8dca160da0afee1ac218f23d067f2c7e_JaffaCakes118

Sharing

Copy URL Twitter E-mail

General

Target

8dca160da0afee1ac218f23d067f2c7e_JaffaCakes118
Size

1.3MB
MD5

8dca160da0afee1ac218f23d067f2c7e
SHA1

9928c6c4945e0f2473297103b0eef08f04700925
SHA256

0d2540661a8593a3fa4c0e34ec2839122faa3498ceef55065db360181dfcbc00
SHA512

8e259408253a16b8c2d2c975fef28431021cb44258d56de2ba85a914dd9cab3deef86c9c8852561a7c2e101461bbae5b72b6e2663053565d2150fc563e919af1
SSDEEP

24576:izxB0MH3tR+cOXHO87r1/RaD2+W7fD41uo5Pfbs89TBe6Kkz:il2q+cOXn7lRaD2+OfD41uoNl9T9Kk

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8dca160da0afee1ac218f23d067f2c7e_JaffaCakes118

Files

8dca160da0afee1ac218f23d067f2c7e_JaffaCakes118
.dll regsvr32 windows:5 windows x86 arch:x86

a675ec79e03db6ee7e12b22a0f8ef717

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_DYNAMIC_BASE
IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

msxfrmld.pdb

Imports

version

VerQueryValueA
GetFileVersionInfoSizeA
GetFileVersionInfoA

rpcrt4

NdrClientCall2
RpcBindingFromStringBindingA
RpcStringBindingComposeA
RpcBindingFree
RpcStringFreeA

kernel32

SetCurrentDirectoryA
GetCurrentDirectoryA
FindClose
FindNextFileA
FindFirstFileA
CreateRemoteThread
WriteProcessMemory
VirtualAllocEx
GetSystemTime
GetACP
OpenProcess
OpenSemaphoreA
InterlockedExchange
ResetEvent
DuplicateHandle
GetCurrentProcess
HeapAlloc
HeapFree
HeapCreate
HeapDestroy
GetTimeZoneInformation
LocalFree
LocalAlloc
GlobalFree
GlobalAlloc
GetExitCodeProcess
GetVersionExA
GetVolumeInformationA
TerminateProcess
InitializeCriticalSectionAndSpinCount
FlushFileBuffers
GetDriveTypeA
ExpandEnvironmentStringsA
GetPrivateProfileStringA
SystemTimeToFileTime
LocalFileTimeToFileTime
SystemTimeToTzSpecificLocalTime
GetThreadPriority
LockResource
LoadResource
SizeofResource
FindResourceA
GetFileAttributesA
GetWindowsDirectoryA
SetFileAttributesA
GetProcessHeap
GetFullPathNameA
GetComputerNameW
GetShortPathNameA
GetNumberFormatA
GetLocaleInfoA
VirtualQuery
MulDiv
RemoveDirectoryA
GlobalLock
CreateProcessA
GetThreadContext
GetSystemInfo
FileTimeToDosDateTime
FreeEnvironmentStringsW
SetCurrentDirectoryW
GetCurrentDirectoryW
PeekNamedPipe
GetFileInformationByHandle
FatalAppExitA
GetConsoleMode
GetConsoleCP
GetStartupInfoW
GetFileType
SetHandleCount
GetStringTypeW
HeapSize
LCMapStringW
ExitProcess
GetLocaleInfoW
GetModuleFileNameW
GetStdHandle
IsValidCodePage
GetOEMCP
GetCPInfo
IsProcessorFeaturePresent
GetCurrentThread
GetModuleHandleW
TlsFree
TlsSetValue
TlsGetValue
TlsAlloc
GetCommandLineA
IsDebuggerPresent
SetUnhandledExceptionFilter
UnhandledExceptionFilter
FindFirstFileExA
RaiseException
GetDateFormatA
GetTimeFormatA
CreateThread
ExitThread
EncodePointer
DecodePointer
RtlUnwind
GetSystemTimeAsFileTime
CreateMutexA
OpenMutexA
ReleaseMutex
GetLocalTime
GetVersion
lstrlenA
IsBadStringPtrA
HeapReAlloc
WriteConsoleW
SetStdHandle
GetDriveTypeW
CompareStringW
SetEnvironmentVariableA
CreateFileW
WideCharToMultiByte
lstrlenW
IsBadReadPtr
IsBadWritePtr
WaitForMultipleObjects
DeviceIoControl
GetCurrentProcessId
DisableThreadLibraryCalls
CreateSemaphoreA
GetModuleHandleA
GetModuleFileNameA
OutputDebugStringA
CreateDirectoryA
CreateFileMappingA
MapViewOfFile
UnmapViewOfFile
SetEndOfFile
GetSystemDirectoryA
GetFileTime
SetFileTime
MoveFileA
CopyFileA
GetComputerNameA
FileTimeToLocalFileTime
FileTimeToSystemTime
CreateEventA
ResumeThread
SetEvent
WaitForSingleObject
FreeLibrary
GetDiskFreeSpaceA
LoadLibraryA
GetProcAddress
InterlockedIncrement
InterlockedDecrement
InterlockedCompareExchange
GetCurrentThreadId
GetLastError
FormatMessageA
SetLastError
MultiByteToWideChar
WriteFile
Sleep
SetFilePointer
GetTickCount
VirtualProtect
DeleteFileA
DeleteCriticalSection
GetTempPathA
CreateFileA
GetFileSize
ReadFile
CloseHandle
LeaveCriticalSection
EnterCriticalSection
InitializeCriticalSection
GetEnvironmentStringsW
QueryPerformanceCounter
GetUserDefaultLCID
EnumSystemLocalesA
IsValidLocale
SetConsoleCtrlHandler
GlobalUnlock
LoadLibraryW

