterFatBinary
UnbindTexture
WGLGetDevice

Sections

.text
Size: 144KB - Virtual size: 144KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.data
Size: 96KB - Virtual size: 136KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

426fba11f8ba4844063e400fc2b00942

Headers

File Characteristics

Imports

winspool.drv

user32

setupapi

shlwapi

gdi32

oleaut32

kernel32

advapi32

Exports

Exports

Sections

.text Size: 144KB - Virtual size: 144KB

.data Size: 96KB - Virtual size: 136KB

.rsrc Size: 4KB - Virtual size: 4KB

.reloc Size: 4KB - Virtual size: 4KB

.text
Size: 144KB - Virtual size: 144KB

.data
Size: 96KB - Virtual size: 136KB

.rsrc
Size: 4KB - Virtual size: 4KB

.reloc
Size: 4KB - Virtual size: 4KB