8e3ebe121097210f1e630ed01436ddef_JaffaCakes118

Sharing

Copy URL

Twitter E-mail

General

Target

8e3ebe121097210f1e630ed01436ddef_JaffaCakes118
Size

1.6MB
MD5

8e3ebe121097210f1e630ed01436ddef
SHA1

f21c9b8be299bc136e07d5f127d59869d5ffacd0
SHA256

48a748acf18f8c01e0b1f39af47d49dcdf4762bf0de873bdb156eb2e5d7e24b2
SHA512

3de9c26d8c78d568e4a08dd1a0dfd69f579657d1895e3cb69e20e714d2d05bf7bb6c02bd24994da1257a4d8b3d08b226c30dd017849e986d329aa65b9b67221b
SSDEEP

49152:EAaEMaCRxowAQTVYACGdN3Vu9VP1QCgBzHAom2/O3DAKxVTvkBnJ:tMaCbowAyV6GdN349VP1QCgxHI2/O3Mn

Score

3^/10

Malware Config

Signatures

Unsigned PE 1 IoCs

Checks for missing Authenticode signature.

resource
8e3ebe121097210f1e630ed01436ddef_JaffaCakes118

Files

8e3ebe121097210f1e630ed01436ddef_JaffaCakes118
.dll windows:5 windows x86 arch:x86

aa74496db167796b479f918c1c7b2408

Headers

DLL Characteristics

IMAGE_DLLCHARACTERISTICS_NX_COMPAT

File Characteristics

IMAGE_FILE_EXECUTABLE_IMAGE
IMAGE_FILE_32BIT_MACHINE
IMAGE_FILE_DLL

PDB Paths

E:\KeyBoardRecord\Hook\Release\Hook.pdb

Imports

kernel32

CopyFileA
GlobalFree
lstrcmpW
LocalFree
ActivateActCtx
LoadLibraryA
LoadLibraryW
CompareStringA
GetProcAddress
FreeLibrary
GetModuleHandleA
GetVersionExA
GlobalDeleteAtom
GlobalFindAtomA
GlobalAddAtomA
GlobalGetAtomNameA
GetCurrentThreadId
FreeResource
FindResourceA
FindClose
FindNextFileA
FindFirstFileA
FileTimeToSystemTime
FileTimeToLocalFileTime
InitializeCriticalSectionAndSpinCount
DeleteCriticalSection
LocalAlloc
GetModuleFileNameA
TlsGetValue
GlobalReAlloc
GlobalHandle
InitializeCriticalSection
TlsAlloc
TlsSetValue
LocalReAlloc
TlsFree
ReleaseActCtx
GetModuleFileNameW
InterlockedDecrement
GetModuleHandleW
InterlockedIncrement
lstrcmpA
GlobalFlags
SetThreadPriority
ResumeThread
WaitForSingleObject
GetLocaleInfoA
GetUserDefaultUILanguage
GetCPInfo
GetOEMCP
GetACP
CreateFileA
GetFileAttributesExA
GetFileAttributesA
GetFileSizeEx
GetFileTime
lstrcmpiA
ReadFile
WriteFile
SetFilePointer
FlushFileBuffers
LockFile
UnlockFile
GlobalSize
GetFileSize
DuplicateHandle
GetVolumeInformationA
GetFullPathNameA
GetCurrentDirectoryA
lstrcpyA
GetNumberFormatA
GetTempFileNameA
GetTempPathA
GetTickCount
GetProfileIntA
SearchPathA
VirtualProtect
GetUserDefaultLCID
FindResourceExW
GetSystemTimeAsFileTime
HeapAlloc
HeapFree
RaiseException
VirtualAlloc
GetSystemInfo
VirtualQuery
RtlUnwind
EncodePointer
DecodePointer
GetCommandLineA
HeapReAlloc
HeapQueryInformation
HeapSize
ExitThread
CreateThread
ExitProcess
SetStdHandle
GetFileType
IsProcessorFeaturePresent
UnhandledExceptionFilter
SetUnhandledExceptionFilter
IsDebuggerPresent
TerminateProcess
GetTimeZoneInformation
GetStdHandle
HeapCreate
HeapDestroy
IsValidCodePage
GetStringTypeW
SetHandleCount
GetStartupInfoW
GetConsoleCP
GetConsoleMode
GetLocaleInfoW
EnumSystemLocalesA
IsValidLocale
FreeEnvironmentStringsW
GetEnvironmentStringsW
QueryPerformanceCounter
GetDriveTypeW
LCMapStringW
CompareStringW
WriteConsoleW
GetCurrentDirectoryW
CreateFileW
SetEnvironmentVariableA
lstrlenW
MulDiv
SetLastError
GlobalAlloc
GlobalLock
GlobalUnlock
SetEndOfFile
FormatMessageA
Sleep
GetCurrentProcessId
CreateToolhelp32Snapshot
Process32First
Process32Next
GetLocalTime
GetWindowsDirectoryA
GetSystemDirectoryA
DeleteFileA
RemoveDirectoryA
lstrlenA
WideCharToMultiByte
GetCurrentProcess
CloseHandle
EnterCriticalSection
LeaveCriticalSection
FindResourceW
LoadResource
LockResource
SizeofResource
GetLastError
MultiByteToWideChar
DeactivateActCtx
InterlockedExchange
GetProcessHeap

