8cddb2572d093a1fa54a4ad7a0014bed_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

8cddb2572d093a1fa54a4ad7a0014bed_JaffaCakes118
Size

756KB
MD5

8cddb2572d093a1fa54a4ad7a0014bed
SHA1

5ba8f65d18595353dcea5a32ca311e42e0475e3a
SHA256

d2e03befd84c91c9f84c05057b6a62b3193493191dbe0c65608a78d28ce4dee0
SHA512

375f2979dfb5aa16585882536627fc1a146d0d39295b370bf8877ff1efe7170c5b3a582670d545f57b7e76847f2c4089f11b2caf4fa1a352b3d4ffa279c7f30c
SSDEEP

12288:AqLkLTN2yR1dk91ydqr3zHffoIAVXWf443n12eLUbE/MXl9WJgbb+QGqG3GH22pT:AqLkLo+wUXlMJgbxGqG3G44dgpE

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8cddb2572d093a1fa54a4ad7a0014bed_JaffaCakes118

Files

8cddb2572d093a1fa54a4ad7a0014bed_JaffaCakes118
.dll windows:4 windows x86 arch:x86

53529fc392e8e5817525b70d90746114

Headers

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_LINE_NUMS_STRIPPED
IMAGE_FILE_LOCAL_SYMS_STRIPPED
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

