74a9d2afe4c02a48f68b7ae8c1bedbbf_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

74a9d2afe4c02a48f68b7ae8c1bedbbf_JaffaCakes118
Size

3.4MB
MD5

74a9d2afe4c02a48f68b7ae8c1bedbbf
SHA1

3f814c6f1bf4545707633a058a7af1136f8901ea
SHA256

80747893a1c549f9efac06401a24938b12f71a60694d26c7953d06a2fb8a6c79
SHA512

da152056290cfdf29b5e1e63cce1421307e44d65d3f2676da489c98322872b4aaa2a8d26ffb145851dcc5d9830194d4a4bd628f01fb0f70535ae377af5371f70
SSDEEP

49152:XcImfFuxXMOoV7/0NdyjYWzOxG5HoxFgkF51TgtI5nN+f+zKmoTtGg68lFXMfQZe:k/0NhLXT/TUuFq

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
74a9d2afe4c02a48f68b7ae8c1bedbbf_JaffaCakes118

Files

74a9d2afe4c02a48f68b7ae8c1bedbbf_JaffaCakes118
.exe windows:4 windows x64 arch:x64

41e6e428a0bee34c7280bde2c0996c95

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_TERMINAL_SERVER_AWARE

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LARGE_ADDRESS_AWARE

PDB Paths

d:\p4root\stable19\out\ReleaseAMD64\Veedub64.pdb

Imports

winmm

waveInGetDevCapsA
mixerOpen
mixerGetLineInfoA
mixerGetLineControlsA
mixerGetControlDetailsA
waveInOpen
waveInPrepareHeader
waveInAddBuffer
waveInStart
waveInReset
waveInUnprepareHeader
waveInClose
mixerSetControlDetails
mixerClose
waveOutReset
waveOutUnprepareHeader
waveOutClose
waveOutOpen
waveOutPrepareHeader
waveOutPause
waveOutGetPosition
waveOutWrite
waveOutRestart
timeGetTime
timeBeginPeriod
timeSetEvent
timeEndPeriod
timeKillEvent
timeGetDevCaps
waveOutGetDevCapsA
waveOutGetNumDevs
DefDriverProc

msvfw32

ICImageDecompress
ICDecompress
ICCompress
ICRemove
ICGetInfo
ICSendMessage
ICOpen
ICClose
ICInfo

avifil32

AVIFileInit
AVIFileExit
AVIFileOpenA
AVIFileGetStream
AVIFileRelease
AVIStreamBeginStreaming
AVIStreamEndStreaming
AVIStreamInfoA
AVIStreamFindSample
AVIStreamRead
AVIStreamStart
AVIStreamLength
AVIStreamReadFormat

msacm32

acmStreamOpen
acmStreamUnprepareHeader
acmStreamConvert
acmStreamPrepareHeader
acmStreamSize
acmDriverID
acmStreamClose
acmMetrics
acmDriverEnum
acmDriverOpen
acmFormatTagEnumA
acmDriverClose
acmDriverDetailsA
acmFormatEnumA
acmFormatSuggest
acmFormatDetailsA

