71e7301dc8e406d0ec4d0c563b331103_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

71e7301dc8e406d0ec4d0c563b331103_JaffaCakes118
Size

356KB
MD5

71e7301dc8e406d0ec4d0c563b331103
SHA1

762a7949a2f55f10a76224bd7b000cb85207e006
SHA256

f7383bc2b18eb6c1d59b740873ead04fc762092938655aea7d59608ba03c85ea
SHA512

8b269f93640cdf1ab5a7b32bc6c93d5f953025e7e48463aca9c6829c00cd87a841ab108677a3fd4eae1c89aaf4bd20c8ec4a00832aa6e1a461dfdd417d410b20
SSDEEP

6144:z32m6MM7nPMFLx7IDy8RH4IPWVZdoeRltt1t0r/Yl2yIuuiDHm4PCOJ:z32P17hDy8KXl7t1t0bfyISD5PC

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
71e7301dc8e406d0ec4d0c563b331103_JaffaCakes118

Files

71e7301dc8e406d0ec4d0c563b331103_JaffaCakes118
.dll regsvr32 windows:5 windows x86 arch:x86

5b2e3f4ca22ef028c44da33b002a9d44

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

imagehlp

UnMapAndLoad
MapAndLoad

wininet

InternetConnectW
InternetOpenW
HttpOpenRequestW
InternetCrackUrlW
FindCloseUrlCache
FindNextUrlCacheEntryExW
DeleteUrlCacheEntryW
FindFirstUrlCacheEntryExW
InternetCloseHandle
InternetReadFile
HttpQueryInfoW
HttpSendRequestW
InternetSetOptionW
InternetQueryOptionW

version

GetFileVersionInfoW
VerQueryValueW
GetFileVersionInfoSizeW

rpcrt4

UuidToStringW
RpcStringFreeW

kernel32

FileTimeToSystemTime
ReadFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
GetCurrentProcess
FindClose
FindFirstFileW
GetFullPathNameW
FileTimeToLocalFileTime
GetFileAttributesW
GetFileSizeEx
lstrcmpA
HeapFree
HeapAlloc
TerminateProcess
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
GetCommandLineA
RtlUnwind
RaiseException
HeapReAlloc
HeapSize
Sleep
ExitProcess
VirtualProtect
VirtualAlloc
HeapCreate
HeapDestroy
VirtualFree
GetStdHandle
GetModuleFileNameA
GetCPInfo
GetACP
GetOEMCP
IsValidCodePage
LCMapStringW
SetHandleCount
GetFileType
GetStartupInfoA
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetSystemTimeAsFileTime
InitializeCriticalSectionAndSpinCount
GetTimeZoneInformation
LCMapStringA
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetConsoleCP
GetConsoleMode
SetStdHandle
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
CreateFileA
SetEnvironmentVariableA
CompareStringA
InterlockedExchange
GlobalFlags
GetThreadLocale
GetCurrentProcessId
SetErrorMode
TlsFree
DeleteCriticalSection
LocalReAlloc
TlsSetValue
TlsAlloc
InitializeCriticalSection
GlobalHandle
GlobalReAlloc
EnterCriticalSection
TlsGetValue
LeaveCriticalSection
GetModuleHandleA
FreeResource
GetCurrentThreadId
GlobalAddAtomW
GlobalFindAtomW
GlobalDeleteAtom
CompareStringW
LoadLibraryA
GetModuleHandleW
GetVersionExA
SetLastError
GlobalFree
GlobalAlloc
GlobalLock
GlobalUnlock
FormatMessageW
MulDiv
CreateProcessW
ReleaseMutex
OpenMutexW
CreateMutexW
WaitForSingleObject
ExitThread
CreateThread
lstrcmpW
GetVersionExW
WideCharToMultiByte
GetVolumeInformationW
GetWindowsDirectoryW
GetSystemInfo
UnmapViewOfFile
MapViewOfFile
CreateFileMappingW
DeleteFileW
LockResource
SystemTimeToFileTime
GetLocalTime
VirtualQuery
WriteFile
GetTempFileNameW
GetEnvironmentVariableW
lstrlenA
LoadLibraryW
GetFileSize
CreateFileW
FreeLibrary
MultiByteToWideChar
SizeofResource
LoadResource
FindResourceW
GetLastError
GetModuleFileNameW
GetProcAddress
CloseHandle
InterlockedDecrement
InterlockedIncrement
GetTickCount
LocalFree
LocalAlloc
lstrlenW
GetFileTime