Imports

pngu3267

??0CPNControl@@QAE@XZ
?SetId@CPNControl@@UAEXK@Z
?Create@CPNListBox@@UAEHKPAVCPNWindow@@JJJJK@Z
?GetCount@CPNListBox@@UBEKXZ
?HandleEvent@CPNListBox@@UAEXAAVCPNEvent@@@Z
?IsSelected@CPNListBox@@UBEHK@Z
?GetCurrentSelection@CPNListBox@@UBEKXZ
?SetCurrentSelection@CPNListBox@@UAEHK@Z
?SetSelection@CPNListBox@@UAEHKH@Z
?AddString@CPNListBox@@UAEKK@Z
?AddString@CPNListBox@@UAEKPBD@Z
?InsertString@CPNListBox@@UAEKPBDK@Z
?RemoveString@CPNListBox@@UAEKK@Z
?RemoveAll@CPNListBox@@UAEXXZ
?GetSelectionCount@CPNListBox@@UBEKXZ
?GetSelectedItems@CPNListBox@@UBEKPAKI@Z
?GetString@CPNListBox@@UBEKPADKK@Z
?ItemFromPoint@CPNListBox@@UBEKVCPNxPoint@@@Z
?FindString@CPNListBox@@UAEJPBDKHH@Z
??0CPNImageControl@@QAE@XZ
??0CPNBitmapImage@@QAE@XZ
?Create@CPNImageControl@@QAEHKPAVCPNWindow@@JJJJKKPAVCPNImage@@@Z
?UpdateBackgroundColor@CPNImageControl@@QAEXXZ
??1CPNControl@@UAE@XZ
?Attach@CPNWindow@@QAEXPAUHWND__@@@Z
?SetImage@CPNImageControl@@QAEXPAVCPNImage@@@Z
??0CPNEdit@@QAE@XZ
??1CPNText@@UAE@XZ
??1CPNButton@@UAE@XZ
??0CPNCheckButton@@QAE@XZ
?EndDialog@CPNDialog@@UAEXK@Z
??0CPNText@@QAE@XZ
??0CPNButton@@QAE@XZ
??0CPNPopupList@@QAE@XZ
?AddObserver@CPNRouter@@QAEXPAV1@KK@Z
??1CPNDialog@@UAE@XZ
??0CPNDialog@@QAE@KPAVCPNWindow@@@Z
?OnEvent@XPNDialog@@UAEHAAVCPNEvent@@@Z
?DoModal@CPNDialog@@UAEKXZ
?DoModeless@CPNDialog@@UAEKXZ
?GetScreenMappingFactors@CPNSystemInfo@@SAXAAJ0@Z
?OFNHookProc@CPNOpenFileDialog@@KGIPAUHWND__@@IIJ@Z
?TranslateFlags@CPNOpenFileDialog@@IAEKXZ
?GetHWND@CPNWindow@@QBEPAUHWND__@@XZ
??1CPNOpenFileDialog@@UAE@XZ
?GetPNWindow@CPNWindow@@SAPAV1@PAX@Z
??0CPNWindow@@QAE@XZ
??0CPNOpenFileDialog@@QAE@XZ
?NotifyObservers@CPNRouter@@UAEXAAVCPNEvent@@@Z
?HandleEvent@CPNWindow@@UAEXAAVCPNEvent@@@Z
?Destroy@CPNDialog@@UAEXXZ
?IsValid@CPNWindow@@UBEHXZ
?GetParent@CPNWindow@@UBEPAV1@XZ
?SetParent@CPNWindow@@UAEXPAV1@@Z
?SetZOrderPosition@CPNWindow@@UAEXK@Z
?SetTitle@CPNWindow@@UAEXPBD@Z
?GetTitle@CPNWindow@@UBEXPADJ@Z
?GetTitleLength@CPNWindow@@UBEJXZ
?SetFont@CPNWindow@@UAEXPAVCPNFont@@H@Z
?GetFont@CPNWindow@@UBEPAVCPNFont@@XZ
?SetSize@CPNWindow@@UAEXABVCPNxSize@@@Z
?GetSize@CPNWindow@@UBEXAAVCPNxSize@@@Z
?GetClientRect@CPNWindow@@UBEXAAVCPNxRect@@@Z
?GetScreenRect@CPNWindow@@UBEXAAVCPNxRect@@@Z
?Move@CPNWindow@@UAEXABVCPNxPoint@@@Z
?Center@CPNWindow@@UAEXXZ
?ScrollWindow@CPNWindow@@UAEXJJPAVCPNxRect@@K@Z
?GetPosition@CPNWindow@@UBEXAAVCPNxPoint@@@Z
?MoveAndSize@CPNWindow@@UAEXABU_PNxRect@@@Z
?MoveAndSize@CPNWindow@@UAEXABU_PNxPoint@@ABU_PNxSize@@@Z
?ClientToScreen@CPNWindow@@UBEXAAVCPNxRect@@@Z
?ClientToScreen@CPNWindow@@UBEXAAVCPNxPoint@@@Z
?ScreenToClient@CPNWindow@@UBEXAAVCPNxRect@@@Z