comctl32

ImageList_Destroy
ImageList_Add
ord16
ord17
ord6
ImageList_Create

kernel32

SetUnhandledExceptionFilter
GetVersionExA
ExitProcess
ReleaseSemaphore
GetVersion
GetLastError
SetFilePointer
GetStdHandle
SetPriorityClass
FindClose
FindNextFileA
FindFirstFileA
GetComputerNameA
OpenProcess
GetSystemTimeAsFileTime
CreateFileW
GetLocalTime
FileTimeToSystemTime
FileTimeToLocalFileTime
GetCommandLineW
DeleteFileA
LoadLibraryW
GetProcessTimes
GetVolumeInformationW
FindResourceExA
CreateProcessW
DeleteFileW
GlobalFree
GlobalUnlock
GlobalLock
GlobalAlloc
MapViewOfFile
OpenFileMappingA
UnmapViewOfFile
IsDebuggerPresent
GetThreadPriority
GetPriorityClass
GetWindowsDirectoryA
OutputDebugStringA
SuspendThread
SetEvent
WaitForMultipleObjects
CreateSemaphoreA
GetThreadContext
CreateEventA
MultiByteToWideChar
SetLastError
FormatMessageA
QueryPerformanceCounter
QueryPerformanceFrequency
GetFileAttributesA
GetFileAttributesW
FindFirstFileW
GetModuleFileNameW
FindNextFileW
GetDiskFreeSpaceW
GetDiskFreeSpaceA
GetDriveTypeW
SetEndOfFile
FindCloseChangeNotification
FindNextChangeNotification
FindFirstChangeNotificationW
GetOverlappedResult
FlushInstructionCache
EnumResourceNamesA
FreeEnvironmentStringsA
SetStdHandle
HeapSize
GetFileType
SetHandleCount
LCMapStringW
LCMapStringA
RtlCaptureContext
IsValidCodePage
GetOEMCP
GetACP
GetCPInfo
HeapCreate
HeapSetInformation
FlsAlloc
TlsSetValue
FlsFree
TlsFree
FlsSetValue
FlsGetValue
GetStartupInfoA
GetProcessHeap
GetCommandLineA
CreateThread
ExitThread
HeapReAlloc
RtlPcToFileHeader
HeapFree
HeapAlloc
RtlUnwindEx
RtlLookupFunctionEntry
CreateFileMappingA
ResumeThread
UnhandledExceptionFilter
TerminateProcess
GetCurrentThreadId
GetCurrentThread
DuplicateHandle
GetSystemInfo
ReadProcessMemory
FreeEnvironmentStringsW
GetEnvironmentStringsW
GetStringTypeA
GetStringTypeW
GetLocaleInfoA
GetConsoleCP
GetConsoleMode
FlushFileBuffers
RtlVirtualUnwind
WriteConsoleA
GetConsoleOutputCP
WriteConsoleW
WriteFile
GetCurrentProcess
CreateFileA
GetFileSize
ReadFile
CloseHandle
VirtualQuery
GetModuleFileNameA
GetFullPathNameA
__C_specific_handler
GetModuleHandleA
GetProcAddress
VirtualProtect
GetTickCount
GetCurrentProcessId
MoveFileW
VirtualAlloc
VirtualFree
LoadLibraryA
FreeLibrary
WideCharToMultiByte
LeaveCriticalSection
EnterCriticalSection
DeleteCriticalSection
InitializeCriticalSection
WaitForSingleObject
SetThreadPriority
Sleep
MulDiv
FindResourceA
LoadResource
LockResource
SizeofResource
FreeResource
RaiseException
GetEnvironmentStrings

user32

SetCapture
GetMessagePos
GetDialogBaseUnits
SetScrollInfo
GetScrollInfo
ScrollWindow
HideCaret
ShowCaret
SetScrollRange
SetScrollPos
SetCaretPos
DestroyCaret
CreateCaret
GetWindowTextLengthA
GetFocus
ShowCursor
SetCursorPos
IsWindowEnabled
GetDCEx
GetWindowThreadProcessId
GetForegroundWindow
AppendMenuW
SetMenuItemInfoW
CallWindowProcW
DrawTextW
GetWindowTextW
GetWindowTextLengthW
GetMenuItemInfoW
LockWindowUpdate
GetCapture
InvertRect
GetNextDlgTabItem
CopyAcceleratorTableA
GetKeyNameTextA
GetKeyNameTextW
MapVirtualKeyA
CreateAcceleratorTableA
CreateDialogIndirectParamA
CreateDialogIndirectParamW
DefDlgProcA
DefDlgProcW
GetClassLongA
DrawFrameControl
GetWindowTextA
ScrollWindowEx
RegisterClassW
DefWindowProcW
GetSystemMenu
CreateMenu
SetRect
DestroyAcceleratorTable
GetAsyncKeyState
CreatePopupMenu
ReleaseCapture
SetMenu
GetKeyState
CheckMenuRadioItem
IsWindowUnicode
GetMenu
GetMenuItemInfoA
RemoveMenu
InsertMenuItemA
InsertMenuItemW
DrawMenuBar
GetMenuItemCount
DeleteMenu
EnableMenuItem
CheckMenuItem
EnumDisplaySettingsA
RedrawWindow
GetMessageA
OpenClipboard
EmptyClipboard
SetClipboardData
CloseClipboard
ExitWindowsEx
InflateRect
GetWindowLongPtrW
SetWindowLongPtrW
SendMessageW
GetDlgItemTextA
PostThreadMessageA
SetForegroundWindow
WaitMessage
CreateWindowExW
DialogBoxParamW
SetWindowsHookExA
CallNextHookEx
TranslateAcceleratorA
BeginDeferWindowPos
DeferWindowPos
SetWindowTextW
LoadImageA
IsZoomed
GetWindowPlacement
GetCursorInfo
SetWindowPlacement
UnhookWindowsHookEx
IsWindow
IsDialogMessageA
AdjustWindowRectEx
PtInRect
ClientToScreen
TrackMouseEvent
GetSysColor
LoadAcceleratorsA
DrawTextA
GetClassLongPtrA
LoadStringA
SystemParametersInfoA
GetWindow
SetCursor
GetCursorPos
RegisterHotKey
DrawEdge
UnregisterHotKey
SetMenuItemInfoA
CallWindowProcA
GetIconInfo
SendDlgItemMessageW
LoadCursorA
RegisterClassA
AdjustWindowRect
CreateWindowExA
UnregisterClassA
DefWindowProcA
PeekMessageA
TranslateMessage
DispatchMessageA
MapWindowPoints
CreateDialogParamW
IsIconic
ScreenToClient
CreateDialogParamA
KillTimer
SetWindowLongA
MapDialogRect
ScrollDC
ReleaseDC
IntersectRect
DestroyWindow
MsgWaitForMultipleObjects
PostQuitMessage
wvsprintfA
SetDlgItemInt
GetDlgItemInt
MessageBeep
GetSubMenu
TrackPopupMenu
LoadMenuA
DestroyMenu
SetWindowTextA
MessageBoxA
CheckDlgButton
SetTimer
SetFocus
GetParent
GetWindowRect
GetSystemMetrics
SetWindowPos
DialogBoxParamA
SendDlgItemMessageA
IsDlgButtonChecked
EnableWindow
GetWindowLongPtrA
OffsetRect
UnionRect
InvalidateRect
EndDialog
GetDlgItem
wsprintfA
SetDlgItemTextA
SendMessageA
UpdateWindow
GetClientRect
GetDC
EnumChildWindows
LoadIconA
FillRect
DrawIcon
SetWindowLongPtrA
BeginPaint
EndPaint
PostMessageA
GetWindowLongA
ShowWindow
EndDeferWindowPos

