850d06bd3a8605c99e12655efe5fc497_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

850d06bd3a8605c99e12655efe5fc497_JaffaCakes118
Size

208KB
MD5

850d06bd3a8605c99e12655efe5fc497
SHA1

bb87716b04ddfdddc45aa9f4f32a819001d80b85
SHA256

36613ab185cf837f2890a3b6d4fe24d869d80e5e8ee88d3412af364ec3a45739
SHA512

04762c7915dd723f4edb431faaf4d1b37570d9ba94032c728a92fa33af3747aa93ef7e4e24a8a9e297a1ecb6bc33676fd5513c990014021b39c15806154f88d3
SSDEEP

3072:IRO0cnWWTkFlL7/gQ8BCLHmd1fa0YoB2asxZWzFNI70colHwJ9:z0EeR/ek6dd9Y8sxAiQNwJ

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
850d06bd3a8605c99e12655efe5fc497_JaffaCakes118

Files

850d06bd3a8605c99e12655efe5fc497_JaffaCakes118
.dll regsvr32 windows:4 windows x86 arch:x86

7fae7a740bad165ae05d2ba10cd725a9

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

d:\Work\Prj\Project\15_SideBar\2008030500\hisearch\Release\HiSearch.pdb

Imports

shlwapi

PathFindFileNameA
PathFindExtensionA

wininet

InternetReadFile
InternetQueryDataAvailable
InternetOpenUrlA
InternetOpenA
InternetCloseHandle

kernel32

ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
GetCurrentProcess
GetCPInfo
GetOEMCP
HeapAlloc
GetFileType
VirtualProtect
VirtualAlloc
VirtualQuery
RtlUnwind
ExitProcess
HeapReAlloc
GetCommandLineA
TerminateProcess
HeapSize
HeapDestroy
HeapCreate
VirtualFree
IsBadWritePtr
SetHandleCount
GetStdHandle
GetStartupInfoA
SetStdHandle
LCMapStringA
LCMapStringW
QueryPerformanceCounter
GetTickCount
GetCurrentProcessId
GetSystemTimeAsFileTime
SetUnhandledExceptionFilter
GetStringTypeA
GetStringTypeW
FreeEnvironmentStringsA
GetEnvironmentStrings
FreeEnvironmentStringsW
GetEnvironmentStringsW
UnhandledExceptionFilter
IsBadReadPtr
IsBadCodePtr
GlobalGetAtomNameA
GlobalFindAtomA
lstrcmpW
GlobalFlags
WritePrivateProfileStringA
SetErrorMode
TlsFree
LocalReAlloc
TlsSetValue
TlsAlloc
TlsGetValue
GlobalHandle
GlobalReAlloc
LocalAlloc
SetLastError
GlobalFree
GlobalUnlock
FormatMessageA
LocalFree
CloseHandle
GlobalAddAtomA
GetCurrentThread
GetCurrentThreadId
GlobalLock
GlobalAlloc
GlobalDeleteAtom
lstrcmpA
GetProcAddress
ConvertDefaultLocale
EnumResourceLanguagesA
GetProcessHeap
HeapFree
lstrcpyW
LockResource
GetModuleHandleA
LoadLibraryExA
FindResourceA
LoadResource
SizeofResource
InterlockedDecrement
InterlockedIncrement
IsDBCSLeadByte
lstrcatA
lstrcpyA
lstrcpynA
GetModuleFileNameA
lstrcmpiA
lstrlenA
GetLastError
DeleteCriticalSection
InitializeCriticalSection
LeaveCriticalSection
EnterCriticalSection
RaiseException
lstrlenW
WideCharToMultiByte
MultiByteToWideChar
GetThreadLocale
GetLocaleInfoA
GetACP
InterlockedExchange
LoadLibraryA
FreeLibrary
GetVersion
GetVersionExA
GetSystemInfo