?ScreenToClient@CPNWindow@@UBEXAAVCPNxPoint@@@Z
?PauseUpdates@CPNWindow@@UAEXXZ
?HasPausedUpdates@CPNWindow@@UBEHXZ
?ResumeUpdates@CPNWindow@@UAEXXZ
?RepaintRect@CPNWindow@@UAEXPBVCPNxRect@@H@Z
?RedrawWindow@CPNWindow@@UAEXXZ
?ValidateRect@CPNWindow@@UAEXPBVCPNxRect@@@Z
?SetCapture@CPNWindow@@UAEXXZ
?ReleaseCapture@CPNWindow@@UAEXXZ
?HasCapture@CPNWindow@@UBEHXZ
?SetFocus@CPNWindow@@UAEHXZ
?HasFocus@CPNWindow@@UBEHXZ
?Show@CPNWindow@@UAEHH@Z
?IsShown@CPNWindow@@UBEHXZ
?SetShowState@CPNWindow@@UAEXJ@Z
?GetShowState@CPNWindow@@UBEJXZ
?SetForegroundWindow@CPNWindow@@UAEXHK@Z
?Enable@CPNWindow@@UAEXH@Z
?IsEnabled@CPNWindow@@UBEHXZ
?GetTextLength@CPNControl@@UBEJXZ
?SetText@CPNControl@@UAEXPBD@Z
?DetachWindowItem@CPNWindow@@UAEXXZ
?Attach@CPNWindow@@UAEXABU_PNxWindow@@@Z
?Attach@CPNWindow@@UAEXPAX@Z
?Detach@CPNWindow@@UAEXXZ
?SubclassWnd@CPNWindow@@UAEHPAU_PNxWindow@@@Z
PNGuiInitialize
??BCPNWindow@@UBE?BU_PNxWindow@@XZ
?OnEvent@CPNWindow@@UAEHAAVCPNEvent@@@Z
?Destroy@CPNWindow@@UAEXXZ
??0CPNRouter@@QAE@XZ
??1CPNRouter@@UAE@XZ
?Create@CPNPropertyPage@@UAEHK@Z
?OnWizBack@XPNPropertyPage@@UAEJXZ
?OnWizNext@XPNPropertyPage@@UAEJXZ
?OnHelp@XPNPropertyPage@@UAEHXZ
?OnRestoreDefaults@XPNPropertyPage@@UAEHXZ
?OnEvent@CPNPropertyPage@@UAEHAAVCPNEvent@@@Z
??0CPNPropertySheet@@QAE@K@Z
??0CPNPropertyPage@@IAE@KPBD@Z
?GetPage@XPNPropertySheet@@QBEPAVCPNPropertyPage@@K@Z
??1CPNPropertyPage@@UAE@XZ
?Highlight@CPNText@@UAEXH@Z
?Create@CPNText@@UAEHKPAVCPNWindow@@JJJJKPBDK@Z
??0CPNTreeControl@@QAE@XZ
??0CPNBrush@@QAE@XZ
??1CPNBrush@@UAE@XZ
??0CPNPen@@QAE@XZ
??1CPNPen@@UAE@XZ
??1CPNColor@@UAE@XZ
?SetColor@CPNPen@@UAEXAAVCPNColor@@@Z
?Set@CPNColor@@QAEXEEE@Z
?LockResource@CPNGraphicResource@@QAEHXZ
?SetColor@CPNBrush@@UAEXAAVCPNColor@@@Z
??0CPNColor@@QAE@EEE@Z
?UnLockResource@CPNGraphicResource@@QAEHXZ
??1CPNPaintDC@@UAE@XZ
??0CPNPaintDC@@QAE@PAVCPNWindow@@@Z
??1CPNMemoryDC@@UAE@XZ
?BlitToScreen@CPNMemoryDC@@UAEXXZ
?BlitTo@CPNMemoryDC@@QAEXPAVCPNDC@@AAVCPNxRect@@1K@Z
?DrawLine@CPNDC@@UAEXJJJJ@Z
?SetPen@XPNDC@@QAEPAVCPNPen@@PAV2@@Z
?FillRectangle@CPNDC@@UAEXABVCPNxRect@@AAVCPNBrush@@@Z
??0CPNMemoryDC@@QAE@PAVCPNDC@@AAVCPNxRect@@@Z
??1CPNScreenDC@@UAE@XZ
??0CPNScreenDC@@QAE@XZ
??1CPNWindow@@UAE@XZ
?AddRadio@CPNRadioGroup@@QAEXPAVCPNRadioBtn@@@Z
??0CPNRadioGroup@@QAE@XZ
??0CPNRadioBtn@@QAE@XZ
?DoModal@CPNMessageBox@@UAEKPAVCPNWindow@@PBD1K@Z
??0CPNDialog@@QAE@XZ
?SetSliderPos@XPNSlider@@QAEXJ@Z
?Create@XPNSlider@@QAEHKPAVCPNWindow@@JJJJKK@Z
?PartitionSlider@XPNSlider@@QAEXK@Z
??4CPNColor@@QAEAAV0@ABV0@@Z
??0CPNColor@@QAE@H@Z
?SetSliderRange@XPNSlider@@QAEXJJ@Z
??0CPNSlider@@QAE@XZ
