783881eb811ab6c6613caa50986375a8_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

783881eb811ab6c6613caa50986375a8_JaffaCakes118
Size

519KB
MD5

783881eb811ab6c6613caa50986375a8
SHA1

e936fd1d99d6ceec07b873b5c6fa9c869c86eb1d
SHA256

aa63ca3d371ae8817706c814c0549122f403e7ee78de90d9ce2a72918669b8b8
SHA512

42ffe34d37787d35f3a6d97683db7c42aa67afd8e2f7a08d846289a1faddb9ababd1751fb70153b632ddd70a5312acd6a4fd22e0a75f9a2dd259e07112622695
SSDEEP

12288:DdhWvKnpYPCcBryLiHaoVgci++tkUQcpAr6Rbdd8:pciGgci++6m06dd8

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
783881eb811ab6c6613caa50986375a8_JaffaCakes118

Files

783881eb811ab6c6613caa50986375a8_JaffaCakes118
.exe windows:4 windows x86 arch:x86

5e749a236201759162dab6ab2c944402

Headers

File Characteristics

IMAGE_FILE_RELOCS_STRIPPED
IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE

Imports

ufddll

??1CUsblib@@UAE@XZ
?Usblib_ReadUID@CUsblib@@QAEHPAEPAU_Storage_Struct@@@Z
?Usblib_ASPICMD_Start@CUsblib@@QAEHPAE@Z
?Usblib_SPTICMD_Start@CUsblib@@QAEHPAU_Storage_Struct@@@Z
?Usblib_SCSIBusScan@CUsblib@@QAEXPAU_Storage_Struct@@@Z
?Usblib_WriteUID@CUsblib@@QAEHPAEPAU_Storage_Struct@@@Z
?Usblib_ASPICMD_Stop@CUsblib@@QAEXXZ
??0CUsblib@@QAE@XZ
?Usblib_SPTICMD_Stop@CUsblib@@QAEXPAU_Storage_Struct@@@Z

kernel32

TlsFree
LeaveCriticalSection
GlobalReAlloc
EnterCriticalSection
TlsSetValue
LocalReAlloc
TlsGetValue
GlobalFlags
GetProcessVersion
GetCPInfo
GetOEMCP
FileTimeToSystemTime
FileTimeToLocalFileTime
GetFileAttributesA
GetFileTime
WritePrivateProfileStringA
GetCurrentDirectoryA
RtlUnwind
HeapFree
HeapAlloc
ExitProcess
GetStartupInfoA
GetCommandLineA
ExitThread
CreateThread
HeapSize
HeapReAlloc
GetACP
GetTimeFormatA
GetDateFormatA
SetUnhandledExceptionFilter
HeapDestroy
HeapCreate
VirtualFree
VirtualAlloc
IsBadWritePtr
LCMapStringA
LCMapStringW
GetStdHandle
UnhandledExceptionFilter
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GlobalHandle
SetHandleCount
GetFileType
GetStringTypeA
GetStringTypeW
GetTimeZoneInformation
VirtualProtect
GetSystemInfo
VirtualQuery
SetStdHandle
IsBadReadPtr
IsBadCodePtr
GetUserDefaultLCID
GetLocaleInfoA
EnumSystemLocalesA
IsValidLocale
IsValidCodePage
GetLocaleInfoW
CompareStringA
CompareStringW
SetEnvironmentVariableA
GetProcessHeap
SizeofResource
LockResource
LoadResource
FindResourceA
GetModuleFileNameA
WaitForSingleObject
GetLocalTime
Sleep
CreateEventA
GetProcAddress
LoadLibraryA
DeleteFileA
OutputDebugStringA
FreeLibrary
GetVolumeInformationA
GetLogicalDrives
SetEvent
MulDiv
ResetEvent
SetErrorMode
lstrcmpiA
GetVersionExA
DeleteCriticalSection
TlsAlloc
CloseHandle
GlobalUnlock
ReadFile
GlobalLock
GlobalAlloc
GetFileSize
CreateFileA
lstrcpyA
GetProfileStringA
InitializeCriticalSection
GetCurrentThread
GetThreadLocale
GetFullPathNameA
SetEndOfFile
UnlockFile
LockFile
FlushFileBuffers
SetFilePointer
WriteFile
DuplicateHandle
lstrcmpA
FindNextFileA
FindFirstFileA
FindClose
GlobalFree
lstrcpynA
FormatMessageA
MultiByteToWideChar
WideCharToMultiByte
lstrlenA
InterlockedIncrement
SuspendThread
SetThreadPriority
InterlockedDecrement
GetVersion
GlobalGetAtomNameA
GlobalAddAtomA
GlobalFindAtomA
GlobalDeleteAtom
GetModuleHandleA
LocalFree
RaiseException
InterlockedExchange
LocalAlloc
WinExec
lstrcatA
GetTickCount
ResumeThread
GetEnvironmentVariableA
GetSystemDefaultLCID
GetDriveTypeA
CreateMutexA
SetLastError
GetCurrentThreadId
GetCurrentProcess
GetLastError
GetEnvironmentStringsW