user32

RegisterClipboardFormatW
PostThreadMessageW
GetMessageW
TranslateMessage
ValidateRect
EndPaint
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringW
DrawTextExW
DrawTextW
TabbedTextOutW
SetWindowContextHelpId
MapDialogRect
GetDesktopWindow
GetActiveWindow
CreateDialogIndirectParamW
GetNextDlgTabItem
EndDialog
IsWindowEnabled
MoveWindow
SetWindowTextW
IsDialogMessageW
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuW
EnableMenuItem
CheckMenuItem
RegisterWindowMessageW
LoadIconW
SendDlgItemMessageW
SendDlgItemMessageA
WinHelpW
IsChild
CharUpperW
SetWindowsHookExW
CallNextHookEx
GetClassLongW
GetFocus
IsWindow
SetFocus
LoadCursorW
GetForegroundWindow
GetLastActivePopup
SetActiveWindow
DispatchMessageW
GetDlgItem
GetTopWindow
DestroyWindow
UnhookWindowsHookEx
GetMessageTime
PeekMessageW
MapWindowPoints
GetKeyState
SetMenu
SetForegroundWindow
IsWindowVisible
UpdateWindow
PostMessageW
MessageBoxW
CreateWindowExW
GetClassInfoExW
GetClassInfoW
RegisterClassW
GetSysColor
AdjustWindowRectEx
ScreenToClient
EqualRect
CopyRect
PtInRect
GetDlgCtrlID
DefWindowProcW
GetMenu
GetWindowLongW
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetSystemMetrics
GetWindow
GetMenuState
GetMenuItemID
GetMenuItemCount
GetSubMenu
GetClientRect
MessageBeep
GetNextDlgGroupItem
ReleaseCapture
SetCapture
InvalidateRgn
InvalidateRect
SetRect
IsRectEmpty
CopyAcceleratorTableW
PostQuitMessage
DestroyMenu
CharNextW
GetCapture
GetWindowThreadProcessId
ShowWindow
BringWindowToTop
GetParent
GetWindowRect
SetPropW
CallWindowProcW
RemovePropW
SetWindowLongW
GetPropW
SendMessageW
RealGetWindowClassW
GetClassNameW
GetWindowTextW
EnumChildWindows
EnableWindow
GetSysColorBrush
UnregisterClassW
GetMessagePos

gdi32

SetViewportOrgEx
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
ExtSelectClipRgn
DeleteDC
Escape
GetStockObject
SetMapMode
GetBkColor
GetTextColor
CreateRectRgnIndirect
GetRgnBox
GetMapMode
ExtTextOutW
TextOutW
RectVisible
PtVisible
RestoreDC
SaveDC
CreateBitmap
GetObjectW
SetBkColor
SetTextColor
GetClipBox
GetDeviceCaps
GetWindowExtEx
GetViewportExtEx
DeleteObject
SelectObject

comdlg32

GetFileTitleW

winspool.drv

ClosePrinter
DocumentPropertiesW
OpenPrinterW

advapi32

CryptReleaseContext
CryptDestroyHash
CryptGetHashParam
CryptHashData
CryptCreateHash
CryptAcquireContextW
RegCreateKeyW
RegSetValueExW
RegQueryValueExW
RegCloseKey
RegDeleteValueW

shlwapi

SHDeleteKeyW
SHSetValueW
PathStripToRootW
PathFindFileNameW
UrlUnescapeW
StrStrIW
UrlGetPartW
PathFindExtensionW
PathIsUNCW
StrCmpIW

oledlg

OleUIBusyW

ole32

CoRegisterMessageFilter
OleFlushClipboard
OleIsCurrentClipboard
CoRevokeClassObject
OleInitialize
CoFreeUnusedLibraries
OleUninitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
StgOpenStorageOnILockBytes
CoGetClassObject
CLSIDFromString
CLSIDFromProgID
CoTaskMemAlloc
CoUninitialize
CoInitialize
StringFromCLSID
CoCreateInstance
CoTaskMemFree

oleaut32

SystemTimeToVariantTime
VariantTimeToSystemTime
OleCreateFontIndirect
SafeArrayDestroy
SafeArrayPutElement
SafeArrayCreateVector
SysAllocStringLen
VarBstrCmp
VariantChangeType
VariantInit
VariantClear
SysAllocString
SysFreeString
SysStringLen
SysAllocStringByteLen
SysStringByteLen
VarBstrCat
VariantCopy

urlmon

URLDownloadToFileW
UrlMkGetSessionOption

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 240KB - Virtual size: 240KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 64KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 11KB - Virtual size: 26KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1KB - Virtual size: 1KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 37KB - Virtual size: 36KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

5b2e3f4ca22ef028c44da33b002a9d44

Headers

File Characteristics

Imports

imagehlp

wininet

version

rpcrt4

kernel32

user32

gdi32

comdlg32

winspool.drv

advapi32

shlwapi

oledlg

ole32

oleaut32

urlmon

Exports

Exports

Sections

.text Size: 240KB - Virtual size: 240KB

.rdata Size: 64KB - Virtual size: 64KB

.data Size: 11KB - Virtual size: 26KB

.rsrc Size: 1KB - Virtual size: 1KB

.reloc Size: 37KB - Virtual size: 36KB

.text
Size: 240KB - Virtual size: 240KB

.rdata
Size: 64KB - Virtual size: 64KB

.data
Size: 11KB - Virtual size: 26KB

.rsrc
Size: 1KB - Virtual size: 1KB

.reloc
Size: 37KB - Virtual size: 36KB