73f154023e8b41c2101696dcf9eb1f4f_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

73f154023e8b41c2101696dcf9eb1f4f_JaffaCakes118
Size

2.8MB
MD5

73f154023e8b41c2101696dcf9eb1f4f
SHA1

19b02a6c968438dbf80207aa1136b9bcb0ea49d7
SHA256

1adf380e03a766b8550aee7f8a47b750a9d0f853aa4de4e4cd48ea505f9e5612
SHA512

56492d333597a6636b0aaefd0e09088e2d207a3d55a345909c8332bd428d663c471d09ab03d913599d715a55f4a5f54416075c55728eecd97575658543cbe30e
SSDEEP

49152:bNansr50Xc3MVIG856erl3O6epqaV/O6TLzCVxSJmS2xqk:Rasr5T3MeDrxnwVp2Va32x

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
73f154023e8b41c2101696dcf9eb1f4f_JaffaCakes118

Files

73f154023e8b41c2101696dcf9eb1f4f_JaffaCakes118
.dll windows:4 windows x86 arch:x86

1c65306a48a605fd7de402e930d6ee35

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\LocalSvnForDailyBuild\pushup_wending\trunk\bin\release\plug\Impetus.pdb

Imports

user32

GetClassInfoA
GetClassInfoExA
CreateWindowExA
GetMenu
SetForegroundWindow
TrackPopupMenu
MapWindowPoints
GetMessageTime
GetTopWindow
SetActiveWindow
GetForegroundWindow
RemovePropA
GetPropA
SetPropA
GetClassNameA
GetClassLongA
IsChild
WinHelpA
RegisterWindowMessageA
EndDialog
CreateDialogIndirectParamA
GetDesktopWindow
TabbedTextOutA
DrawTextExA
GrayStringA
GetWindowDC
BeginPaint
EndPaint
CharNextA
GetSysColorBrush
CopyAcceleratorTableA
IsRectEmpty
InvalidateRgn
GetNextDlgGroupItem
MessageBeep
PostThreadMessageA
GetMenuItemCount
LoadIconA
SetFocus
UnregisterClassA
DestroyWindow
SetClassLongA
GetKeyState
RegisterClipboardFormatA
MessageBoxA
GetClassNameW
GetWindowTextW
SetWindowTextW
SetWindowContextHelpId
GetWindowTextA
IntersectRect
SetWindowTextA
RegisterClassA
KillTimer
SystemParametersInfoA
SetTimer
SetCapture
GetCapture
ReleaseCapture
CallWindowProcA
PtInRect
GetComboBoxInfo
SetRect
UpdateWindow
SetWindowPos
GetSystemMetrics
DefWindowProcA
AppendMenuA
CreatePopupMenu
ScreenToClient
GetMessagePos
SetWindowLongA
EnumChildWindows
GetDlgCtrlID
DrawTextA
IsWindowVisible
IsIconic
GetWindowLongA
PostMessageA
DrawStateA
TrackPopupMenuEx
FillRect
DestroyIcon
GetSubMenu
DestroyMenu
DestroyCursor
OffsetRect
GetActiveWindow
WindowFromPoint
ClientToScreen
LoadImageA
SetCursor
CreateIconIndirect
GetIconInfo
ReleaseDC
GetParent
GetDC
GetNextDlgTabItem
DrawFocusRect
FrameRect
MapDialogRect
GetWindowThreadProcessId
GetLastActivePopup
SetWindowsHookExA
GetSysColor
InflateRect
CopyRect
GetWindowRect
GetClientRect
IsWindow
InvalidateRect
SendMessageA
EnableWindow
GetWindowPlacement
CharUpperA
AdjustWindowRectEx
EqualRect
LoadCursorA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
PeekMessageA
ValidateRect
PostQuitMessage
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapA
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
UnhookWindowsHookEx
GetWindowTextLengthA
GetFocus
IsWindowEnabled
ShowWindow
MoveWindow
IsDialogMessageA
IsDlgButtonChecked
SetDlgItemTextA
SetDlgItemInt
SendDlgItemMessageA
GetDlgItemTextA
GetDlgItemInt
GetDlgItem
CheckRadioButton
CheckDlgButton
FindWindowA
GetWindow
GetCursorPos
GetMenuItemID
DrawTextW