user32

CharPrevA
CharNextA
GetWindowTextLengthA
GetParent
ExitWindowsEx
SetWindowPos
OffsetRect
IntersectRect
SystemParametersInfoA
IsIconic
GetWindowPlacement
GetWindowRect
GetSystemMetrics
CharLowerA
GetKeyboardLayout
CreateWindowExW
EnumWindows
MapVirtualKeyExA
LoadKeyboardLayoutA
ActivateKeyboardLayout
ToAsciiEx
GetDC
ReleaseDC
EnumDisplaySettingsA
PeekMessageA
FindWindowA
OpenDesktopA
OpenInputDesktop
GetThreadDesktop
OpenWindowStationA
SetThreadDesktop
ScreenToClient
MoveWindow
CreateDesktopA
CloseClipboard
SetClipboardData
GetKeyNameTextA
EmptyClipboard
SetProcessWindowStation
CloseWindowStation
GetWindow
MessageBoxA
LoadIconA
OpenClipboard
BeginPaint
EndPaint
RegisterHotKey
SetTimer
GetDesktopWindow
SetWindowsHookExA
GetProcessWindowStation
GetUserObjectInformationA
GetForegroundWindow
GetKeyState
GetKeyboardLayoutNameA
CallNextHookEx
UnregisterHotKey
UnhookWindowsHookEx
wsprintfW
LoadStringA
OemToCharA
CharToOemA
GetWindowThreadProcessId
SendMessageA
EnumChildWindows
GetClassNameA
GetDlgCtrlID
SetDlgItemTextA
KillTimer
UnregisterClassA
RegisterClassA
CreateWindowExA
GetWindowLongA
DefWindowProcA
SetWindowLongA
GetCursorPos
PostMessageA
CreateDialogParamA
ShowWindow
DialogBoxParamA
GetPropA
RemovePropA
SetPropA
DestroyWindow
GetMessageA
IsWindow
IsDialogMessageA
TranslateMessage
DispatchMessageA
SetForegroundWindow
EndDialog
GetDlgItem
GetWindowTextA
SetWindowTextA
wsprintfA
SetFocus
AttachThreadInput
MapVirtualKeyA
GetActiveWindow
LoadCursorA
CloseDesktop

gdi32

CreateFontA
StartDocA
StartPage
DeleteDC
DeleteObject
StretchBlt
CreateDIBSection
BitBlt
SelectObject
CreateCompatibleBitmap
CreateCompatibleDC
GetDeviceCaps
CreateDCA
GetStockObject
CreatePatternBrush
CreateBitmap
GetDCOrgEx
GetClipBox
SetBkColor
TextOutA
SetViewportExtEx
SetWindowExtEx
GetTextExtentPointA
GetMapMode
DPtoLP
GetObjectA
GetTextMetricsA
EndDoc
EndPage
GetTextExtentPoint32A
SetTextJustification
SetMapMode

comdlg32

GetSaveFileNameA
PrintDlgA

advapi32

RegDeleteValueA
RegConnectRegistryA
RegQueryInfoKeyA
InitiateSystemShutdownA
InitializeSecurityDescriptor
SetSecurityDescriptorDacl
RegEnumValueA
RegEnumKeyExA
RegDeleteKeyA
RegSetKeySecurity
RegGetKeySecurity
CreateProcessAsUserA
GetSidLengthRequired
LookupAccountSidA
GetTokenInformation
GetSidSubAuthorityCount
GetSidSubAuthority
GetSecurityInfo
SetEntriesInAclA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
LogonUserA
DuplicateToken
ImpersonateLoggedOnUser
RevertToSelf
OpenSCManagerA
GetUserNameA
RegCloseKey
RegQueryValueExA
RegCreateKeyExA
RegSetValueExA
RegOpenKeyExA
DeleteService
CloseServiceHandle
OpenServiceA

shell32

SHGetPathFromIDListA
SHGetMalloc
ShellExecuteExA
ShellExecuteA
SHLoadInProc
SHBrowseForFolderA

ole32

CoTaskMemFree
CoInitializeEx
CoCreateGuid
StringFromCLSID
CoInitialize
CoUninitialize
CoCreateInstance

oleaut32

SysFreeString
SysStringLen
SysAllocString
VariantClear
VariantInit
SysAllocStringLen
GetErrorInfo
VariantChangeType
SetErrorInfo
CreateErrorInfo

Exports

Exports

DispatchMemory
DllCanUnloadNow
DllGetClassObject
DllRegisterServer
DllUnregisterServer
IAlloc

Sections

.text
Size: 955KB - Virtual size: 955KB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 328KB - Virtual size: 328KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 9KB - Virtual size: 29KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.shared
Size: 4KB - Virtual size: 4KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 11KB - Virtual size: 10KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 56KB - Virtual size: 55KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

a675ec79e03db6ee7e12b22a0f8ef717

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

version

rpcrt4

kernel32

user32

gdi32

comdlg32

advapi32

shell32

ole32

oleaut32

Exports

Exports

Sections

.text Size: 955KB - Virtual size: 955KB

.rdata Size: 328KB - Virtual size: 328KB

.data Size: 9KB - Virtual size: 29KB

.shared Size: 4KB - Virtual size: 4KB

.rsrc Size: 11KB - Virtual size: 10KB

.reloc Size: 56KB - Virtual size: 55KB

.text
Size: 955KB - Virtual size: 955KB

.rdata
Size: 328KB - Virtual size: 328KB

.data
Size: 9KB - Virtual size: 29KB

.shared
Size: 4KB - Virtual size: 4KB

.rsrc
Size: 11KB - Virtual size: 10KB

.reloc
Size: 56KB - Virtual size: 55KB