?AddAccessibility@CPNWindow@@QAEHPBDK@Z
??0CPNPropertySheet@@QAE@XZ
??1CPNPropertySheet@@UAE@XZ
??1CPNCursor@@UAE@XZ
?SetCursor@CPNSystemInfo@@SAPAVCPNCursor@@AAV2@@Z
?LoadStandardCursor@CPNCursor@@UAEHJ@Z
??0CPNCursor@@QAE@XZ
?SetText@XPNCustomText@@UAEXPBD@Z
?OnEvent@CPNCustomText@@UAEHAAVCPNEvent@@@Z
?DrawArrow@XPNScrollButton@@MAEXAAVCPNDC@@ABVCPNxRect@@KK@Z
?Create@XPNScrollButton@@UAEHKPAVCPNWindow@@JJJJKK@Z
?AdjustButtonFaceRect@XPNButton@@MAEXAAVCPNxRect@@ABV2@HHJ@Z
?GetButtonFaceColor@XPNButton@@UAEXAAVCPNColor@@@Z
?SetButtonFaceColor@CPNButton@@UAEXABVCPNColor@@@Z
?MakeButtonDefault@XPNButton@@UAEXH@Z
?DrawButtonFace@CPNButton@@UAEXPAVCPNDC@@AAVCPNxRect@@HH@Z
?OnPaint@XPNButton@@UAEXPAVCPNDC@@HH@Z
?SetPushedState@XPNButton@@UAEXH@Z
?Create@CPNButton@@UAEHKPAVCPNWindow@@JJJJKKPBD@Z
?OnEvent@XPNScrollButton@@UAEHAAVCPNEvent@@@Z
?GetControlsFont@CPNDrawHelper@@SAAAVCPNFont@@XZ
?Create@XPNCustomText@@QAEHKPAVCPNWindow@@JJJJKPBDK@Z
??0XPNCustomText@@QAE@XZ
??0XPNScrollButton@@IAE@XZ
??1XPNScrollButton@@MAE@XZ
??1XPNCustomText@@UAE@XZ
?GetFreeDiskSpace@CPNSystemInfo@@SAKABVCPNString@@@Z
?SetPosition@CPNScrollHelper@@QAEXJ@Z
?GetDiskSpace@CPNSystemInfo@@SAXABVCPNString@@AAK1@Z
?MapCoordinatesTo@CPNWindow@@UBEXPAV1@AAVCPNxRect@@@Z
?MapCoordinatesTo@CPNWindow@@UBEXPAV1@AAVCPNxPoint@@@Z
?SetIcon@CPNWindow@@UAEXAAVCPNIcon@@H@Z
?IsPtInWindow@XPNWindow@@UBEHABVCPNxPoint@@@Z
?AddToolTip@CPNWindow@@UAEHPBD@Z
?AddToolTip@CPNWindow@@UAEHAAVCPNxRect@@PBD@Z
?RemoveAllToolTips@CPNWindow@@UAEXXZ
?EnableToolTips@CPNWindow@@UAEXH@Z
?UpdateShowStateIfMinimized@CPNWindow@@UAEXXZ
?ShouldDrawFocus@CPNWindow@@MAEHXZ
?ParentPaintBackground@XPNWindow@@MAEHPAVCPNDC@@PAVCPNxRect@@@Z
?OnWndMsg@CPNWindow@@UAEHKIJPAJ@Z
?Create@CPNDialog@@UAEHKPAVCPNWindow@@@Z
?DoModeless@CPNOpenFileDialog@@UAEKXZ
?DoModaless@CPNDialog@@UAEKXZ
?InitDialog@CPNDialog@@UAEHXZ
?EndDialog@CPNOpenFileDialog@@UAEXK@Z
??1CPNEdit@@UAE@XZ
??1CPNCheckButton@@UAE@XZ
?Create@CPNEdit@@QAEHKPAVCPNWindow@@JJJJKKPBD@Z
?GetId@CPNControl@@UBEKXZ
?GetText@CPNControl@@UBEXPADJ@Z
?OnEvent@CPNOpenFileDialog@@UAEHAAVCPNEvent@@@Z
?Create@CPNWindow@@UAEHPAV1@JJJJKPBD@Z
?GetMenu@CPNWindow@@UAEHAAVCPNMenu@@@Z
?AttachWindowItem@CPNWindow@@UAEHKPAV1@@Z
?GetPNxWindowID@CPNWindow@@UBEPAXXZ
?PreDomodal@XPNDialog@@UAEXPAVCPNWindow@@@Z
?PostDomodal@XPNDialog@@UAEXPAVCPNWindow@@@Z
?GetSingleInstanceId@XPNDialog@@UAEKXZ
?GetTemplateId@XPNDialog@@UBEKXZ
?SetDefaultButtonId@CPNDialog@@UAEXK@Z
?GetDefaultButtonId@CPNDialog@@UBEKXZ
?SetSingleInstance@CPNDialog@@UAEXH@Z
??0CPNIcon@@QAE@XZ
?LoadSizedIcon@CPNIcon@@UAEHKJJ@Z
??1CPNIcon@@UAE@XZ
PNGuiTerminate