gdi32

GetMapMode
GetPixel
SetPixel
GetObjectA
CreateBitmap
CreatePen
CreateCompatibleDC
SelectObject
SetBkColor
BitBlt
SetTextColor
DeleteDC
CreateDIBSection
ExtSelectClipRgn
CreateCompatibleBitmap
DeleteObject
ScaleWindowExtEx
SetWindowExtEx
GetTextColor
GetRgnBox
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetWindowExtEx
GetViewportExtEx
CreateSolidBrush
CreateFontA
GetTextExtentPoint32A
Rectangle
SetTextAlign
CreateFontIndirectA
MoveToEx
LineTo
SetMapMode
RestoreDC
SaveDC
CreateRectRgnIndirect
GetClipBox
GetDeviceCaps
SetBkMode
Escape
GetStockObject
GetBkColor

winmm

timeGetTime
timeEndPeriod
timeBeginPeriod
PlaySoundA

shell32

SHFileOperationA
ShellExecuteExA
ShellExecuteA

d3d8

Direct3DCreate8

advapi32

RegCloseKey
RegOpenKeyA
RegQueryValueExA
RegSetValueExA
RegCreateKeyExA
RegQueryValueA
RegEnumKeyA
RegDeleteKeyA
RegOpenKeyExA

kernel32

SetStdHandle
InterlockedCompareExchange
GetConsoleOutputCP
CreateFileMappingW
SetEnvironmentVariableA
GetModuleFileNameW
WideCharToMultiByte
MultiByteToWideChar
lstrlenA
lstrlenW
GetLastError
CompareStringA
GetVersion
InterlockedExchange
CompareStringW
SizeofResource
LockResource
LoadResource
FindResourceA
InterlockedDecrement
GetLocalTime
CreateFileMappingA
GetCurrentProcessId
CloseHandle
MapViewOfFile
UnmapViewOfFile
FreeResource
DeleteFileA
GetTickCount
Sleep
FindFirstFileA
FindNextFileA
DeleteCriticalSection
LeaveCriticalSection
InitializeCriticalSection
EnterCriticalSection
TerminateProcess
GetCurrentProcess
GetModuleFileNameA
FreeLibrary
GetProcAddress
LoadLibraryA
InterlockedIncrement
GetModuleHandleA
GetVersionExA
GlobalMemoryStatus
FindClose
GetFileSize
ReadFile
CreateFileA
WriteFile
CreateFileW
IsProcessorFeaturePresent
HeapFree
GetProcessHeap
SetLastError
GlobalAlloc
lstrcmpA
GlobalLock
GetLocaleInfoA
EnumResourceLanguagesA
ConvertDefaultLocale
GetCurrentThreadId
GetCurrentThread
GlobalDeleteAtom
ResumeThread
GlobalAddAtomA
GlobalFree
MulDiv
LocalFree
FormatMessageA
GlobalUnlock
lstrcmpW
GlobalFindAtomA
GlobalGetAtomNameA
GetThreadLocale
RaiseException
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
SetEndOfFile
DuplicateHandle
GetVolumeInformationA
GetFullPathNameA
LocalAlloc
TlsGetValue
GlobalReAlloc
GlobalHandle
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
SetErrorMode
GlobalFlags
WritePrivateProfileStringA
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileAttributesA
GetFileTime
GetCPInfo
GetOEMCP
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
HeapAlloc
VirtualProtect
VirtualAlloc
GetSystemInfo
VirtualQuery
HeapReAlloc
ExitThread
CreateThread
GetSystemTimeAsFileTime
GetCommandLineA
RtlUnwind
ExitProcess
WriteConsoleW
GetFileType
GetStdHandle
HeapSize
HeapDestroy
HeapCreate
VirtualFree
GetACP
IsValidCodePage
GetConsoleCP
GetConsoleMode
SetHandleCount
GetStartupInfoA
LCMapStringA
LCMapStringW
GetStringTypeA
GetStringTypeW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
LoadLibraryW
GetTimeFormatA
GetDateFormatA
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
GetTimeZoneInformation
GetLocaleInfoW
WriteConsoleA