gdi32

ExcludeClipRect
SaveDC
StretchDIBits
LineTo
MoveToEx
SetTextAlign
GetTextMetricsA
Polygon
TextOutA
RestoreDC
SetBkMode
SetTextColor
CreateSolidBrush
OffsetViewportOrgEx
GetClipBox
ExtTextOutW
RectVisible
GetTextExtentExPointW
Ellipse
PolylineTo
CreateFontIndirectA
GetObjectA
ExtSelectClipRgn
OffsetClipRgn
SetDIBitsToDevice
CreateBitmap
GetSystemPaletteEntries
PolyPolyline
CreatePalette
GetNearestPaletteIndex
GetDIBits
RealizePalette
SelectPalette
ExtTextOutA
CreateFontA
GdiFlush
SelectObject
DeleteObject
DeleteDC
GetStockObject
GetDeviceCaps
CreateCompatibleBitmap
StretchBlt
SwapBuffers
SetPixelFormat
ChoosePixelFormat
Polyline
GetTextExtentPoint32A
CreatePen
GetTextExtentPoint32W
SetBkColor
CreateCompatibleDC
CreateDIBSection
BitBlt
SetStretchBltMode

comdlg32

GetSaveFileNameA
GetOpenFileNameA
GetOpenFileNameW
GetSaveFileNameW
CommDlgExtendedError
ChooseColorA

advapi32

RegCreateKeyExA
RegCloseKey
RegDeleteValueA
RegQueryValueExW
RegEnumValueA
RegSetValueExW
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegSetValueExA
RegQueryValueExA
RegOpenKeyExA

shell32

SHBrowseForFolderA
SHGetPathFromIDListA
DragQueryFileW
DragQueryFileA
DragFinish
ShellExecuteA
DragAcceptFiles
SHGetMalloc

ole32

CreateItemMoniker
GetRunningObjectTable
CoTaskMemFree
CoTaskMemAlloc
CoCreateInstance
CoGetObject
CoUninitialize
CoInitialize

oleaut32

SysFreeString
OleCreatePropertyFrame

Sections

.text
Size: 2.3MB - Virtual size: 2.3MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.const
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 619KB - Virtual size: 619KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 21KB - Virtual size: 146KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.pdata
Size: 149KB - Virtual size: 149KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.tls
Size: 512B - Virtual size: 512B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 298KB - Virtual size: 298KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

41e6e428a0bee34c7280bde2c0996c95

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

winmm

msvfw32

avifil32

msacm32

comctl32

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Sections

.text Size: 2.3MB - Virtual size: 2.3MB

.const Size: 512B - Virtual size: 512B

.rdata Size: 619KB - Virtual size: 619KB

.data Size: 21KB - Virtual size: 146KB

.pdata Size: 149KB - Virtual size: 149KB

.tls Size: 512B - Virtual size: 512B

.rsrc Size: 298KB - Virtual size: 298KB

.text
Size: 2.3MB - Virtual size: 2.3MB

.const
Size: 512B - Virtual size: 512B

.rdata
Size: 619KB - Virtual size: 619KB

.data
Size: 21KB - Virtual size: 146KB

.pdata
Size: 149KB - Virtual size: 149KB

.tls
Size: 512B - Virtual size: 512B

.rsrc
Size: 298KB - Virtual size: 298KB