pncrt

strncpy
_open
_sopen
_lseek
_tell
_read
_write
_unlink
_ltoa
??2@YAPAXI@Z
_purecall
??3@YAXPAX@Z
wcscat
wcscpy
wcslen
free
wcschr
malloc
_close
_creat
strchr
sprintf
strrchr
strtok
_splitpath
strstr
remove
strncmp
wcstok
_wcsdup
tolower
memmove
_snprintf
_ftol
_putenv
_mbctype
localtime
time
mktime
printf
_vsnprintf
_stricmp
isalpha
isdigit
isspace
strtoul
_errno
realloc
_ismbcspace
atol
_strnicmp
strpbrk
_fstat
_chsize
_lseeki64
_telli64
setlocale
_stat
vsprintf
rand
__dllonexit
_onexit
_initterm
_adjust_fdiv
_strcmpi
_ftime
atoi

ole32

CoInitialize
CoCreateInstance
CoUninitialize

shell32

SHGetPathFromIDListA
SHGetSpecialFolderLocation
SHBrowseForFolderA

comdlg32

GetOpenFileNameW
GetSaveFileNameW
GetSaveFileNameA
GetOpenFileNameA

user32

GetDlgItem
GetDlgItemTextA
CharNextW
SetDlgItemTextA
EnumChildWindows
MoveWindow
GetWindowRect
CharNextA
SetWindowLongA
GetParent
PostMessageA
OffsetRect
SetRect
FindWindowExA
SetWindowPos
GetSystemMetrics
GetClientRect
SetWindowTextA
wsprintfA
EndPaint
FillRect
GetSysColor
BeginPaint
ScreenToClient
InvalidateRect
GetWindowLongA
CreateWindowExA
DrawTextA
DestroyIcon
DrawStateA
PtInRect
ReleaseCapture
WindowFromPoint
ClientToScreen
SetCapture
CallWindowProcA
SendMessageA
DefWindowProcA
UpdateWindow
SetFocus
DestroyWindow
MapDialogRect
CreateDialogParamA
GetWindowThreadProcessId
PostThreadMessageA
SetTimer
SendDlgItemMessageA
CharPrevA
DialogBoxParamA
EnumWindows
SendMessageTimeoutA
GetKeyState
MessageBoxA
SetForegroundWindow
MapWindowPoints
SystemParametersInfoA
GetWindow
ReleaseDC
GetDC
GetWindowTextA
ShowWindow
EnableWindow
IsWindow
IsDlgButtonChecked
IntersectRect
GetLastActivePopup
EndDialog
GetCapture
GetActiveWindow
DdeClientTransaction
DdeGetData
FindWindowA
DdeConnect
DdeDisconnect
DdeFreeDataHandle
DdeUninitialize
DdeInitializeA
DdeFreeStringHandle
DdeCreateStringHandleA
DdeGetLastError