user32

DestroyMenu
RegisterWindowMessageA
WinHelpA
GetCapture
GetClassLongA
GetClassInfoExA
SetPropA
GetPropA
RemovePropA
GetForegroundWindow
GetTopWindow
GetMessageTime
GetMessagePos
LoadIconA
MapWindowPoints
SetForegroundWindow
GetMenu
AdjustWindowRectEx
SystemParametersInfoA
IsIconic
GetWindowPlacement
CopyRect
SetWindowPos
GetDlgItem
GetSystemMetrics
GetSysColorBrush
GetDlgCtrlID
PtInRect
GetWindowTextA
SetWindowTextA
GetClassNameA
wsprintfA
GetSysColor
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
CharNextA
GetClientRect
GetWindow
GetFocus
EndPaint
BeginPaint
UnregisterClassA
DefWindowProcA
TabbedTextOutA
UnhookWindowsHookEx
GetMenuItemID
GetMenuItemCount
GetSubMenu
SetMenuItemBitmaps
ModifyMenuA
GetMenuState
EnableMenuItem
CheckMenuItem
GetMenuCheckMarkDimensions
LoadBitmapA
SetWindowsHookExA
CallNextHookEx
GetMessageA
TranslateMessage
DispatchMessageA
GetWindowLongA
SetWindowLongA
CreateWindowExA
RegisterClassA
LoadCursorA
GetClassInfoA
ShowWindow
DestroyWindow
IsWindow
CallWindowProcA
LoadStringA
PostMessageA
PostQuitMessage
SetCursor
SendMessageA
EnableWindow
IsWindowEnabled
GetLastActivePopup
GetParent
GetActiveWindow
IsWindowVisible
GetKeyState
PeekMessageA
GetCursorPos
ValidateRect
MessageBoxA
GetWindowRect

gdi32

GetStockObject
SetTextColor
SetBkColor
RestoreDC
SaveDC
GetDeviceCaps
CreateBitmap
ScaleWindowExtEx
SetWindowExtEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
SelectObject
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
DeleteObject
GetClipBox
SetMapMode
DeleteDC

winspool.drv

OpenPrinterA
DocumentPropertiesA
ClosePrinter

advapi32

RegQueryValueExA
RegQueryValueA
RegOpenKeyA
RegEnumKeyA
RegFlushKey
RegDeleteKeyA
RegEnumKeyExA
RegQueryInfoKeyA
RegSetValueExA
RegOpenKeyExA
RegCreateKeyExA
RegCloseKey
RegDeleteValueA

comctl32

ord17

ole32

StringFromGUID2
CoCreateInstance
CoTaskMemAlloc
CoUninitialize
CoInitialize
OleLoadFromStream
WriteClassStm
OleSaveToStream
CoTaskMemFree
CoTaskMemRealloc

oleaut32

SysFreeString
SysAllocString
LoadTypeLi
UnRegisterTypeLi
RegisterTypeLi
VarUI4FromStr
SysAllocStringLen
VariantClear
VariantCopy
VariantChangeType
VariantInit
SysStringByteLen
SysAllocStringByteLen
SafeArrayDestroy
SafeArrayAccessData
SafeArrayCreate
LoadRegTypeLi
SysStringLen

Exports

Exports

DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer

Sections

.text
Size: 132KB - Virtual size: 128KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 32KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 8KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 8KB - Virtual size: 6KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 24KB - Virtual size: 20KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

7fae7a740bad165ae05d2ba10cd725a9

Headers

File Characteristics

PDB Paths

Imports

shlwapi

wininet

kernel32

user32

gdi32

winspool.drv

advapi32

comctl32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 132KB - Virtual size: 128KB

.rdata Size: 32KB - Virtual size: 29KB

.data Size: 8KB - Virtual size: 20KB

.rsrc Size: 8KB - Virtual size: 6KB

.reloc Size: 24KB - Virtual size: 20KB

.text
Size: 132KB - Virtual size: 128KB

.rdata
Size: 32KB - Virtual size: 29KB

.data
Size: 8KB - Virtual size: 20KB

.rsrc
Size: 8KB - Virtual size: 6KB

.reloc
Size: 24KB - Virtual size: 20KB