user32

TranslateMessage
GetMessageA
InflateRect
CreateDialogIndirectParamA
EndDialog
CharUpperA
PostQuitMessage
SetWindowContextHelpId
MapDialogRect
DestroyMenu
PtInRect
GetDesktopWindow
LoadCursorA
GetSysColorBrush
CharNextA
CopyAcceleratorTableA
SetRect
GetNextDlgGroupItem
MessageBeep
RegisterClipboardFormatA
PostThreadMessageA
SetWindowTextA
IsDialogMessageA
GrayStringA
DrawTextA
TabbedTextOutA
EndPaint
BeginPaint
GetWindowDC
ClientToScreen
PostMessageA
SendDlgItemMessageA
MapWindowPoints
PeekMessageA
DispatchMessageA
GetFocus
SetActiveWindow
SetFocus
AdjustWindowRectEx
GetActiveWindow
CopyRect
GetTopWindow
MessageBoxA
IsChild
GetCapture
WinHelpA
GetClassInfoA
RegisterClassA
GetMenuItemCount
GetMenuItemID
TrackPopupMenu
GetDlgItem
GetWindowTextLengthA
GetDlgCtrlID
GetKeyState
DefWindowProcA
DestroyWindow
CreateWindowExA
SetWindowsHookExA
CallNextHookEx
GetClassLongA
SetPropA
UnhookWindowsHookEx
GetPropA
RemovePropA
GetMessageTime
GetMessagePos
GetLastActivePopup
GetForegroundWindow
GetWindow
RegisterWindowMessageA
IntersectRect
GetWindowPlacement
CallWindowProcA
ExitWindowsEx
GetCursorPos
LoadMenuA
GetSubMenu
OpenInputDesktop
SwitchDesktop
SetThreadDesktop
DrawIcon
LoadIconA
LoadStringA
IsIconic
GetThreadDesktop
GetUserObjectInformationA
wsprintfA
LoadBitmapA
MessageBoxExA
ReleaseDC
EnumChildWindows
SetForegroundWindow
GetClassNameA
GetWindowTextA
SystemParametersInfoA
ShowWindow
FindWindowA
ValidateRect
GetMenuCheckMarkDimensions
GetMenuState
ModifyMenuA
SetMenuItemBitmaps
CheckMenuItem
EnableMenuItem
GetNextDlgTabItem
IsWindowEnabled
ScreenToClient
MoveWindow
UnregisterHotKey
EnumWindows
IsWindowVisible
GetDC
GetSystemMetrics
GetWindowLongA
SetWindowLongA
SetWindowPos
RegisterHotKey
KillTimer
SetTimer
SendMessageA
SetCursor
GetClientRect
FillRect
OffsetRect
RedrawWindow
GetParent
UpdateWindow
GetSysColor
EnableWindow
GetWindowRect
IsWindow
InvalidateRect
LoadImageA
IsWindowUnicode
DefDlgProcA
DrawFocusRect
ExcludeUpdateRgn
ShowCaret
HideCaret
UnregisterClassA
GetMenu

gdi32

GetDIBColorTable
CreateCompatibleDC
CreateHalftonePalette
GetObjectA
BitBlt
CreateSolidBrush
DeleteObject
CreateFontIndirectA
SetViewportOrgEx
GetViewportOrgEx
CreateCompatibleBitmap
GetStockObject
Rectangle
GetTextExtentPoint32A
GetDeviceCaps
GetClipBox
SetTextColor
SetBkColor
DeleteDC
SaveDC
RestoreDC
SelectObject
SetBkMode
SetMapMode
OffsetViewportOrgEx
SetViewportExtEx
ScaleViewportExtEx
SetWindowExtEx
ScaleWindowExtEx
IntersectClipRect
GetTextExtentPointA
GetViewportExtEx
GetWindowExtEx
PtVisible
RectVisible
TextOutA
ExtTextOutA
Escape
CreateBitmap
GetMapMode
PatBlt
DPtoLP
GetTextColor
GetBkColor
LPtoDP
SetTextAlign
CreateDIBitmap
CreatePalette

comdlg32

GetFileTitleA
ChooseFontA

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

shell32

SHBrowseForFolderA
SHGetPathFromIDListA
SHGetMalloc
Shell_NotifyIconA
ShellExecuteA

comctl32

ord17

oledlg

ord8

ole32

CoTaskMemAlloc
CoTaskMemFree
OleInitialize
CLSIDFromString
CLSIDFromProgID
CoInitialize
CreateILockBytesOnHGlobal
StgCreateDocfileOnILockBytes
CreateStreamOnHGlobal
OleUninitialize
CoFreeUnusedLibraries
CoGetClassObject
OleRun
StgOpenStorageOnILockBytes
CoRegisterMessageFilter
OleIsCurrentClipboard
OleFlushClipboard
CoCreateInstance
CoRevokeClassObject

olepro32

ord253
ord251

oleaut32

VariantTimeToSystemTime
VariantCopy
SysAllocStringByteLen
SysStringLen
SysAllocStringLen
SysAllocString
VariantClear
SysFreeString
VariantChangeType

Sections

.text
Size: 284KB - Virtual size: 282KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rdata
Size: 68KB - Virtual size: 64KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 16KB - Virtual size: 51KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 128KB - Virtual size: 127KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.yrdata
Size: 20KB - Virtual size: 20KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

Sharing

General

Malware Config

Signatures

Files

5e749a236201759162dab6ab2c944402

Headers

File Characteristics

Imports

ufddll

kernel32

user32

gdi32

comdlg32

winspool.drv

shell32

comctl32

oledlg

ole32

olepro32

oleaut32

Sections

.text Size: 284KB - Virtual size: 282KB

.rdata Size: 68KB - Virtual size: 64KB

.data Size: 16KB - Virtual size: 51KB

.rsrc Size: 128KB - Virtual size: 127KB

.yrdata Size: 20KB - Virtual size: 20KB

.text
Size: 284KB - Virtual size: 282KB

.rdata
Size: 68KB - Virtual size: 64KB

.data
Size: 16KB - Virtual size: 51KB

.rsrc
Size: 128KB - Virtual size: 127KB

.yrdata
Size: 20KB - Virtual size: 20KB