user32

IsDialogMessageA
MoveWindow
ValidateRect
GetCursorPos
PostQuitMessage
IntersectRect
CharUpperA
DestroyIcon
SetRectEmpty
InvalidateRect
SetCursor
ShowOwnedPopups
DeleteMenu
EnumDisplayMonitors
SetLayeredWindowAttributes
LoadCursorW
RedrawWindow
GetMenuDefaultItem
CreatePopupMenu
IsRectEmpty
MapVirtualKeyA
SetCapture
GetAsyncKeyState
ReleaseCapture
InvertRect
DrawFocusRect
HideCaret
EnableScrollBar
NotifyWinEvent
MessageBeep
GetNextDlgTabItem
OffsetRect
GetIconInfo
CopyImage
LoadImageA
GetNextDlgGroupItem
DrawIconEx
IsIconic
TranslateAcceleratorA
BringWindowToTop
InsertMenuItemA
LoadAcceleratorsA
LoadMenuA
ReuseDDElParam
UnpackDDElParam
SetRect
WindowFromPoint
IsZoomed
SetWindowRgn
SetParent
DestroyAcceleratorTable
SetClassLongA
LoadMenuW
GetSystemMenu
DrawStateA
DrawEdge
DrawFrameControl
CopyAcceleratorTableA
ToAsciiEx
GetKeyboardLayout
GetKeyboardState
LoadAcceleratorsW
CreateAcceleratorTableA
SetCursorPos
LockWindowUpdate
GetKeyNameTextA
OpenClipboard
SetClipboardData
CloseClipboard
EmptyClipboard
LoadImageW
IsCharLowerA
MapVirtualKeyExA
UnionRect
UpdateLayeredWindow
MonitorFromPoint
IsMenu
GetMenuItemInfoA
CreateDialogIndirectParamA
PostThreadMessageA
WaitMessage
DefFrameProcA
DefMDIChildProcA
DrawMenuBar
TranslateMDISysAccel
CreateMenu
SetMenuDefaultItem
IsClipboardFormatAvailable
FrameRect
GetUpdateRect
RegisterClipboardFormatA
CopyIcon
CharUpperBuffA
GetDoubleClickTime
SubtractRect
MapDialogRect
DrawIcon
DestroyCursor
GetWindowRgn
MessageBoxA
CreateWindowExA
GetClassInfoExA
GetClassInfoA
RegisterClassA
GetSysColor
AdjustWindowRectEx
GetParent
ScreenToClient
EqualRect
DeferWindowPos
GetScrollInfo
SetScrollInfo
CopyRect
PtInRect
SetWindowPlacement
GetWindowPlacement
GetDlgCtrlID
DefWindowProcA
CallWindowProcA
GetMenu
GetWindowLongA
SetWindowLongA
SetWindowPos
GetWindow
GetMenuState
GetMenuStringA
AppendMenuA
GetMenuItemID
InsertMenuA
GetMenuItemCount
GetSubMenu
RemoveMenu
CheckDlgButton
RealChildWindowFromPoint
UnhookWindowsHookEx
InflateRect
SetMenuItemBitmaps
GetMenuCheckMarkDimensions
LoadBitmapW
ModifyMenuA
EnableMenuItem
CheckMenuItem
LoadCursorA
GetSystemMetrics
GetSysColorBrush
EndPaint
GetWindowThreadProcessId
IsWindowEnabled
PostMessageA
BeginPaint
GetWindowDC
ReleaseDC
GetDC
ClientToScreen
GrayStringA
DrawTextExA
DrawTextA
TabbedTextOutA
FillRect
LoadIconW
LoadIconA
SendDlgItemMessageA
WinHelpA
IsChild
GetCapture
GetClassLongA
SetPropA
GetPropA
RemovePropA
GetFocus
IsWindow
SetFocus
GetWindowTextLengthA
GetLastActivePopup
SetActiveWindow
BeginDeferWindowPos
EndDeferWindowPos
GetDlgItem
GetTopWindow
DestroyWindow
GetMessageTime
GetMessagePos
PeekMessageA
MonitorFromWindow
GetMonitorInfoA
MapWindowPoints
ScrollWindow
TrackPopupMenu
GetKeyState
GetClassNameA
GetWindowRect
GetDesktopWindow
GetForegroundWindow
SendMessageTimeoutA
RegisterWindowMessageA
EnumChildWindows
FindWindowExA
GetWindowTextA
GetActiveWindow
ShowWindow
KillTimer
SendMessageA
SetTimer
CallNextHookEx
TranslateMessage
SetMenu
EnableWindow
SetScrollRange
SetWindowTextA
SystemParametersInfoA
DestroyMenu
GetScrollRange
SetScrollPos
GetScrollPos
SetForegroundWindow
ShowScrollBar
IsWindowVisible
UpdateWindow
DispatchMessageA
GetMessageA
SetWindowsHookExA
EndDialog
GetClientRect