advapi32

RegEnumKeyA
RegCloseKey
RegDeleteValueA
RegQueryValueExA
RegCreateKeyA
RegSetValueExA
RegQueryValueA
RegSetValueA
RegQueryInfoKeyA
RegOpenKeyExA
RegCreateKeyExA
RegOpenKeyA
RegEnumKeyExA
RegDeleteKeyA

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

gdi32

CreateSolidBrush
BitBlt
SetTextColor
SelectObject
SetBkMode
CreateCompatibleBitmap
GetStockObject
GetDCOrgEx
GetClipBox
GetTextExtentPoint32A
DeleteObject
SetBkColor
ExtTextOutA
GetDeviceCaps

comctl32

ImageList_LoadImageA
ImageList_GetIcon

oleaut32

VariantClear
VariantInit

winmm

waveOutGetDevCapsA

kernel32

GetSystemInfo
lstrcpyA
GlobalMemoryStatus
GetLocaleInfoA
lstrlenA
FindFirstFileW
lstrcpynA
CreateDirectoryA
DeleteFileA
GetVersionExA
GlobalFree
GetSystemDirectoryA
GlobalUnlock
FindNextFileA
FindClose
GetCurrentThreadId
EnterCriticalSection
LeaveCriticalSection
DeleteCriticalSection
InitializeCriticalSection
OpenFile
GetFileSize
ReadFile
CloseHandle
GetEnvironmentVariableA
GetModuleFileNameA
GetProcAddress
GetModuleHandleA
FreeLibrary
LoadLibraryA
GetPrivateProfileStringA
GetLastError
GetLogicalDriveStringsA
GetDriveTypeA
WideCharToMultiByte
MultiByteToWideChar
InterlockedIncrement
InterlockedDecrement
DisableThreadLibraryCalls
GetFileAttributesA
CreateFileA
GlobalLock
CreateFileMappingA
GetTempFileNameA
CreateProcessA
LCMapStringA
GlobalAlloc
GetVersion
GetTickCount
GetTempPathA
WinExec
SetErrorMode
GetProfileStringA
FindFirstFileA
RemoveDirectoryA
UnmapViewOfFile
MapViewOfFile

Exports

Exports

?DdeCallback@@YGPAUHDDEDATA__@@IIPAUHCONV__@@PAUHSZ__@@1PAU1@KK@Z
RMACreateInstance
RMAShutdown
RPCreateClass
SetDLLAccessPath

Sections

.text
Size: 284KB - Virtual size: 281KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 56KB - Virtual size: 54KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 24KB - Virtual size: 24KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

_DATA
Size: 4KB - Virtual size: 378B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 180KB - Virtual size: 177KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 32KB - Virtual size: 28KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

53529fc392e8e5817525b70d90746114

Headers

File Characteristics

Imports

pngu3267

pncrt

ole32

shell32

comdlg32

user32

advapi32

version

gdi32

comctl32

oleaut32

winmm

kernel32

Exports

Exports

Sections

.text Size: 284KB - Virtual size: 281KB

.rdata Size: 56KB - Virtual size: 54KB

.data Size: 24KB - Virtual size: 24KB

_DATA Size: 4KB - Virtual size: 378B

.rsrc Size: 180KB - Virtual size: 177KB

.reloc Size: 32KB - Virtual size: 28KB

.text
Size: 284KB - Virtual size: 281KB

.rdata
Size: 56KB - Virtual size: 54KB

.data
Size: 24KB - Virtual size: 24KB

_DATA
Size: 4KB - Virtual size: 378B

.rsrc
Size: 180KB - Virtual size: 177KB

.reloc
Size: 32KB - Virtual size: 28KB