comdlg32

GetFileTitleA

winspool.drv

ClosePrinter
DocumentPropertiesA
OpenPrinterA

comctl32

_TrackMouseEvent
InitCommonControlsEx

shlwapi

PathStripToRootA
PathFindFileNameA
PathFindExtensionA
PathIsUNCA

oledlg

ord8

ole32

OleFlushClipboard
CoCreateInstance
OleIsCurrentClipboard
CoRegisterMessageFilter
CLSIDFromProgID
CLSIDFromString
OleUninitialize
CoFreeUnusedLibraries
OleInitialize
CoTaskMemFree
CoTaskMemAlloc
CoGetClassObject
StgOpenStorageOnILockBytes
StgCreateDocfileOnILockBytes
CreateILockBytesOnHGlobal
CoRevokeClassObject

oleaut32

SysFreeString
SafeArrayAccessData
SafeArrayUnaccessData
SafeArrayDestroy
SysAllocString
SysAllocStringByteLen
SysStringLen
VariantInit
VariantClear
VariantChangeType
SysAllocStringLen
OleCreateFontIndirect
VariantCopy
VariantTimeToSystemTime
SystemTimeToVariantTime
SafeArrayCreateVector

ws2_32

WSAStartup
WSACleanup
WSASetLastError

Exports

Exports

?load_object_data@?$iserializer@Vbinary_iarchive@archive@boost@@VShareHitchAcount@@@detail@archive@boost@@UBEXAAVbasic_iarchive@234@PAXI@Z
?save_object_data@?$oserializer@Vbinary_oarchive@archive@boost@@VShareHitchAcount@@@detail@archive@boost@@UBEXAAVbasic_oarchive@234@PBX@Z
GetPlugin

Sections

.text
Size: 1.8MB - Virtual size: 1.8MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 256KB - Virtual size: 253KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 60KB - Virtual size: 246KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.data1
Size: 4KB - Virtual size: 2KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 336KB - Virtual size: 332KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.vmp0
Size: 168KB - Virtual size: 167KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.reloc
Size: 116KB - Virtual size: 113KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

1c65306a48a605fd7de402e930d6ee35

Headers

File Characteristics

PDB Paths

Imports

user32

gdi32

winmm

shell32

d3d8

advapi32

kernel32

comdlg32

winspool.drv

comctl32

shlwapi

oledlg

ole32

oleaut32

ws2_32

Exports

Exports

Sections

.text Size: 1.8MB - Virtual size: 1.8MB

.rdata Size: 256KB - Virtual size: 253KB

.data Size: 60KB - Virtual size: 246KB

.data1 Size: 4KB - Virtual size: 2KB

.rsrc Size: 336KB - Virtual size: 332KB

.vmp0 Size: 168KB - Virtual size: 167KB

.reloc Size: 116KB - Virtual size: 113KB

.text
Size: 1.8MB - Virtual size: 1.8MB

.rdata
Size: 256KB - Virtual size: 253KB

.data
Size: 60KB - Virtual size: 246KB

.data1
Size: 4KB - Virtual size: 2KB

.rsrc
Size: 336KB - Virtual size: 332KB

.vmp0
Size: 168KB - Virtual size: 167KB

.reloc
Size: 116KB - Virtual size: 113KB