gdi32

GetLayout
MoveToEx
LineTo
SetTextAlign
SetLayout
CreateCompatibleDC
IntersectClipRect
SelectObject
GetObjectA
GetDeviceCaps
DeleteObject
CreateDIBSection
BitBlt
ExcludeClipRect
GetClipBox
SetMapMode
GetTextFaceA
SelectClipRgn
SetPixelV
SetPaletteEntries
ExtFloodFill
GetBoundsRect
FrameRgn
FillRgn
SetROP2
SetPolyFillMode
SetBkMode
RestoreDC
SaveDC
SetBkColor
SetTextColor
DeleteDC
CopyMetaFileA
PtInRegion
GetViewportOrgEx
GetWindowOrgEx
LPtoDP
EnumFontFamiliesExA
GetRgnBox
OffsetRgn
Rectangle
SetPixel
StretchBlt
SetDIBColorTable
Polygon
Ellipse
Polyline
CreateEllipticRgn
GetTextColor
CreatePolygonRgn
CreateRoundRectRgn
GetSystemPaletteEntries
RealizePalette
GetNearestPaletteIndex
GetPaletteEntries
CreatePalette
GetBkColor
GetTextCharsetInfo
EnumFontFamiliesA
GetTextMetricsA
CreateDIBitmap
CreateCompatibleBitmap
DPtoLP
PatBlt
CombineRgn
SetRectRgn
CreateRectRgnIndirect
GetTextExtentPoint32A
CreateFontIndirectA
CreateHatchBrush
CreateSolidBrush
CreatePen
GetObjectType
SelectPalette
GetStockObject
CreateBitmap
CreatePatternBrush
ExtSelectClipRgn
ScaleWindowExtEx
SetWindowExtEx
OffsetWindowOrgEx
SetWindowOrgEx
ScaleViewportExtEx
SetViewportExtEx
OffsetViewportOrgEx
SetViewportOrgEx
Escape
ExtTextOutA
TextOutA
RectVisible
PtVisible
GetPixel
GetWindowExtEx
CreateRectRgn
GetViewportExtEx
CreateDCA

advapi32

RegSetValueExA
RegDeleteValueA
RegDeleteKeyA
RegOpenKeyA
RegQueryValueExA
OpenProcessToken
LookupPrivilegeValueA
AdjustTokenPrivileges
RegCreateKeyExA
RegCloseKey
RegOpenKeyExA
RegEnumKeyExA

shell32

SHAppBarMessage
SHBrowseForFolderA
DragQueryFileA
DragFinish
ShellExecuteA
SHGetSpecialFolderLocation
SHGetPathFromIDListA
SHGetDesktopFolder
SHGetFileInfoA
SHGetFolderPathA

ole32

OleGetClipboard
RegisterDragDrop
RevokeDragDrop
CoTaskMemFree
DoDragDrop
OleLockRunning
IsAccelerator
OleTranslateAccelerator
OleDestroyMenuDescriptor
OleCreateMenuDescriptor
CoInitializeEx
CreateStreamOnHGlobal
CoUninitialize
OleDuplicateData
CoTaskMemAlloc
ReleaseStgMedium
CoLockObjectExternal
CoInitialize
CoCreateInstance

oleaut32

SysAllocString
SysAllocStringLen
VariantClear
SystemTimeToVariantTime
VariantTimeToSystemTime
VariantInit
SysFreeString
VarBstrCmp
SysStringLen
VariantChangeType
VarBstrFromDate

imm32

ImmGetOpenStatus
ImmGetCompositionStringA
ImmGetContext
ImmReleaseContext

shlwapi

PathFindExtensionW
PathFileExistsA
UrlUnescapeA
PathStripToRootA
PathIsUNCA
PathFindFileNameA
PathRemoveFileSpecW
PathFindExtensionA

msimg32

TransparentBlt
AlphaBlend

comctl32

ImageList_GetIconSize

gdiplus

GdipFree
GdipDisposeImage
GdipSaveImageToFile
GdipCreateBitmapFromScan0
GdipCreateBitmapFromHBITMAP
GdipGetImageEncodersSize
GdipGetImageEncoders
GdiplusStartup
GdiplusShutdown
GdipCloneImage
GdipDeleteGraphics
GdipCreateFromHDC
GdipSetInterpolationMode
GdipDrawImageRectI
GdipGetImageWidth
GdipGetImageHeight
GdipGetImagePixelFormat
GdipGetImagePaletteSize
GdipGetImagePalette
GdipCreateBitmapFromStream
GdipBitmapLockBits
GdipBitmapUnlockBits
GdipGetImageGraphicsContext
GdipDrawImageI
GdipAlloc

oleacc

LresultFromObject
ObjectFromLresult
CreateStdAccessibleObject
AccessibleObjectFromWindow

wininet

InternetReadFile
InternetCanonicalizeUrlA
InternetOpenUrlA
InternetWriteFile
InternetSetFilePointer
InternetSetStatusCallback
InternetOpenA
InternetGetLastResponseInfoA
InternetCloseHandle
InternetQueryDataAvailable
InternetQueryOptionA
InternetCrackUrlA

winmm

PlaySoundA

winspool.drv

ClosePrinter
OpenPrinterA
DocumentPropertiesA

comdlg32

GetFileTitleA

Exports

Exports

EndRecordKey
StartRecordKey

Sections

.text
Size: 1.2MB - Virtual size: 1.2MB

IMAGE_SCN_CNT_CODE
IMAGE_SCN_MEM_EXECUTE
IMAGE_SCN_MEM_READ

.rdata
Size: 268KB - Virtual size: 267KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.data
Size: 23KB - Virtual size: 53KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

rkshare
Size: 512B - Virtual size: 32B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ
IMAGE_SCN_MEM_WRITE

.rsrc
Size: 1024B - Virtual size: 696B

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_READ

.reloc
Size: 167KB - Virtual size: 166KB

IMAGE_SCN_CNT_INITIALIZED_DATA
IMAGE_SCN_MEM_DISCARDABLE
IMAGE_SCN_MEM_READ

Sharing

General

Malware Config

Signatures

Files

aa74496db167796b479f918c1c7b2408

Headers

DLL Characteristics

File Characteristics

PDB Paths

Imports

kernel32

user32

gdi32

advapi32

shell32

ole32

oleaut32

imm32

shlwapi

msimg32

comctl32

gdiplus

oleacc

wininet

winmm

winspool.drv

comdlg32

Exports

Exports

Sections

.text Size: 1.2MB - Virtual size: 1.2MB

.rdata Size: 268KB - Virtual size: 267KB

.data Size: 23KB - Virtual size: 53KB

rkshare Size: 512B - Virtual size: 32B

.rsrc Size: 1024B - Virtual size: 696B

.reloc Size: 167KB - Virtual size: 166KB

.text
Size: 1.2MB - Virtual size: 1.2MB

.rdata
Size: 268KB - Virtual size: 267KB

.data
Size: 23KB - Virtual size: 53KB

rkshare
Size: 512B - Virtual size: 32B

.rsrc
Size: 1024B - Virtual size: 696B

.reloc
Size: 167KB - Virtual size: 166KB